gpt4 book ai didi

.net - 解密字符串 : System. Security.Cryptography.CryptographicException 时偶尔出现错误数据错误

转载 作者:行者123 更新时间:2023-12-04 00:24:11 25 4
gpt4 key购买 nike

在我的 ASP.NET WebForms 应用程序中 (如果重要的话,该应用程序在 windows server 2008 R2、IIS 7.5 和 Runtime v4.0 集成模式应用程序池上运行) ,我正在加密数据,将其放在 QueryString 上并使用 System.Security.Cryptography.SymmetricAlgorithm 解密数据类(class)。但是我偶尔会在解密数据时遇到一些问题,我收到以下异常;

Bad Data.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicException: Bad Data.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[CryptographicException: Bad Data. ]
System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) +33
System.Security.Cryptography.Utils._DecryptData(SafeKeyHandle hKey, Byte[] data, Int32 ib, Int32 cb, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode PaddingMode, Boolean fDone) +0
System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) +313
System.Security.Cryptography.CryptoStream.FlushFinalBlock() +33 Cryptography35.SymmetricEncryptionUtility.DecryptData(Byte[] data, String keyFile) in E:\Documents\@Library\Cryptography35\Cryptography35\SymmetricEncryptionUtility.cs:124 Cryptography35.SymmetricQueryString.SymmetriclyEncryptedQueryString..ctor(String encryptedData, String keyfilename, String algorithmname) in E:\Documents\@Library\Cryptography35\Cryptography35\SymmetricQueryString\SymmetriclyEncryptedQueryString.cs:67 WebForms.Web.Views.purchase_a.GetSymmetriclyEncryptedQueryString() in E:\Documents\WebForms.Web\Views\purchase-a.aspx.cs:35 WebForms.Web.Views.purchase_a.Page_Load(Object sender, EventArgs e) in E:\Documents\WebForms.Web\Views\purchase-a.aspx.cs:56 System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14 System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35
System.Web.UI.Control.OnLoad(EventArgs e) +91
System.Web.UI.Control.LoadRecursive() +74 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2207 Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1



正如我所指出的,我有时会收到此错误,而不是每次运行时都会收到此错误。我不知道我哪里做错了(在加密阶段或解密阶段)这是我使用的代码;
private SymmetriclyEncryptedQueryString GetSymmetriclyEncryptedQueryString() {

#region _decrypting the value

string KeyFileName;
string AlgorithmName = "DES";

Cryptography35.SymmetricEncryptionUtility.AlgorithmName = AlgorithmName;
KeyFileName = HttpContext.Current.Server.MapPath("~/@config/") + "\\symmetric_key.config";

#endregion

#region _reading and assigning the value

if (Request.QueryString["q"] == null)
throw new NullReferenceException("QueryString value is null on search result page");

SymmetriclyEncryptedQueryString QueryString = new SymmetriclyEncryptedQueryString(Request.QueryString["q"], KeyFileName, AlgorithmName);

#endregion

return QueryString;
}
SymmetriclyEncryptedQueryString类(class)
public class SymmetriclyEncryptedQueryString : System.Collections.Specialized.StringDictionary {

public string KeyFileName { get; set; }
public string AlgorithmName { get; set; }

/// <summary>
/// Use this for encrypte the value
/// </summary>
/// <param name="keyfilename"></param>
/// <param name="algorithmname"></param>
public SymmetriclyEncryptedQueryString(string keyfilename, string algorithmname) {

KeyFileName = keyfilename;
AlgorithmName = algorithmname;

}

/// <summary>
/// Use this for decrypte the value.
/// </summary>
/// <param name="encryptedData"></param>
/// <param name="keyfilename"></param>
/// <param name="algorithmname"></param>
public SymmetriclyEncryptedQueryString(string encryptedData, string keyfilename, string algorithmname) {

#region _initials

KeyFileName = keyfilename;
AlgorithmName = algorithmname;

if (String.IsNullOrEmpty(AlgorithmName)){
SymmetricEncryptionUtility.AlgorithmName = AlgorithmName;
}
else{
SymmetricEncryptionUtility.AlgorithmName = "DES";
}

SymmetricEncryptionUtility.ProtectKey = false;

// Check for encryption key
if (!File.Exists(KeyFileName)){
throw new FileNotFoundException("Keyfilename for SymmetriclyEncryptedQueryString is not found on '" + KeyFileName + "'!");
}

#endregion

//Arrange the data
//In order not to get following exception
//Invalid length for a Base-64 char array.
//byte[] RawData = Convert.FromBase64String(encryptedData);
encryptedData = encryptedData.Replace(" ", "+");
int mod4 = encryptedData.Length % 4;
if (mod4 > 0)
encryptedData += new string('=', 4 - mod4);

// Decrypt data passed in
byte[] RawData = Convert.FromBase64String(encryptedData);
string DecryptedVal = SymmetricEncryptionUtility.DecryptData(RawData, KeyFileName);
string StringData = DecryptedVal;

// Split the data and add the contents
int Index;
string[] SplittedData = StringData.Split(new char[] { '&' });
foreach (string SingleData in SplittedData) {

Index = SingleData.IndexOf('=');
base.Add(
HttpUtility.UrlDecode(SingleData.Substring(0, Index)),
HttpUtility.UrlDecode(SingleData.Substring(Index + 1))
);

}
}

public override string ToString() {

#region _initials

if (String.IsNullOrEmpty(AlgorithmName)) {
SymmetricEncryptionUtility.AlgorithmName = AlgorithmName;
} else {
SymmetricEncryptionUtility.AlgorithmName = "DES";
}

