0
我在序列化对象时使用序列化加密时遇到问题。序列化加密错误
这是错误:
Failed to deserialize. Reason: End of Stream encountered before parsing was completed
这里是我的代码:
Imports System.IO
Imports System.Security.Cryptography
Imports System.Runtime.Serialization
Imports System.Runtime.Serialization.Formatters.Binary
Imports System.Text
Module TestModEncryption
Public Sub SaveEncryptedObjectToFile(FileName As String, Item As Object)
Dim fs As FileStream
Dim encryptor As CryptoStream
Dim formatter As New BinaryFormatter
Dim password As String = "MyPassword"
Dim salt As String = "InitialVector123"
Dim AES As AesManaged = New AesManaged
AES.Padding = PaddingMode.None
AES.Mode = CipherMode.CBC
Dim HashAlgorithm As String = "SHA1" 'Can be SHA1 or MD5
Dim PasswordIterations As Integer = 2
Dim InitialVector As String = "InitialVector123" 'This should be a string of 16 ASCII characters.
Dim KeySize As Integer = 256 'Can be 128, 192, or 256.
Dim InitialVectorBytes As Byte() = Encoding.ASCII.GetBytes(InitialVector)
Dim SaltValueBytes As Byte() = Encoding.ASCII.GetBytes(salt)
Dim DerivedPassword As New Rfc2898DeriveBytes(password, SaltValueBytes, PasswordIterations)
Dim KeyBytes As Byte() = DerivedPassword.GetBytes(CInt(KeySize/8))
Dim encryptTransf As ICryptoTransform = AES.CreateEncryptor(KeyBytes, InitialVectorBytes)
fs = New FileStream(FileName, FileMode.Create)
encryptor = New CryptoStream(fs, encryptTransf, CryptoStreamMode.Write)
Try
formatter.Serialize(encryptor, Item)
Catch e As SerializationException
Console.WriteLine("Failed to serialize. Reason: " & e.Message)
Throw
Finally
fs.Close()
End Try
End Sub
Public Function OpenEncryptedObjectFromFile(FileName As String) As Object
Dim fs As New FileStream(FileName, FileMode.Open)
Dim decryptor As CryptoStream
Dim ItemToReturn As New Object
Dim password As String = "MyPassword"
Dim salt As String = "InitialVector123"
Dim AES As AesManaged = New AesManaged
AES.Padding = PaddingMode.None
AES.Mode = CipherMode.CBC
Dim HashAlgorithm As String = "SHA1" 'Can be SHA1 or MD5
Dim PasswordIterations As Integer = 2
Dim InitialVector As String = "InitialVector123" 'This should be a string of 16 ASCII characters.
Dim KeySize As Integer = 256 'Can be 128, 192, or 256.
Dim InitialVectorBytes As Byte() = Encoding.ASCII.GetBytes(InitialVector)
Dim SaltValueBytes As Byte() = Encoding.ASCII.GetBytes(salt)
Dim DerivedPassword As New Rfc2898DeriveBytes(password, SaltValueBytes, PasswordIterations)
Dim KeyBytes As Byte() = DerivedPassword.GetBytes(CInt(KeySize/8))
Dim decryptTrans As ICryptoTransform = AES.CreateDecryptor(KeyBytes, InitialVectorBytes)
Try
Dim formatter As New BinaryFormatter
decryptor = New CryptoStream(fs, decryptTrans, CryptoStreamMode.Read)
ItemToReturn = DirectCast(formatter.Deserialize(decryptor), Object)
Return ItemToReturn
Catch e As SerializationException
MsgBox("Failed to deserialize. Reason: " & e.Message)
Return Nothing
'Throw
Finally
fs.Close()
End Try
End Function
End Module
'这应该是一个由16个ASCII字符组成的字符串?不可以。它应该是一个不可预知且唯一的字节串,最好来自一个安全的随机数生成器,并且每次调用函数时都应该有所不同。在PBKDF2中使用两次迭代完全是假的,事实上,在这种情况下完全使用PBKDF2是完全虚假的。 – ntoskrnl