CryptDeriveKey 对于 AES 算法名称失败
我正在尝试在我的应用程序中实现 AES 加密。我有以下代码来创建用户密码的哈希版本。
PasswordDeriveBytes passwdHash = new PasswordDeriveBytes( password, salt,
"SHA1", 128 );
byte[] keyBytes = passwdHash.CryptDeriveKey( "AES", "SHA1",
192, iv );
第二行抛出一个 System.Security.Cryptography.CryptographyException
,并显示错误消息对象标识符 (OID) 未知
。我使用 Reflector 来验证是否抛出错误,因为 CryptDeriveKey()
不喜欢“AES”算法名称(我使用 AesCryptoServiceProvider()
来执行加密)。我尝试将名称更改为“AESManaged”、“AES192”和“Rijndael”,但它们都抛出相同的异常。
我该如何让它发挥作用?或者是否有另一种派生密钥字节的方法? 另外,是否有任何关于允许的算法名称字符串的文档?我在 MSDN 文档中找不到该功能的任何内容。
我正在使用 Visual Studio 2008 和目标 .NET Framework 3.5
提前感谢您的帮助!
I'm trying to implement AES encryption in my application. I have the following code to create a hashed version of the user password.
PasswordDeriveBytes passwdHash = new PasswordDeriveBytes( password, salt,
"SHA1", 128 );
byte[] keyBytes = passwdHash.CryptDeriveKey( "AES", "SHA1",
192, iv );
The second line throws a System.Security.Cryptography.CryptographicException
with the error message Object identifier (OID) is unknown
. I used Reflector to verify that the error is being thrown because CryptDeriveKey()
does not like the "AES" algorithm name (I'm using AesCryptoServiceProvider()
to perform the encryption). I tried changing the name to "AESManaged", "AES192" and "Rijndael" but they all throw the same exception.
How do I get this to work? Or is there an alternative method of deriving the key bytes?
Also, is there any documentation on what the allowed algorithm name strings are? I can't find anything on the MSDN docs for that function.
I'm using Visual Studio 2008 and target .NET framework 3.5
Thanks in advance for your help!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
为什么要从密码盐而不是密码本身派生密钥?通常您使用“原始”密码和盐;事实上,在我的书(grin)中,第 6 章有以下示例。
当然,salt 应该是一个加密安全的随机字节数组;
Why do you want to derive a key from a password salt rather than the password itself? Usually you use the "raw" password and a salt; indeed in my book (grin) chapter 6 has the following sample.
Of course salt should be a cryptographically secure random byte array;
看起来这不支持 AES: http://social.msdn.microsoft.com/Forums/en-US/netfxbcl/thread/61d85001-2eae-4419-b4bf-ce98d46f4d21/
我还发现了这个:http://www.koders.com/csharp/fidDDE5F3FF54C91BC673350363EAECC0D815A68F92.aspx
看起来像Rijndael 应该可以工作。看来密钥大小仅设置为 16...
Looks like this doesn't support AES: http://social.msdn.microsoft.com/Forums/en-US/netfxbcl/thread/61d85001-2eae-4419-b4bf-ce98d46f4d21/
I also found this: http://www.koders.com/csharp/fidDDE5F3FF54C91BC673350363EAECC0D815A68F92.aspx
It looks like Rijndael should work. It appears that the key size is only set to 16 though...