[英]How to decrypt with WinRT without changing existing encryption code in .NET Desktop App?
我對整個加密/解密cr * p有一點問題;-)
是否可以在WinRt(Windows應用商店)中解密在.NET桌面應用程序中加密的數據,反之亦然? 我無法更改桌面應用程序的代碼,因為它已在使用中。
我已經嘗試過WinRT中有關CryptographicEngine的一些教程,但是我從未獲得與Desktop App匹配的結果。
也許有人可以幫我嗎? 我對.NET開發非常陌生,我從來沒有真正使用Encryption做任何事情,所以我不知道自己在做什么;-)
這是桌面應用程序中使用的一些代碼-我無法更改該代碼!
private string pwd = "password";
private string salt = "salt";
public byte[] Encrypt(byte[] data)
{
PasswordDeriveBytes derivedPassword = new PasswordDeriveBytes(pwd, Encoding.ASCII.GetBytes(salt));
byte[] key = derivedPassword.GetBytes(16);
byte[] iv = Encoding.ASCII.GetBytes("1234567891234567");
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
byte[] cipherBytes = null;
using (ICryptoTransform encryptor = symmetricKey.CreateEncryptor(key, iv))
{
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cryptoStream = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(data, 0, data.Length);
cryptoStream.FlushFinalBlock();
cryptoStream.Close();
cipherBytes = ms.ToArray();
ms.Close();
}
}
}
symmetricKey.Clear();
return cipherBytes;
}
這是我在WinRT中嘗試過的示例方法-但結果與桌面應用程序不同(大多數代碼來自http://blog.lordinaire.fr/2012/12/winrt-encryption-and-decryption- with-aes-algorithm / )
無效代碼已刪除-請參見編輯
我真的很感謝您的幫助
來自奧地利的問候
編輯我嘗試了一些嘗試,但是我仍然無法使其正常工作:(我只是無法獲得正確的密鑰。盡管如此,為了測試加密,我對密鑰進行了硬編碼-然后它可以工作。
就像Nate Diamond所建議的那樣,我將KeyDerivationAlogrithm與空鹽和已經加鹽的密碼一起使用。 一個問題是,我不知道如何“加鹽”。 我嘗試將鹽放在前面,后面,中間,並交替每個符號-仍然不是正確的鍵:(這是我正在使用的代碼:
// password = 11112222333344445555 // salt = aaaabbbbccccddddeeee
private string password = "11112222333344445555aaaabbbbccccddddeeee";
private byte[] salt = new byte[20];
private uint iterationCount = 100;
private static byte[] keyBytes = null;
public static byte[] KeyBytes
{
get
{
//for (int i = 0; i < salt.Length; i++)
//{
// salt[i] = 0;
//}
// Setup KDF parameters for the desired salt and iteration count
KeyDerivationParameters kdfParameters = KeyDerivationParameters.BuildForPbkdf2(CryptographicBuffer.CreateFromByteArray(salt), iterationCount);
// Get a KDF provider for PBKDF2, and store the source password in a Cryptographic Key
KeyDerivationAlgorithmProvider kdf = KeyDerivationAlgorithmProvider.OpenAlgorithm(KeyDerivationAlgorithmNames.Pbkdf2Sha1);
IBuffer passwordBuffer = CryptographicBuffer.ConvertStringToBinary(password, BinaryStringEncoding.Utf8);
CryptographicKey passwordSourceKey = kdf.CreateKey(passwordBuffer);
// Generate key material from the source password, salt, and iteration count. Only call DeriveKeyMaterial once,
// since calling it twice will generate the same data for the key and IV.
uint totalDataNeeded = 16;
IBuffer keyAndIv = CryptographicEngine.DeriveKeyMaterial(passwordSourceKey, kdfParameters, totalDataNeeded);
// Split the derived bytes into a seperate key and IV
keyBytes = keyAndIv.ToArray();
return keyBytes;
}
}
這是我的加密方法的代碼-它產生的結果與.NET Desktop App中的結果相同:)
private byte[] btVector = Encoding.UTF8.GetBytes("1234567891234567");
private byte[] keyBytes = Encoding.UTF8.GetBytes("123456789123456789123456");
public byte[] Encrypt(byte[] data)
{
// Get the key and iv and put all into IBuffers
IBuffer keyBuffer = WindowsRuntimeBuffer.Create(KeyBytes, 0, 16, 16); ;
IBuffer iv = WindowsRuntimeBuffer.Create(InitialVectorBytes, 0, 16, 16);
IBuffer plainText = CryptographicBuffer.CreateFromByteArray(data);
byte[] encryptedData;
// Setup an AES key, using AES in CBC mode and applying PKCS#7 padding on the input
SymmetricKeyAlgorithmProvider aesProvider = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);
CryptographicKey aesKeySymm = aesProvider.CreateSymmetricKey(keyBuffer);
// Encrypt the data and convert it to byte array
IBuffer encrypted = CryptographicEngine.Encrypt(aesKeySymm, plainText, iv);
CryptographicBuffer.CopyToByteArray(encrypted, out encryptedData);
return encryptedData;
}
PBKDF [1/2]基本上是這樣的:
1. Take a password.
2. Add a salt.
3. Hash the combined password and salt. Store in `result`
4. For (number of iterations)
1. Hash `result`, store in `result`.
PBKDF1和PBKDF2之間的最大區別是步驟4的第一部分。在PBKDF1中,它是印刷而成的。 在PBKDF2中,它更改為:
4. For (number of iterations)
1. Combine `result` and `salt`. Store in `result`
2. Hash `result`, store in `result`.
因此,您有一些選擇。
選項1:
創建PBKDF1的自定義實現。 HashAlgorithmProvider
使重復哈希結果變得非常容易。
選項2:
將PBKDF2與空的salt
byte
數組結合使用,並將鹽和密碼組合作為secret
。 這應具有與PBKDF1相同的效果。
應該注意的是,如果可能的話,您應該切換到使用PBKDF2。
希望這對您有所幫助,並祝您編程愉快!
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.