SymmetricEncryptionUtility.ProtectKey = false;

// Check for encryption key
if (!File.Exists(KeyFileName)) {
throw new FileNotFoundException("Keyfilename for AsymmetriclyEncryptedQueryString is not found on '" + KeyFileName + "'!");
}

#endregion

#region _prepare for querystring

// Go through the contents and build a
// typical query string
StringBuilder Content = new StringBuilder();

foreach (string key in base.Keys) {

Content.Append(HttpUtility.UrlEncode(key));
Content.Append("=");
Content.Append(HttpUtility.UrlEncode(base[key]));
Content.Append("&");

}

// Remove the last '&'
Content.Remove(Content.Length - 1, 1);


#endregion

#region _encrypt the contents

// Now encrypt the contents
byte[] data = SymmetricEncryptionUtility.EncryptData(Content.ToString(), KeyFileName);
string EncryptedVal = Convert.ToBase64String(data);

#endregion

return EncryptedVal;

}

}
SymmetricEncryptionUtility类(class)
public static class SymmetricEncryptionUtility {

private static bool _ProtectKey;
private static string _AlgorithmName;

// Shhh!!! Don't tell anybody!
private const string MyKey = "m$%&kljasldk$%/65asjdl";

public static string AlgorithmName {

get { return _AlgorithmName; }
set { _AlgorithmName = value; }
}

public static bool ProtectKey {

get { return _ProtectKey; }
set { _ProtectKey = value; }
}

public static void GenerateKey(string targetFile) {

// Create the algorithm
SymmetricAlgorithm Algorithm = SymmetricAlgorithm.Create(AlgorithmName);
Algorithm.GenerateKey();

// No get the key
byte[] Key = Algorithm.Key;

if (ProtectKey)
{
// Use DPAPI to encrypt key
Key = ProtectedData.Protect(
Key, null, DataProtectionScope.LocalMachine);
}

// Store the key in a file called key.config
using (FileStream fs = new FileStream(targetFile, FileMode.Create))
{
fs.Write(Key, 0, Key.Length);
}
}

public static void ReadKey(SymmetricAlgorithm algorithm, string keyFile)
{
byte[] Key;

using (FileStream fs = new FileStream(keyFile, FileMode.Open))
{
Key = new byte[fs.Length];
fs.Read(Key, 0, (int)fs.Length);
}

if (ProtectKey)
algorithm.Key = ProtectedData.Unprotect(Key, null, DataProtectionScope.LocalMachine);
else
algorithm.Key = Key;
}

public static byte[] EncryptData(string data, string keyFile)
{
// Convert string data to byte array
byte[] ClearData = Encoding.UTF8.GetBytes(data);

// Now Create the algorithm
SymmetricAlgorithm Algorithm = SymmetricAlgorithm.Create(AlgorithmName);
ReadKey(Algorithm, keyFile);

// Encrypt information
MemoryStream Target = new MemoryStream();

// Append IV
Algorithm.GenerateIV();
Target.Write(Algorithm.IV, 0, Algorithm.IV.Length);

// Encrypt actual data
CryptoStream cs = new CryptoStream(Target, Algorithm.CreateEncryptor(), CryptoStreamMode.Write);
cs.Write(ClearData, 0, ClearData.Length);
cs.FlushFinalBlock();

// Output the bytes of the encrypted array to the textbox
return Target.ToArray();
}

public static string DecryptData(byte[] data, string keyFile) {

// Now create the algorithm
SymmetricAlgorithm Algorithm = SymmetricAlgorithm.Create(AlgorithmName);
ReadKey(Algorithm, keyFile);

// Decrypt information
MemoryStream Target = new MemoryStream();

// Read IV
int ReadPos = 0;
byte[] IV = new byte[Algorithm.IV.Length];
Array.Copy(data, IV, IV.Length);
Algorithm.IV = IV;
ReadPos += Algorithm.IV.Length;

CryptoStream cs = new CryptoStream(Target, Algorithm.CreateDecryptor(), CryptoStreamMode.Write);
cs.Write(data, ReadPos, data.Length - ReadPos);
cs.FlushFinalBlock();

// Get the bytes from the memory stream and convert them to text
return Encoding.UTF8.GetString(Target.ToArray());
}

}

更新
我想到了别的东西。在我的一个页面上,我正在做以下事情;
protected override void OnInit(EventArgs e) {

string url = Request.Url.AbsoluteUri.ToLower();
if (url.StartsWith("http:"))
{
Response.Redirect(url.Replace("http://", "https://"), true);
}
}

我认为它会导致问题。 (请记住,我的加密数据位于查询字符串中)当我尝试从 http 访问该页面时并将其重定向到 https和繁荣。它给了我那个错误。好的,现在我找到了错误的根源,但无论如何都不应该发生。

最佳答案

你的代码中潜伏着一个错误......

永远不要将任何 System.Text.Encoding 类用于密文。您将遇到间歇性错误。您应该使用 Base64 编码和 System.Convert 类方法。

  • 要从加密的 byte[] 中获取加密的字符串,您应该使用:Convert.ToBase64String(byte[] bytes)
  • 要从要加密的字符串中获取原始字节 [],您应该使用:Convert.FromBase64String(string data)

  • 有关其他信息,请参阅 MS 安全专家 Shawn Farkas 的帖子 http://blogs.msdn.com/b/shawnfa/archive/2005/11/10/491431.aspx

    关于.net - 解密字符串 : System. Security.Cryptography.CryptographicException 时偶尔出现错误数据错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/6555887/

    25 4 0
    Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
    广告合作:1813099741@qq.com 6ren.com