ProtectedData类在TCPIP通讯中解密出错

Question

在服务器端（PC机）用ProtectedData加密之后到了手机端解密的时候出现CryptographicException异常，是否手机无法解密PC机的密文

---

Hengzhe Li
Application Support
EPX Service Engineering Support Team

Answer 1

楼主没有理解ProtectedData的用法。之所以能够protect数据，就是因为加了密的数据拿到别处去是无法解密的。简单讲，你的电脑和当前用户就相当于密钥，换一台机器或换一个用户是无法解密的。详情可参考：http://social.msdn.microsoft.com/Forums/zh-CN/233/thread/e8e95a9d-a5fe-4479-a7ff-492a8bce9137

Answer 2

多谢解释，看来得去补补加解密应用的知识了。

这样的话，在WP7和PC之间的TCPIP通信的话，协议内容如何加密好呢（使用SDK，不自己开发加解密算法）

---

Hengzhe Li
Application Support
EPX Service Engineering Support Team

Answer 3

你好,

你可以看下下面这个文章:

http://www.codeproject.com/Articles/185318/Windows-Phone-7-How-to-Encrypt-Communication-with

Answer 4

文章是不错，也是一种解决办法

不过现在TCPIP的框架已经做好了，再用一个新的框架不太现实。最好能只用原生SDK里面的工具来实现。嘿嘿

不过谢谢，还是坐等有人能用原生SDK来解决

---

Hengzhe Li
Application Support
EPX Service Engineering Support Team

Answer 5

用这段代码试试吧，我在我的一个WP7应用中就是这样加密解密的：

        public static string Encrypt(string data, string password)
        {
            if (data == null)
                return null;

            using (SymmetricAlgorithm algorithm = GetAlgorithm(password))
            using (MemoryStream memoryStream = new MemoryStream())
            using (CryptoStream cryptoStream = new CryptoStream(
              memoryStream, algorithm.CreateEncryptor(), CryptoStreamMode.Write))
            {
                // Convert the original data to bytes then write them to the CryptoStream
                byte[] buffer = Encoding.Unicode.GetBytes(data);
                cryptoStream.Write(buffer, 0, buffer.Length);
                cryptoStream.FlushFinalBlock();
                // Convert the encrypted bytes back into a string
                return Convert.ToBase64String(memoryStream.ToArray());
            }
        }
        public static string Decrypt(string data, string password)
        {
            if (data == null)
                return null;

            using (SymmetricAlgorithm algorithm = GetAlgorithm(password))
            using (MemoryStream memoryStream = new MemoryStream())
            using (CryptoStream cryptoStream = new CryptoStream(
              memoryStream, algorithm.CreateDecryptor(), CryptoStreamMode.Write))
            {
                // Convert the encrypted string to bytes then write them
                // to the CryptoStream
                byte[] buffer = Convert.FromBase64String(data);
                cryptoStream.Write(buffer, 0, buffer.Length);
                cryptoStream.FlushFinalBlock();
                // Convert the original data back to a string
                buffer = memoryStream.ToArray();
                return Encoding.Unicode.GetString(buffer, 0, buffer.Length);
            }
        }

Answer 6

多谢 Main Tao, 能不能把 GetAlgorithm 函数的源代码也粘上来呢

---

Hengzhe Li
Application Support
EPX Service Engineering Support Team

Answer 7

不好意思，忘记一起放上来了：

        static SymmetricAlgorithm GetAlgorithm(string password)
        {
            // Use the Advanced Encryption Standard (AES) algorithm
            AesManaged algorithm = new AesManaged();

            // Derive an encryption key from the password
            Rfc2898DeriveBytes bytes = new Rfc2898DeriveBytes(password,
              //Settings.Salt.Value);
              salt);

            // Initialize, converting the two values in bits to bytes (dividing by 8)
            algorithm.Key = bytes.GetBytes(algorithm.KeySize / 8);
            algorithm.IV = bytes.GetBytes(algorithm.BlockSize / 8);

            return algorithm;
        }