我正在使用「AesManaged」加密和解密Web應用程序中受保護的數據。在我的場景中,我在用戶登錄時創建基於「Email + CurrentDate」的令牌,並以加密格式將其發回給用戶(使用AESManaged類加密),並且當用戶調用下一個服務器端方法時,例如「顯示報告「,用戶/客戶端應用程序也將發送帶有請求的加密標記。在服務器端,我解密令牌,並在根據解密的令牌執行條件邏輯之後,決定給定用戶是否有權訪問此方法(一種授權檢查)。如何避免AESManaged(C#)「要解密的數據的長度無效。」
對於基本流程,用戶提供正確的加密字符串(他從服務器獲取的加密字符串或長度相同但用戶替換加密字符串中的字符)表現良好(如預期的那樣)。
但是,問題出現時,當用戶得到(例如)54字符的字符串,但只發送7個字符的服務器。然後發生以下異常。
即使用戶提供無效數據,我也想避免這種異常。所以,基本上應該總是解密字符串,如果它是無效的令牌,那麼我可以限制對資源的訪問。我怎麼能做到這一點?您的答覆將不勝感激。
異常詳細信息:
具體代碼塊,其中的例外發生。
// Create the streams used for decryption.
using (MemoryStream msDecrypt = new MemoryStream(cipherText))
{
using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
{
using (StreamReader srDecrypt = new StreamReader(csDecrypt))
{
plaintext = srDecrypt.ReadToEnd();
}
}
}
例外情況:「要解密的數據的長度無效。」
異常詳細信息:
目標站點:{字節[] TransformFinalBlock(字節[],的Int32,Int32)將}
聲明類型:{名稱= 「RijndaelManagedTransform」 全名=「System.Security .Cryptography.RijndaelManagedTransform「}
名稱: TransformFinalBlock
注:我爲加密和解密方法提供了相同的密鑰和iv。
代碼:
public string EncryptAuthenticationTokenAes(string plainText, byte[] Key, byte[] IV)
{
byte[] encrypted;
// Create an AesManaged object
// with the specified key and IV.
using (AesManaged aesAlg = new AesManaged())
{
aesAlg.Key = Key;
aesAlg.IV = IV;
// Create a decrytor to perform the stream transform.
ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
// Create the streams used for encryption.
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
{
//Write all data to the stream.
swEncrypt.Write(plainText);
}
encrypted = msEncrypt.ToArray();
}
}
}
// Return the encrypted bytes from the memory stream.
return Convert.ToBase64String(encrypted);
}
public string DecryptPasswordAes(string encryptedString, byte[] Key, byte[] IV)
{
// becuase it is base64, if mod4>0 then it is consider as invalid token
int mod4 = encryptedString.Length % 4;
if (mod4 > 0)
{
return string.Empty;
}
byte[] cipherText = Convert.FromBase64String(encryptedString);
// Declare the string used to hold
// the decrypted text.
string plaintext = null;
// Create an AesManaged object
// with the specified key and IV.
using (AesManaged aesAlg = new AesManaged())
{
aesAlg.Key = Key;
aesAlg.IV = IV;
// Create a decrytor to perform the stream transform.
ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
// Create the streams used for decryption.
using (MemoryStream msDecrypt = new MemoryStream(cipherText))
{
using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
{
using (StreamReader srDecrypt = new StreamReader(csDecrypt))
{
plaintext = srDecrypt.ReadToEnd();
}
}
}
}
return plaintext;
}