加密結構，錯誤的數據錯誤，是什麼原因造成的？

Question

我不知道我做錯了什麼，它似乎工作的加密，但當你解密時說，試圖反序列化它的不良數據，不知道我做錯了什麼。我是做加密的新手，所以如果它真的很簡單，我很抱歉。

public byte[] Serialize(object obj, string key) 
    { 
     byte[] returnBytes; 
     using (MemoryStream memory = new MemoryStream()) 
     { 
      UTF8Encoding UTF8 = new UTF8Encoding(); 
      TripleDESCryptoServiceProvider crypt = new TripleDESCryptoServiceProvider(); 
      MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider(); 
      byte[] pass = provider.ComputeHash(UTF8.GetBytes(key)); 
      crypt.Key = pass; 
      crypt.Mode = CipherMode.ECB; 
      crypt.Padding = PaddingMode.PKCS7; 
      using (CryptoStream stream = new CryptoStream(memory, crypt.CreateEncryptor(), CryptoStreamMode.Write)) 
      { 
       BinaryFormatter formatter = new BinaryFormatter(); 
       formatter.Serialize(stream, obj); 
       stream.Close(); 
       memory.Close(); 
      } 

      returnBytes = memory.ToArray(); 
     } 

     return returnBytes; 
    } 
    public object Deserialize(byte[] inBytes, string key) 
    { 
     object returnObj; 
     using (MemoryStream memory = new MemoryStream()) 
     { 
      UTF8Encoding UTF8 = new UTF8Encoding(); 
      TripleDESCryptoServiceProvider crypt = new TripleDESCryptoServiceProvider(); 
      MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider(); 
      byte[] pass = provider.ComputeHash(UTF8.GetBytes(key)); 
      crypt.Key = pass; 
      crypt.Mode = CipherMode.ECB; 
      crypt.Padding = PaddingMode.PKCS7; 
      using (CryptoStream stream = new CryptoStream(memory, crypt.CreateDecryptor(), CryptoStreamMode.Read)) 
      { 
       BinaryFormatter formatter = new BinaryFormatter(); 
       returnObj = formatter.Deserialize(stream); 
       stream.Close(); 
       memory.Close(); 
      } 
      return returnObj; 
     } 

    } 

此代碼我做了一段時間回來工作在串

 public string encrypt(string message, string password) 
     { 
      byte[] result; 
      UTF8Encoding UTF8 = new UTF8Encoding(); 
      MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider(); 
      byte[] key = provider.ComputeHash(UTF8.GetBytes(password)); 
      TripleDESCryptoServiceProvider algorithm = new TripleDESCryptoServiceProvider(); 
      algorithm.Key = key; 
      algorithm.Mode = CipherMode.ECB; 
      algorithm.Padding = PaddingMode.PKCS7; 
      byte[] data = UTF8.GetBytes(message); 
      try 
      { 
       ICryptoTransform encryptor = algorithm.CreateEncryptor(); 
       result = encryptor.TransformFinalBlock(data, 0, data.Length); 
      } 
      finally 
      { 
       algorithm.Clear(); 
       provider.Clear(); 
      } 
      return Convert.ToBase64String(result); 
     } 
     public string decrypt(string message, string passsword) 
     { 
      byte[] result; 
      UTF8Encoding UTF8 = new UTF8Encoding(); 
      MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider(); 
      byte[] key = provider.ComputeHash(UTF8.GetBytes(passsword)); 
      TripleDESCryptoServiceProvider algorithm = new TripleDESCryptoServiceProvider(); 
      algorithm.Key = key; 
      algorithm.Mode = CipherMode.ECB; 
      algorithm.Padding = PaddingMode.PKCS7; 
      byte[] data = Convert.FromBase64String(message); 
      try 
      { 
       ICryptoTransform decryptor = algorithm.CreateDecryptor(); 
       result = decryptor.TransformFinalBlock(data, 0, data.Length); 
      } 
      finally 
      { 
       algorithm.Clear(); 
       provider.Clear(); 
      } 
      return UTF8.GetString(result); 
     } 

Answer 1

你不是要設置的crypt的IV屬性，因此它的每一次出發的隨機值。您需要在解密時將其設置爲與加密時相同的值 - 例如用於散列的鹽。編輯：鑑於歐洲央行的工作方式，它看起來像IV可能會被忽略，這就是爲什麼你以前的代碼沒有存儲它的工作。

編輯：雖然IV部分肯定是非ECB所必需的，但這還不夠。我不確定剩下的問題是什麼，儘管如此：

• 不建議使用ECB密碼模式 - 使用它的任何原因？
• 你最終可能會因爲填充而遇到問題;我不知道BinaryFormatter是否會自動爲您處理，但值得研究。

編輯：呃 - 我已經解決了更大的問題;按照Elian的評論，你的確應該使用inBytes。目前你完全忽略了密文 - 這有沒有工作機會！

這裏是展示整個事情掛在一起，一個完整的程序：

using System; 
using System.IO; 
using System.Text; 
using System.Security.Cryptography; 
using System.Runtime.Serialization.Formatters.Binary; 

class Test 
{ 
    static void Main() 
    { 
     byte[] data = Serialize("Some arbitrary test data", "pass"); 
     object x = Deserialize(data, "pass"); 
     Console.WriteLine(x); 
    } 

    private static SymmetricAlgorithm CreateCryptoServiceProvider(string key) 
    { 
     byte[] passwordHash; 
     using (MD5 md5 = MD5.Create()) 
     { 
      // It's not clear why you're taking the hash of the password... 
      passwordHash = md5.ComputeHash(Encoding.UTF8.GetBytes(key)); 
     } 
     var crypt = new TripleDESCryptoServiceProvider(); 
     crypt.Key = passwordHash; 
     crypt.Mode = CipherMode.CBC; // This is the default anyway - can remove 
     crypt.Padding = PaddingMode.PKCS7; // Ditto 
     // Fix this to use a randomly generated one and store it for real code. 
     crypt.IV = new byte[crypt.BlockSize/8]; 
     return crypt; 
    } 

    public static byte[] Serialize(object obj, string key) 
    { 
     var provider = CreateCryptoServiceProvider(key); 

     using (MemoryStream memory = new MemoryStream()) 
     { 
      using (CryptoStream stream = new CryptoStream(
       memory, provider.CreateEncryptor(), CryptoStreamMode.Write)) 
      { 
       BinaryFormatter formatter = new BinaryFormatter(); 
       formatter.Serialize(stream, obj); 
      } 
      return memory.ToArray(); 
     } 
    } 

    public static object Deserialize(byte[] inBytes, string key) 
    { 
     var provider = CreateCryptoServiceProvider(key); 

     using (MemoryStream memory = new MemoryStream(inBytes)) 
     { 
      using (CryptoStream stream = new CryptoStream(
       memory, provider.CreateDecryptor(), CryptoStreamMode.Read)) 
      { 
       BinaryFormatter formatter = new BinaryFormatter(); 
       return formatter.Deserialize(stream); 
      } 
     } 
    } 

}