加密结构，错误的数据错误，是什么原因造成的？

Question

我不知道我做错了什么，它似乎工作的加密，但当你解密时说，试图反序列化它的不良数据，不知道我做错了什么。我是做加密的新手，所以如果它真的很简单，我很抱歉。

public byte[] Serialize(object obj, string key) 
    { 
     byte[] returnBytes; 
     using (MemoryStream memory = new MemoryStream()) 
     { 
      UTF8Encoding UTF8 = new UTF8Encoding(); 
      TripleDESCryptoServiceProvider crypt = new TripleDESCryptoServiceProvider(); 
      MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider(); 
      byte[] pass = provider.ComputeHash(UTF8.GetBytes(key)); 
      crypt.Key = pass; 
      crypt.Mode = CipherMode.ECB; 
      crypt.Padding = PaddingMode.PKCS7; 
      using (CryptoStream stream = new CryptoStream(memory, crypt.CreateEncryptor(), CryptoStreamMode.Write)) 
      { 
       BinaryFormatter formatter = new BinaryFormatter(); 
       formatter.Serialize(stream, obj); 
       stream.Close(); 
       memory.Close(); 
      } 

      returnBytes = memory.ToArray(); 
     } 

     return returnBytes; 
    } 
    public object Deserialize(byte[] inBytes, string key) 
    { 
     object returnObj; 
     using (MemoryStream memory = new MemoryStream()) 
     { 
      UTF8Encoding UTF8 = new UTF8Encoding(); 
      TripleDESCryptoServiceProvider crypt = new TripleDESCryptoServiceProvider(); 
      MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider(); 
      byte[] pass = provider.ComputeHash(UTF8.GetBytes(key)); 
      crypt.Key = pass; 
      crypt.Mode = CipherMode.ECB; 
      crypt.Padding = PaddingMode.PKCS7; 
      using (CryptoStream stream = new CryptoStream(memory, crypt.CreateDecryptor(), CryptoStreamMode.Read)) 
      { 
       BinaryFormatter formatter = new BinaryFormatter(); 
       returnObj = formatter.Deserialize(stream); 
       stream.Close(); 
       memory.Close(); 
      } 
      return returnObj; 
     } 

    } 

此代码我做了一段时间回来工作在串

 public string encrypt(string message, string password) 
     { 
      byte[] result; 
      UTF8Encoding UTF8 = new UTF8Encoding(); 
      MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider(); 
      byte[] key = provider.ComputeHash(UTF8.GetBytes(password)); 
      TripleDESCryptoServiceProvider algorithm = new TripleDESCryptoServiceProvider(); 
      algorithm.Key = key; 
      algorithm.Mode = CipherMode.ECB; 
      algorithm.Padding = PaddingMode.PKCS7; 
      byte[] data = UTF8.GetBytes(message); 
      try 
      { 
       ICryptoTransform encryptor = algorithm.CreateEncryptor(); 
       result = encryptor.TransformFinalBlock(data, 0, data.Length); 
      } 
      finally 
      { 
       algorithm.Clear(); 
       provider.Clear(); 
      } 
      return Convert.ToBase64String(result); 
     } 
     public string decrypt(string message, string passsword) 
     { 
      byte[] result; 
      UTF8Encoding UTF8 = new UTF8Encoding(); 
      MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider(); 
      byte[] key = provider.ComputeHash(UTF8.GetBytes(passsword)); 
      TripleDESCryptoServiceProvider algorithm = new TripleDESCryptoServiceProvider(); 
      algorithm.Key = key; 
      algorithm.Mode = CipherMode.ECB; 
      algorithm.Padding = PaddingMode.PKCS7; 
      byte[] data = Convert.FromBase64String(message); 
      try 
      { 
       ICryptoTransform decryptor = algorithm.CreateDecryptor(); 
       result = decryptor.TransformFinalBlock(data, 0, data.Length); 
      } 
      finally 
      { 
       algorithm.Clear(); 
       provider.Clear(); 
      } 
      return UTF8.GetString(result); 
     } 

Answer 1

你不是要设置的crypt的IV属性，因此它的每一次出发的随机值。您需要在解密时将其设置为与加密时相同的值 - 例如用于散列的盐。编辑：鉴于欧洲央行的工作方式，它看起来像IV可能会被忽略，这就是为什么你以前的代码没有存储它的工作。

编辑：虽然IV部分肯定是非ECB所必需的，但这还不够。我不确定剩下的问题是什么，尽管如此：

• 不建议使用ECB密码模式 - 使用它的任何原因？
• 你最终可能会因为填充而遇到问题;我不知道BinaryFormatter是否会自动为您处理，但值得研究。

编辑：呃 - 我已经解决了更大的问题;按照Elian的评论，你的确应该使用inBytes。目前你完全忽略了密文 - 这有没有工作机会！

这里是展示整个事情挂在一起，一个完整的程序：

using System; 
using System.IO; 
using System.Text; 
using System.Security.Cryptography; 
using System.Runtime.Serialization.Formatters.Binary; 

class Test 
{ 
    static void Main() 
    { 
     byte[] data = Serialize("Some arbitrary test data", "pass"); 
     object x = Deserialize(data, "pass"); 
     Console.WriteLine(x); 
    } 

    private static SymmetricAlgorithm CreateCryptoServiceProvider(string key) 
    { 
     byte[] passwordHash; 
     using (MD5 md5 = MD5.Create()) 
     { 
      // It's not clear why you're taking the hash of the password... 
      passwordHash = md5.ComputeHash(Encoding.UTF8.GetBytes(key)); 
     } 
     var crypt = new TripleDESCryptoServiceProvider(); 
     crypt.Key = passwordHash; 
     crypt.Mode = CipherMode.CBC; // This is the default anyway - can remove 
     crypt.Padding = PaddingMode.PKCS7; // Ditto 
     // Fix this to use a randomly generated one and store it for real code. 
     crypt.IV = new byte[crypt.BlockSize/8]; 
     return crypt; 
    } 

    public static byte[] Serialize(object obj, string key) 
    { 
     var provider = CreateCryptoServiceProvider(key); 

     using (MemoryStream memory = new MemoryStream()) 
     { 
      using (CryptoStream stream = new CryptoStream(
       memory, provider.CreateEncryptor(), CryptoStreamMode.Write)) 
      { 
       BinaryFormatter formatter = new BinaryFormatter(); 
       formatter.Serialize(stream, obj); 
      } 
      return memory.ToArray(); 
     } 
    } 

    public static object Deserialize(byte[] inBytes, string key) 
    { 
     var provider = CreateCryptoServiceProvider(key); 

     using (MemoryStream memory = new MemoryStream(inBytes)) 
     { 
      using (CryptoStream stream = new CryptoStream(
       memory, provider.CreateDecryptor(), CryptoStreamMode.Read)) 
      { 
       BinaryFormatter formatter = new BinaryFormatter(); 
       return formatter.Deserialize(stream); 
      } 
     } 
    } 

}