[英]C# Weird encryption issue
我已經在自己的框架中創建了自己的加密系統,並且已經使用了一段時間,但是它可以正常工作,但是我發現一個嚴重的問題:如果需要加密的字符串正好是4個字符長,第二個字符變為最后一個字符,如下所示:
1234> 1434
2408> 2808
24082408> 24082408
123> 123
12> 12
12345> 12345
實際上,只有在字符串恰好為4個字符(少/多)時,它才會發生,並且絕對可以正常工作!
我不知道是造成它的加密還是解密...
要加密的代碼:
public static string DoEncrypt(string ToEncrypt, [Optional, DefaultParameterValue(true)] bool UseHashing)
{
Memory.HasInitializedCheck();
int intLenght = ToEncrypt.Length - 1;
string NewString = null;
for (int intCount = intLenght; intCount >= 0; intCount--)
{
if (intCount == 2)
{
NewString += ToEncrypt.Substring(intLenght, 1);
}
else if (intCount == 1)
{
NewString += ToEncrypt.Substring(intLenght - 1, 1);
}
else if (intCount == intLenght - 1)
{
NewString += ToEncrypt.Substring(1, 1);
}
else if (intCount == intLenght)
{
NewString += ToEncrypt.Substring(2, 1);
}
else
{
NewString += ToEncrypt.Substring(intCount, 1);
}
}
char[] array = Application.ProductName.ToCharArray();
Array.Reverse(array);
NewString += "#" + new string(array) + "#";
byte[] keyArray;
byte[] ToEncryptArray = UTF8Encoding.UTF8.GetBytes(NewString);
if (UseHashing)
{
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(MechaKey));
hashmd5.Clear();
}
else
{
keyArray = UTF8Encoding.UTF8.GetBytes(MechaKey);
}
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
tdes.Key = keyArray;
tdes.Mode = CipherMode.ECB;
tdes.Padding = PaddingMode.PKCS7;
ICryptoTransform cTransform = tdes.CreateEncryptor();
byte[] resultArray = cTransform.TransformFinalBlock(ToEncryptArray, 0, ToEncryptArray.Length);
tdes.Clear();
String FinalEnc = Convert.ToBase64String(resultArray, 0, resultArray.Length);
return FinalEnc;
}
和代碼解密
public static string DoDecrypt(string ToDecrypt, [Optional, DefaultParameterValue(true)] bool UseHashing)
{
Memory.HasInitializedCheck();
byte[] keyArray;
byte[] toEncryptArray = Convert.FromBase64String(ToDecrypt);
if (UseHashing)
{
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(MechaKey));
hashmd5.Clear();
}
else
keyArray = UTF8Encoding.UTF8.GetBytes(MechaKey);
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
tdes.Key = keyArray;
tdes.Mode = CipherMode.ECB;
tdes.Padding = PaddingMode.PKCS7;
ICryptoTransform cTransform = tdes.CreateDecryptor();
byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
Array.Reverse(resultArray);
string UTF = UTF8Encoding.UTF8.GetString(resultArray);
int lenght = Application.ProductName.Length + 2;
bool start = false;
string appname = null;
try
{
if (UTF.Substring(0, lenght) != "#" + Application.ProductName + "#")
{
for (int appchecker = 0; appchecker < UTF.Length; appchecker++)
{
if (UTF.Substring(appchecker, 1) == "#" && start == false)
{
appchecker = appchecker + 1;
start = true;
}
if (start)
{
appname += UTF.Substring(appchecker, 1);
}
if (UTF.Substring(appchecker + 1, 1) == "#" && start == true)
{
break;
}
}
return "IDMismatch Key belongs to " + appname + " %E01";
}
}
catch
{
return "IDMismatch Key lenght incorrect %E02";
}
UTF = UTF.Replace("#" + Application.ProductName + "#", "");
char[] UTFChar = UTF.ToCharArray();
Array.Reverse(UTFChar);
int intLengt = UTFChar.Length - 1;
string NewString = null;
for (int intCount = 0; intCount <= intLengt; intCount++)
{
if (intCount == 2)
{
NewString += UTF.Substring(intLengt, 1);
}
else if (intCount == 1)
{
NewString += UTF.Substring(intLengt - 1, 1);
}
else if (intCount == intLengt - 1)
{
NewString += UTF.Substring(1, 1);
}
else if (intCount == intLengt)
{
NewString += UTF.Substring(2, 1);
}
else
{
NewString += UTF.Substring(intCount, 1);
}
}
tdes.Clear();
return NewString;
}
}
我嘗試了不同的加密密鑰,但沒有任何改變。
誰能告訴我怎么了?
謝謝
問題在於這兩種情況
if (intCount == 1)
{
NewString += ToEncrypt.Substring(intLenght - 1, 1);
}
和
else if (intCount == intLenght)
{
NewString += ToEncrypt.Substring(2, 1);
}
如果ToEnrypt
的長度為4,則intLength = 3
,這兩個條件都采用ToEncrypt
的第三個字符,但是其他任何一個都不能采用字符串的第二個字符,因為對於少於5個字符的輸入,您將永遠無法達到最后else
塊。
順便說一句,對輸入數據進行混洗不會為您的加密增加任何重要的安全性。 堅持使用眾所周知的加密方案,並從密鑰的大小上獲得安全性。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.