none
Metro下AES加密, 服务器端解密的问题 RRS feed

  • 问题

  • 服务器是已有的解密程序,程序如下:

            public byte[] Decrypt(byte[] encryptBytes, string pwdValue, string salt1)
            {
                    byte[] salt = System.Text.UTF8Encoding.UTF8.GetBytes(salt1); // 盐值
                    System.Security.Cryptography.AesManaged aes = new System.Security.Cryptography.AesManaged();
                    System.Security.Cryptography.Rfc2898DeriveBytes rfc = new System.Security.Cryptography.Rfc2898DeriveBytes(pwdValue, salt);
                    aes.BlockSize = aes.LegalBlockSizes[0].MaxSize;
                    aes.KeySize = aes.LegalKeySizes[0].MaxSize;
                    aes.Key = rfc.GetBytes(aes.KeySize / 8);
                    aes.IV = rfc.GetBytes(aes.BlockSize / 8);
                    System.Security.Cryptography.ICryptoTransform decryptTransform = aes.CreateDecryptor();
                    System.IO.MemoryStream decryptStream = new System.IO.MemoryStream();
                    System.Security.Cryptography.CryptoStream decryptor = new System.Security.Cryptography.CryptoStream(
                        decryptStream, decryptTransform, System.Security.Cryptography.CryptoStreamMode.Write);
                    decryptor.Write(encryptBytes, 0, encryptBytes.Length);
                    decryptor.Close();
                    return decryptStream.ToArray();
            }

    现在, Metro需要与它通信,加密代码如下:

            public static byte[] Encrypt(string plainText, string pwdValue, string salt)
            {
                IBuffer pwBuffer = CryptographicBuffer.ConvertStringToBinary(pwdValue, BinaryStringEncoding.Utf8);
                IBuffer saltBuffer = CryptographicBuffer.ConvertStringToBinary(salt, BinaryStringEncoding.Utf16LE);
                IBuffer plainBuffer = CryptographicBuffer.ConvertStringToBinary(plainText, BinaryStringEncoding.Utf16LE);
    
                // Derive key material for password size 32 bytes for AES256 algorithm
                KeyDerivationAlgorithmProvider keyDerivationProvider = Windows.Security.Cryptography.Core.KeyDerivationAlgorithmProvider.OpenAlgorithm("PBKDF2_SHA1");
                // using salt and 1000 iterations
                KeyDerivationParameters pbkdf2Parms = KeyDerivationParameters.BuildForPbkdf2(saltBuffer, 1000);
    
                // create a key based on original key and derivation parmaters
                CryptographicKey keyOriginal = keyDerivationProvider.CreateKey(pwBuffer);
                IBuffer keyMaterial = CryptographicEngine.DeriveKeyMaterial(keyOriginal, pbkdf2Parms, 32);
                CryptographicKey derivedPwKey = keyDerivationProvider.CreateKey(pwBuffer);
    
                // derive buffer to be used for encryption salt from derived password key 
                IBuffer saltMaterial = CryptographicEngine.DeriveKeyMaterial(derivedPwKey, pbkdf2Parms, 16);
    
                // display the buffers - because KeyDerivationProvider always gets cleared after each use, they are very similar unforunately
                string keyMaterialString = CryptographicBuffer.EncodeToBase64String(keyMaterial);
                string saltMaterialString = CryptographicBuffer.EncodeToBase64String(saltMaterial);
    
                SymmetricKeyAlgorithmProvider symProvider = SymmetricKeyAlgorithmProvider.OpenAlgorithm("AES_CBC_PKCS7");
                // create symmetric key from derived password key
                CryptographicKey symmKey = symProvider.CreateSymmetricKey(keyMaterial);
    
                // encrypt data buffer using symmetric key and derived salt material
                IBuffer resultBuffer = CryptographicEngine.Encrypt(symmKey, plainBuffer, saltMaterial);
                //string result = CryptographicBuffer.EncodeToBase64String(resultBuffer);
                //return result;
                byte[] re = WindowsRuntimeBufferExtensions.ToArray(resultBuffer, 0, (int)resultBuffer.Length); 
                //CryptographicBuffer.CopyToByteArray(resultBuffer, out re);
                return re;
            }
     

    注:上面的Metro加密程序是根据https://social.msdn.microsoft.com/Forums/windowsapps/en-us/df082434-08e6-4d16-96b5-ed81639b4eee/how-can-i-generate-the-exact-same-ciphertext-in-winrt-as-this-windows-phone-encryption-code-using?forum=winappswithcsharp

    测试时用的参数是 Encrypt(“aaaa”, "password", "12345678");

    求教, 这段代码哪里得改?


    • 已编辑 升宝 2015年3月6日 7:25
    2015年3月6日 7:24