AES单发API解密如果没有加密的话

发布于 2025-01-20 02:25:46 字数 1274 浏览 2 评论 0原文

以下示例按预期工作：

using System.Security.Cryptography;

string key = "1234567890123456";
byte[] keyBytes = Encoding.ASCII.GetBytes(key);

string dec = "Hello One-Shot API!";
byte[] decBytes = Encoding.ASCII.GetBytes(dec);

// Encrypt
using Aes aes = Aes.Create();
byte[] encBytes = aes.EncryptCbc(decBytes, keyBytes);

// Decrypt again
byte[] recBytes = aes.DecryptCbc(encBytes, keyBytes);
string rec = Encoding.ASCII.GetString(recBytes);

Debug.Assert(rec == dec);

但是，如果我创建一个新 Aes 实例来调用 DecryptCbc，它会抛出 System.Security .Cryptography.CryptographicException：填充无效且无法删除。 异常：

...
// Encrypt
using Aes aes = Aes.Create();
byte[] encBytes = aes.EncryptCbc(decBytes, keyBytes);

// Decrypt again - this time with new instance
using Aes aes2 = Aes.Create();
byte[] recBytes = aes2.DecryptCbc(encBytes, keyBytes); // <- throws
...

我在这里遗漏了什么吗？调用 EncryptCbc 时，Aes 实例中是否设置了仅用于解密时不存在的状态？我是否必须保留 Aes 实例，如果我之前没有使用它进行加密，那么最初如何使用它进行解密？

原文

I'm attempting to roundtrip crypting some data with the new .NET 6 AES one-shot APIs.

The following example works as expected:

using System.Security.Cryptography;

string key = "1234567890123456";
byte[] keyBytes = Encoding.ASCII.GetBytes(key);

string dec = "Hello One-Shot API!";
byte[] decBytes = Encoding.ASCII.GetBytes(dec);

// Encrypt
using Aes aes = Aes.Create();
byte[] encBytes = aes.EncryptCbc(decBytes, keyBytes);

// Decrypt again
byte[] recBytes = aes.DecryptCbc(encBytes, keyBytes);
string rec = Encoding.ASCII.GetString(recBytes);

Debug.Assert(rec == dec);

But if I create a new Aes instance to call DecryptCbc on, it throws a System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed. exception:

...
// Encrypt
using Aes aes = Aes.Create();
byte[] encBytes = aes.EncryptCbc(decBytes, keyBytes);

// Decrypt again - this time with new instance
using Aes aes2 = Aes.Create();
byte[] recBytes = aes2.DecryptCbc(encBytes, keyBytes); // <- throws
...

Am I missing something here? Is there state set up in an Aes instance when calling EncryptCbc that doesn't exist when only using it for decryption? Do I have to keep the Aes instance around, and then how would I use it for decryption initially if I haven't encrypted with it before?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

梦境 2025-01-27 02:25:46

正如评论中提到的，我将 IV 参数误认为是密钥，因为我正在移植不使用任何 IV 的旧代码。

在 Aes.Key 属性中设置密钥并使用空 IV（或者更好的是，修复旧代码并使用正确的 IV）后，它对每个新实例都按预期工作。

回复收藏 0 原文

聊慰 2025-01-27 02:25:46

对我有用的：

string key = "12345678901234567890123456789012"; // 32 length
private string Encrypt(string text, string key){
  byte[] encText = Encoding.UTF8.GetBytes(text);
  
  using(Aes enc = Aes.Create()){
    enc.key = Encoding.UTF8.GetBytes(key);
    return Convert.ToBase64String(enc.EncryptCbc(encText , new byte[16]));
  }
}

private string Decrypt(string hashText, string key){
  byte[] encText = Convert.FromBase64String(hashText);

  using(Aes enc = Aes.Create()){
    enc.key = Encoding.UTF8.GetBytes(key);
    byte[] decrypt = enc.DecryptCbc(encText, new byte[16]);
    
    return Encoding.UTF8.GetString(decrypt);
  }
}

What worked for me:

string key = "12345678901234567890123456789012"; // 32 length
private string Encrypt(string text, string key){
  byte[] encText = Encoding.UTF8.GetBytes(text);
  
  using(Aes enc = Aes.Create()){
    enc.key = Encoding.UTF8.GetBytes(key);
    return Convert.ToBase64String(enc.EncryptCbc(encText , new byte[16]));
  }
}

private string Decrypt(string hashText, string key){
  byte[] encText = Convert.FromBase64String(hashText);

  using(Aes enc = Aes.Create()){
    enc.key = Encoding.UTF8.GetBytes(key);
    byte[] decrypt = enc.DecryptCbc(encText, new byte[16]);
    
    return Encoding.UTF8.GetString(decrypt);
  }
}

回复收藏 0 原文

~没有更多了~