rijndael创建的eSecryptor将数据的长度抛向解密无效
在我的项目中,有一个部分可以通过几个加密提供商之一进行解密,例如descryptoserviceProvider,tripledEscryptoscryptoserviceProvider,rijndaelaelaged
没有项目在没有项目运行的情况下运行三个问题的任何问题,但是在fortify 建议使用rijndael管理后,系统开始将数据的长度扔向解密的是无效的。
简而言之。我不是密码学的专业人士,但是如果我没有错,问题应该与我创建byte []的方式有关。现在来了代码:
这是设置方法的部分:
public System.Security.Cryptography.SymmetricAlgorithm _crypto;
public void Symmetric(MyProject.Framework.Security.Symmetric.Provider provider)
{
switch (provider)
{
case MyProject.Framework.Security.Symmetric.Provider.DES:
this._crypto = new System.Security.Cryptography.DESCryptoServiceProvider();
break;
case MyProject.Framework.Security.Symmetric.Provider.RC2:
this._crypto = new System.Security.Cryptography.RC2CryptoServiceProvider();
break;
case MyProject.Framework.Security.Symmetric.Provider.Rijndael:
this._crypto = new System.Security.Cryptography.RijndaelManaged();
break;
case MyProject.Framework.Security.Symmetric.Provider.TripleDES:
this._crypto = new System.Security.Cryptography.TripleDESCryptoServiceProvider();
break;
}
}
这是生成字节数组的方法:
public byte[] FromHex(string hexEncoded)
{
if (hexEncoded == null || hexEncoded.Length == 0)
{
return null;
}
checked
{
byte[] result;
try
{
int num = Convert.ToInt32((double)hexEncoded.Length / 2.0);
byte[] array = new byte[num - 1 + 1];
int arg_36_0 = 0;
int num2 = num - 1;
for (int i = arg_36_0; i <= num2; i++)
{
array[i] = Convert.ToByte(hexEncoded.Substring(i * 2, 2), 16);
}
result = array;
}
catch (Exception expr_5A)
{
throw new FormatException("The provided string does not appear to be Hex encoded", expr_5A);
}
return result;
}
}
下面是我的解密方法,
public void Decrypt(byte[] encryptedData)
{
System.IO.MemoryStream stream = new System.IO.MemoryStream(encryptedData, 0, encryptedData.Length);
checked
{
byte[] array = new byte[encryptedData.Length - 1 + 1];
using (System.Security.Cryptography.CryptoStream cryptoStream = new System.Security.Cryptography.CryptoStream(stream, this._crypto.CreateDecryptor(), System.Security.Cryptography.CryptoStreamMode.Read))
{
try
{
cryptoStream.Read(array, 0, encryptedData.Length - 1);
}
catch (System.Security.Cryptography.CryptographicException expr_56)
{
throw new System.Security.Cryptography.CryptographicException("Unable to decrypt data. The provided key may be invalid.", expr_56);
}
finally
{
cryptoStream.Close();
}
}
}
}
当我调用解密方法时,
var provider = MyProject.Framework.Security.Symmetric.Provider.Rijndael;
instance.Symmetric(provider);
var openString = "C9B7163BFA3E5E46";
var byteArray = instance.FromHex(openString);
instance.Decrypt(byteArray);
它将数据的长度扔向解密的是如上所述,该 cryptostream.read(...)上的无效如上所述。
有人可以以正确的处理方式提供建议吗?这真的是我创建我发送到解密方法的字节数组的方式吗?
提前致谢。
In my project there is a section which makes decryption using one among several cryptography providers such as DESCryptoServiceProvider, TripleDESCryptoServiceProvider, RijndaelManaged etc.
Project was running without any issue with TripleDESCryptoServiceProvider, but after Fortify suggests to use RijndaelManaged, system starts to throw Length of the data to decrypt is invalid.
This was the story in short. I'm not a professional on cryptography things, but if I'm not wrong, the problem should be related with the way I'm creating my byte[]. Now here comes the codes:
This is the part where is set methodology:
public System.Security.Cryptography.SymmetricAlgorithm _crypto;
public void Symmetric(MyProject.Framework.Security.Symmetric.Provider provider)
{
switch (provider)
{
case MyProject.Framework.Security.Symmetric.Provider.DES:
this._crypto = new System.Security.Cryptography.DESCryptoServiceProvider();
break;
case MyProject.Framework.Security.Symmetric.Provider.RC2:
this._crypto = new System.Security.Cryptography.RC2CryptoServiceProvider();
break;
case MyProject.Framework.Security.Symmetric.Provider.Rijndael:
this._crypto = new System.Security.Cryptography.RijndaelManaged();
break;
case MyProject.Framework.Security.Symmetric.Provider.TripleDES:
this._crypto = new System.Security.Cryptography.TripleDESCryptoServiceProvider();
break;
}
}
And this is the method which generates the byte array:
public byte[] FromHex(string hexEncoded)
{
if (hexEncoded == null || hexEncoded.Length == 0)
{
return null;
}
checked
{
byte[] result;
try
{
int num = Convert.ToInt32((double)hexEncoded.Length / 2.0);
byte[] array = new byte[num - 1 + 1];
int arg_36_0 = 0;
int num2 = num - 1;
for (int i = arg_36_0; i <= num2; i++)
{
array[i] = Convert.ToByte(hexEncoded.Substring(i * 2, 2), 16);
}
result = array;
}
catch (Exception expr_5A)
{
throw new FormatException("The provided string does not appear to be Hex encoded", expr_5A);
}
return result;
}
}
Below is my Decrypt method,
public void Decrypt(byte[] encryptedData)
{
System.IO.MemoryStream stream = new System.IO.MemoryStream(encryptedData, 0, encryptedData.Length);
checked
{
byte[] array = new byte[encryptedData.Length - 1 + 1];
using (System.Security.Cryptography.CryptoStream cryptoStream = new System.Security.Cryptography.CryptoStream(stream, this._crypto.CreateDecryptor(), System.Security.Cryptography.CryptoStreamMode.Read))
{
try
{
cryptoStream.Read(array, 0, encryptedData.Length - 1);
}
catch (System.Security.Cryptography.CryptographicException expr_56)
{
throw new System.Security.Cryptography.CryptographicException("Unable to decrypt data. The provided key may be invalid.", expr_56);
}
finally
{
cryptoStream.Close();
}
}
}
}
When I call Decrypt method,
var provider = MyProject.Framework.Security.Symmetric.Provider.Rijndael;
instance.Symmetric(provider);
var openString = "C9B7163BFA3E5E46";
var byteArray = instance.FromHex(openString);
instance.Decrypt(byteArray);
It throws Length of the data to decrypt is invalid on that cryptoStream.Read(...) as described on above.
Could someone advice me with the correct way of handling these? Is it really the way I'm creating that byte array which I send to my Decrypt method?
Thanks in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论