加密和解密给定密钥的字符串

Question

I inherited the code below. Unfortunately, the decrypted value of hello_world is not:

hello world

but (in my case):

&�|ktR���ڼ��S����%��< ���8�

Any ideas? It also appears that the result is different every time, which is kind of obvious given the code. Could I change this so that I can send the data encryted once and then decrypt in the future again? Thanks!

Code:

using System;
using System.IO;
using System.Security.Cryptography;

namespace crypt
{
    class Program
    {
        static void Main(string[] args)
        {
            var key = @"abcdefghijklmnopqrstuvw==";

            using (var aesAlg = Aes.Create())
            {
                aesAlg.Mode = CipherMode.CBC;
                aesAlg.Padding = PaddingMode.PKCS7;
                aesAlg.Key = Convert.FromBase64String(key);
                aesAlg.GenerateIV();
                var encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);

                var enc_hello_world = EncryptProperty(encryptor, "hello world");

                var hello_world = DecryptProperty(encryptor, enc_hello_world);
            }

        }
        private static string EncryptProperty(ICryptoTransform encryptor, string valueToEncrypt)
        {
            byte[] encrypted;
            using (var msEncrypt = new MemoryStream())
            {
                using (var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                {
                    using (var swEncrypt = new StreamWriter(csEncrypt))
                    {
                        swEncrypt.Write(valueToEncrypt);
                    }
                    encrypted = msEncrypt.ToArray();
                }
            }
            return Convert.ToBase64String(encrypted);
        }

        private static string DecryptProperty(ICryptoTransform decryptor, string valueToDecrypt)
        {
            string decrypted;

            using (var msDecrypt = new MemoryStream(Convert.FromBase64String(valueToDecrypt)))
            {
                using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                {
                    using (var srDecrypt = new StreamReader(csDecrypt))
                    {
                        decrypted = srDecrypt.ReadToEnd();
                    }
                }
            }
            return decrypted;
        }
    }
}

Answer 1

AES-CBC requires two variables to encode and decode data: key and IV (initialization vector). Initialization vector can be sent in plaintext and it doesn't result in worse security of your encryption.

aesAlg.GenerateIV();

This is where your IV gets created, you need to store this (I do this by prepending that to the resulting data) and then access it and set the IV when decrypting.

You could also use an empty IV but this will make it easier for attackers to expose your key, so this is not recommended.

Here is a good example of AES in C#: https://gist.github.com/mark-adams/87aa34da3a5ed48ed0c7 (it seems to be using the method I've mentioned).