我有一个C#.NET项目,它使用AES提供Encrypt和Decrypt方法。
(我不希望赢得你即将看到的C#代码的任何奖励(或赞成),但在我的谦逊辩护中,我不负责,我只是继承它,我认识到它有一些真正的问题,我愿意在一个单独的SO问题下改进它。)
public static string Encrypt(string PlainText)
{
string Password = "password replaced for this question";
string Salt = "salt replaced for this question";
string HashAlgorithm = "SHA1";
int PasswordIterations = 2;
string InitialVector = "iv replaced for this question";
int KeySize = 256;
if (string.IsNullOrEmpty(PlainText))
return "";
byte[] InitialVectorBytes = Encoding.ASCII.GetBytes(InitialVector);
byte[] SaltValueBytes = Encoding.ASCII.GetBytes(Salt);
byte[] PlainTextBytes = Encoding.UTF8.GetBytes(PlainText);
PasswordDeriveBytes DerivedPassword = new PasswordDeriveBytes(Password, SaltValueBytes, HashAlgorithm, PasswordIterations);
byte[] KeyBytes = DerivedPassword.GetBytes(KeySize / 8);
RijndaelManaged SymmetricKey = new RijndaelManaged();
SymmetricKey.Mode = CipherMode.CBC;
byte[] CipherTextBytes = null;
using (ICryptoTransform Encryptor = SymmetricKey.CreateEncryptor(KeyBytes, InitialVectorBytes))
{
using (MemoryStream MemStream = new MemoryStream())
{
using (CryptoStream CryptoStream = new CryptoStream(MemStream, Encryptor, CryptoStreamMode.Write))
{
CryptoStream.Write(PlainTextBytes, 0, PlainTextBytes.Length);
CryptoStream.FlushFinalBlock();
CipherTextBytes = MemStream.ToArray();
MemStream.Close();
CryptoStream.Close();
}
}
}
SymmetricKey.Clear();
return Convert.ToBase64String(CipherTextBytes);
}
public static string Decrypt(string CipherText)
{
string Password = "password replaced for this question";
string Salt = "salt replaced for this question";
string HashAlgorithm = "SHA1";
int PasswordIterations = 2;
string InitialVector = "iv replaced for this question";
int KeySize = 256;
if (string.IsNullOrEmpty(CipherText))
return "";
try
{
byte[] InitialVectorBytes = Encoding.ASCII.GetBytes(InitialVector);
byte[] SaltValueBytes = Encoding.ASCII.GetBytes(Salt);
byte[] CipherTextBytes = Convert.FromBase64String(CipherText);
PasswordDeriveBytes DerivedPassword = new PasswordDeriveBytes(Password, SaltValueBytes, HashAlgorithm, PasswordIterations);
byte[] KeyBytes = DerivedPassword.GetBytes(KeySize / 8);
RijndaelManaged SymmetricKey = new RijndaelManaged();
SymmetricKey.Mode = CipherMode.CBC;
byte[] PlainTextBytes = new byte[CipherTextBytes.Length];
int ByteCount = 0;
using (ICryptoTransform Decryptor = SymmetricKey.CreateDecryptor(KeyBytes, InitialVectorBytes))
{
using (MemoryStream MemStream = new MemoryStream(CipherTextBytes))
{
using (CryptoStream CryptoStream = new CryptoStream(MemStream, Decryptor, CryptoStreamMode.Read))
{
ByteCount = CryptoStream.Read(PlainTextBytes, 0, PlainTextBytes.Length);
MemStream.Close();
CryptoStream.Close();
}
}
}
SymmetricKey.Clear();
return Encoding.UTF8.GetString(PlainTextBytes, 0, ByteCount);
}
catch
{
return "";
}
}
我需要执行等效的加密/解密,但在PHP 7中,例如这样PHP就可以解密(纯文本)使用.NET Encrypt方法加密的字符串,并以这样的方式加密字符串,即.NET Decrypt函数将返回纯文本。
我知道加密是危险的,而且还不足以知道如何做到这一点"正确"。