密碼解密中的錯誤

Question

我必須以加密格式將密碼字段存儲在SQL Server數據庫中，並且我必須在用戶登錄系統時解密它。加密部分工作正常。但我解密部分的錯誤爲「無效長度爲Base-64字符數組」在行

byte[] todecode_byte = Convert.FromBase64String(encryptpwd); 

的解密模塊。

private string Encryptdata(string password) 
{ 
     string encryptpwd = string.Empty; 
     byte[] encode = new byte[password.Length]; 
     encode = Encoding.UTF8.GetBytes(password); 
     encryptpwd = Convert.ToBase64String(encode); 
     return encryptpwd; 
} 

private string Decryptdata(string encryptpwd) 
{ 
     string decryptpwd = string.Empty; 
     UTF8Encoding encodepwd = new UTF8Encoding(); 
     Decoder Decode = encodepwd.GetDecoder(); 
     byte[] todecode_byte = Convert.FromBase64String(encryptpwd); //here I am getting error as "Invalid length for a Base-64 char array" 
     int charCount = Decode.GetCharCount(todecode_byte, 0, todecode_byte.Length); 
     char[] decoded_char = new char[charCount]; 
     Decode.GetChars(todecode_byte, 0, todecode_byte.Length, decoded_char, 0); 
     decryptpwd = new String(decoded_char); 
     return decryptpwd; 
} 

輸入數據：prabu
加密數據：cHJhYnU=

Answer 1

，因爲你的代碼是這樣的你有一個錯誤：

string password = "prabu"; 
    string encryptdata = Encryptdata(password); 
    string decryptdata = Decryptdata(password); 

Answer 2

而不是保存的加密用戶密碼，並解密功能執行身份驗證，我們使用保存密碼作爲鹽漬散列，其中每次要存儲新密碼（鹽和散列存儲在數據庫中）時自動生成salt。

要驗證登錄嘗試，我們爲登錄時提供的密碼生成散列，但使用我們在初始設置密碼時存儲的鹽。然後，要驗證登錄名，只需比較兩個哈希值。

例如，如果您選擇SHA1哈希函數：

using System; 
using System.Security.Cryptography; 

public interface ISaltedHash 
{ 
    /// <summary> 
    /// Gets the hash. 
    /// </summary> 
    string Hash 
    { 
     get; 
    } 

    /// <summary> 
    /// Gets the salt. 
    /// </summary> 
    string Salt 
    { 
     get; 
    } 
} 

public class SaltedHashProvider 
{ 
    #region Fields 

    private int m_saltLength = 6; 

    #endregion // Fields 

    #region Public Methods 

    /// <summary> 
    /// Encrypts data with the a salted SHA1 algorith. 
    /// The salt will be automatically generated. 
    /// </summary> 
    /// <param name="value">Value to be encrypted.</param> 
    /// <returns>The encrypted data.</returns> 
    public ISaltedHash EncryptWithSalt(string value) 
    { 
     string salt = CreateSalt(); 

     string hash = Encrypt(salt + value); 

     return new SaltedHash 
     { 
      Hash = hash, 
      Salt = salt 
     }; 
    } 

    /// <summary> 
    /// Encrypts data with the a salted SHA1 algorith. 
    /// </summary> 
    /// <param name="value">Value to be encrypted.</param> 
    /// <param name="salt">Salt to be used when encypting the value.</param> 
    /// <returns>The encrypted data.</returns> 
    public ISaltedHash EncryptWithSalt(string value, string salt) 
    { 
     string hash = Encrypt(salt + value); 

     return new SaltedHash 
     { 
      Hash = hash, 
      Salt = salt 
     }; 
    } 

    #endregion // Public Methods 

    #region Helper Methods 

    /// <summary> 
    /// Creates salt. 
    /// </summary> 
    /// <returns>A base64 salt string.</returns> 
    private string CreateSalt() 
    { 
     byte[] saltBlob = CreateRandomBytes(m_saltLength); 

     return Convert.ToBase64String(saltBlob); 
    } 

    /// <summary> 
    /// Encrypts data with the SHA1 algorithm. 
    /// </summary> 
    /// <param name="value">Value to be encrypted.</param> 
    /// <returns>The encrypted data.</returns> 
    private string Encrypt(string value) 
    { 
     byte[] blob = ToByteArray(value); 

     byte[] hash = ComputeHash(blob); 

     return Convert.ToBase64String(hash); 
    } 

    /// <summary> 
    /// Computes the hash value for the specified byte array. 
    /// </summary> 
    /// <param name="blob">The input to commute the hash for.</param> 
    /// <returns>The computed hash code.</returns> 
    private byte[] ComputeHash(byte[] blob) 
    { 
     return new SHA1CryptoServiceProvider().ComputeHash(blob); 
    } 

    /// <summary> 
    /// Gets a UTF8 byte array encoding for the specified character array. 
    /// </summary> 
    /// <param name="value">The input containing characters to be encoded.</param> 
    /// <returns>The UTF8 encoded array.</returns> 
    private byte[] ToByteArray(string value) 
    { 
     return System.Text.Encoding.UTF8.GetBytes(value); 
    } 

    /// <summary> 
    /// Creates a random byte array. 
    /// </summary> 
    /// <param name="length">Length of array to be generated.</param> 
    /// <returns>A random byte array.</returns> 
    private static byte[] CreateRandomBytes(int length) 
    { 
     byte[] blob = new byte[length]; 

     new RNGCryptoServiceProvider().GetBytes(blob); 

     return blob; 
    } 

    #endregion // Helper Methods 
} 

Answer 3

private string Decrypt(string cipherText) 
     { 
      string EncryptionKey = "MAKV2SPBNI99212"; 
      byte[] cipherBytes = Convert.FromBase64String(cipherText); 
      using (Aes encryptor = Aes.Create()) 
      { 
       Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 }); 
       encryptor.Key = pdb.GetBytes(32); 
       encryptor.IV = pdb.GetBytes(16); 
       using (MemoryStream ms = new MemoryStream()) 
       { 
        using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write)) 
        { 
         cs.Write(cipherBytes, 0, cipherBytes.Length); 
         cs.Close(); 
        } 
        cipherText = Encoding.Unicode.GetString(ms.ToArray()); 
       } 
      } 
      return cipherText; 
     }