C#3des加密,如何知道何时失败?
[英]C# 3des encryption, how to know when it fails?
问题描述
I am using this code to encryp/decrypt strings between c# and php: 
我正在使用此代码来加密/解密c#和php之间的字符串:
class encryption
{
public string SimpleTripleDes(string Data)
{
byte[] key = Encoding.ASCII.GetBytes("passwordDR0wSS@P6660juht");
byte[] iv = Encoding.ASCII.GetBytes("password");
byte[] data = Encoding.ASCII.GetBytes(Data);
byte[] enc = new byte[0];
TripleDES tdes = TripleDES.Create();
tdes.IV = iv;
tdes.Key = key;
tdes.Mode = CipherMode.CBC;
tdes.Padding = PaddingMode.Zeros;
ICryptoTransform ict = tdes.CreateEncryptor();
enc = ict.TransformFinalBlock(data, 0, data.Length);
return ByteArrayToString(enc);
}
public string SimpleTripleDesDecrypt(string Data)
{
byte[] key = Encoding.ASCII.GetBytes("passwordDR0wSS@P6660juht");
byte[] iv = Encoding.ASCII.GetBytes("password");
byte[] data = StringToByteArray(Data);
byte[] enc = new byte[0];
TripleDES tdes = TripleDES.Create();
tdes.IV = iv;
tdes.Key = key;
tdes.Mode = CipherMode.CBC;
tdes.Padding = PaddingMode.Zeros;
ICryptoTransform ict = tdes.CreateDecryptor();
enc = ict.TransformFinalBlock(data, 0, data.Length);
return Encoding.ASCII.GetString(enc);
}
public static string ByteArrayToString(byte[] ba)
{
string hex = BitConverter.ToString(ba);
return hex.Replace("-", "");
}
public static byte[] StringToByteArray(String hex)
{
int NumberChars = hex.Length;
byte[] bytes = new byte[NumberChars / 2];
for (int i = 0; i < NumberChars; i += 2)
bytes[i / 2] = Convert.ToByte(hex.Substring(i, 2), 16);
return bytes;
}
}
Now what I'd like to do is to know when the decryption failed, when it fails it show me a messagebox with this text: 现在,我想做的是知道解密失败的时间,解密失败的时候,显示一个带有以下文本的消息框:
Could not find any recognizable digits
I could just compare that to the decrypted string bu, will this "error" text be the same on all computers even if they .net lib is from another language? 我可以将其与解密的字符串bu进行比较,即使它们的.net lib来自另一种语言,该“错误”文本在所有计算机上是否也会相同?
1 个解决方案
解决方案1
1 已采纳 2011-02-24 20:40:55
'Decryption failed' could mean many things. “解密失败”可能意味着很多事情。
- You decrypt engine TransformFinalBlock() throws exception because you supplied invalid key or IV 您解密引擎TransformFinalBlock()引发异常,因为您提供了无效的密钥或IV
- You supplied valid but incorrect IV - this can be taken care of because you know their correct values and how they are protected. 您提供了有效但不正确的IV-可以解决这一问题,因为您知道它们的正确值以及如何保护它们。
- you supplied correct key, IV but wrong cyphertext (or tampered). 您提供了正确的密钥IV,但密文错误(或被篡改)。
1 is algorithimic failure and can be handled. 1是算法故障,可以处理。
For 2 and 3 unfortunately without comparing decrypted text with orignal plaintext it's difficult to know whether 'decryption failed,' unless you introduce some additional measures for tamper-checks - hashing is the one answer for that. 不幸的是,对于2和3,如果不将解密的文本与原始的纯文本进行比较,就很难知道“解密是否失败”,除非您引入一些其他篡改检查措施-哈希是解决这一问题的唯一方法。 In both cases result could be inconsistent. 在这两种情况下,结果都可能不一致。
Tamper detection is unlikely in both stream ciphers and block ciphers, because these are not designed for this purpose. 流密码和分组密码都不大可能进行篡改检测,因为它们不是为此目的而设计的。 You have to use a combination of ctyptographic techniques to create a reselient infrastructure. 您必须结合使用密码技术来创建可靠的基础结构。
If you have a .NET library, designed to give a specific message, it doesnot matter what language (I am assuming you're talking about a CLS compliant language, C#, VB.NET etc.) it was written in and what computer it runs on, the behaviour ought to be consistent. 如果您有一个.NET库,旨在提供特定的消息,则使用哪种语言(用哪种语言(我假设您正在谈论的是CLS兼容语言,C#,VB.NET等))都无关紧要。继续,行为应该是一致的。
EDIT: Block ciphers always add padding to your plaintext irrespective of chaining technique used to get the next full block size before encryption. 编辑:分组密码总是向您的明文添加填充,而与用于在加密之前获取下一个完整块大小的链接技术无关。 Decryption should remove padding, but you might expect a string terminated with one or more nulls. 解密应删除填充,但您可能希望字符串以一个或多个空值终止。 Be wary of this and consider maintaining length of your data. 请注意这一点,并考虑保持数据长度。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.