密钥和 IV 分配给 AES object 的目的是什么?
[英]What is the purpose of key and IV assignment to AES object?
问题描述
In MSDN for AES I can see the following part in the sample.
在 MSDN for AES 中,我可以在示例中看到以下部分。
...
using (Aes aesAlg = Aes.Create())
{
aesAlg.Key = Key;
aesAlg.IV = IV;
ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
...
} ...
I've tried to skipping the assignment of key and IV to the AES object (although setting them in the creation of the encryptor like this.我试图跳过将密钥和 IV 分配给 AES object (尽管像这样在创建加密器时设置它们。
...
using (Aes aesAlg = Aes.Create())
{
//aesAlg.Key = Key;
//aesAlg.IV = IV;
ICryptoTransform encryptor = aesAlg.CreateEncryptor(Key, IV);
...
} ...
It seems to make no difference in the outcome.结果似乎没有什么不同。 However, since it is a part of the sample, I worry that there is a case when it matters.但是,由于它是样本的一部分,我担心有一个重要的案例。 It might be that I only tried examples where it doesn't show.可能是我只尝试了没有显示的示例。
When do I need to assign the key and IV to the AES object?何时需要将密钥和 IV 分配给 AES object?
1 个解决方案
解决方案1
2 已采纳 2021-05-17 02:44:20
In the first code snippet, you've assigned values to the Key and IV properties of the symmetric algorithm object so you don't need to pass them again when you create the crypto transform.在第一个代码片段中,您已将值分配给对称算法 object 的Key和IV属性,因此在创建加密转换时无需再次传递它们。 In this case, use the parameterless overload which uses the already assigned Key and IV to create the encryptor/decryptor.在这种情况下,使用使用已分配的Key和IV的无参数重载来创建加密器/解密器。
using (Aes aesAlg = Aes.Create())
{
aesAlg.Key = Key;
aesAlg.IV = IV;
ICryptoTransform encryptor = aesAlg.CreateEncryptor();
// ...
}
The second code snippet will create the same transform using the passed Key and IV params regardless of the aesAlg.Key and aesAlg.IV values.第二个代码片段将使用传递的Key和IV参数创建相同的转换,而不考虑aesAlg.Key和aesAlg.IV值。 Consider the following:考虑以下:
using (Aes aesAlg = Aes.Create())
{
aesAlg.Key = Key;
aesAlg.IV = IV;
ICryptoTransform encryptor = aesAlg.CreateEncryptor(someOtherKey, somOtherIV);
// ...
}
Here, someOtherKey and someOtherIV are used to create the transform and the aesAlg properties are ignored.这里, someOtherKey和someOtherIV用于创建转换,忽略aesAlg属性。 Another example to consider:另一个需要考虑的例子:
using (Aes aesAlg = Aes.Create())
{
ICryptoTransform encryptor = aesAlg.CreateEncryptor();
// ...
}
Now, both aesAlg.Key & aesAlg.IV properties are null and the .CreateEncryptor() will use them to create the transform.现在, aesAlg.Key和aesAlg.IV属性都是null并且.CreateEncryptor()将使用它们来创建转换。 However, the method won't throw any exceptions because the getters of these properties - by design - don't return null and they create and assign random values instead.但是,该方法不会抛出任何异常,因为这些属性的 getter(按设计)不会返回null而是创建并分配随机值。
You might want to try the following:您可能想尝试以下方法:
private void SomeCaller()
{
using (var crypto = Aes.Create())
{
// A random Key is generated...
PrintHexValue(crypto.Key);
// And assigned...
PrintHexValue(crypto.Key);
var pass = "Konrad Viltersten";
var bytes = Encoding.UTF8.GetBytes(pass);
var rfc = new Rfc2898DeriveBytes(pass,
new SHA256Managed().ComputeHash(bytes), 1000);
var key = rfc.GetBytes(crypto.LegalKeySizes[0].MaxSize / 8);
var iv = rfc.GetBytes(crypto.LegalBlockSizes[0].MinSize / 8);
// Doesn't change the crypto.Key and crypto.IV properties...
var encr = crypto.CreateEncryptor(key, iv);
// The generated password-based key...
PrintHexValue(key);
// The random key remains...
PrintHexValue(crypto.Key);
crypto.Key = key;
crypto.IV = iv;
// The password-based key is assigned to the crypto.Key...
PrintHexValue(crypto.Key);
}
}
private void PrintHexValue(byte[] bytes) =>
Console.WriteLine(BitConverter.ToString(bytes).Replace("-", string.Empty));
Conclusion结论
Your second code snippet is a shortcut to create a crypto transform.您的第二个代码片段是创建加密转换的快捷方式。 You'll need the first one In wider scopes like this one for example.例如,您将需要第一个在更广泛的范围内,例如这个。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.