把加密后的字符串保存到数据库中,但是有的密码可以被正确解密,而有的密码则不能被正确解密。请问为什么?
/// <summary>
/// DEC 解密过程
/// </summary>
/// <param name="pToDecrypt">需要解密的字符串</param>
/// <param name="sKey">密钥</param>
/// <returns>解密后字符串</returns>
private string Decrypt(string pToDecrypt, string sKey)
{
DESCryptoServiceProvider des = new DESCryptoServiceProvider(); byte[] inputByteArray = new byte[pToDecrypt.Length / 2];
for (int x = 0; x < pToDecrypt.Length / 2; x++)
{
int i = (Convert.ToInt32(pToDecrypt.Substring(x * 2, 2), 16));
inputByteArray[x] = (byte)i;
} des.Key = ASCIIEncoding.ASCII.GetBytes(sKey); //建立加密对象的密钥和偏移量,此值重要,不能修改
des.IV = ASCIIEncoding.ASCII.GetBytes(sKey);
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
StringBuilder ret = new StringBuilder(); //建立StringBuild对象,CreateDecrypt使用的是流对象,必须把解密后的文本变成流对象 return System.Text.Encoding.Default.GetString(ms.ToArray());
} /// <summary>
/// DEC 加密过程
/// </summary>
/// <param name="pToEncrypt">需要加密的字符串</param>
/// <param name="sKey">密钥</param>
/// <returns>加密后字符串</returns>
private string Encrypt(string pToEncrypt, string sKey)
{
DESCryptoServiceProvider des = new DESCryptoServiceProvider(); //把字符串放到byte数组中 byte[] inputByteArray = Encoding.Default.GetBytes(pToEncrypt);
//byte[] inputByteArray=Encoding.Unicode.GetBytes(pToEncrypt); des.Key = ASCIIEncoding.ASCII.GetBytes(sKey); //建立加密对象的密钥和偏移量
des.IV = ASCIIEncoding.ASCII.GetBytes(sKey); //原文使用ASCIIEncoding.ASCII方法的GetBytes方法
MemoryStream ms = new MemoryStream(); //使得输入密码必须输入英文文本
CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
StringBuilder ret = new StringBuilder();
foreach (byte b in ms.ToArray())
{
ret.AppendFormat("{0:X2}", b);
}
ret.ToString();
return ret.ToString();
}
/// <summary>
/// DEC 解密过程
/// </summary>
/// <param name="pToDecrypt">需要解密的字符串</param>
/// <param name="sKey">密钥</param>
/// <returns>解密后字符串</returns>
private string Decrypt(string pToDecrypt, string sKey)
{
DESCryptoServiceProvider des = new DESCryptoServiceProvider(); byte[] inputByteArray = new byte[pToDecrypt.Length / 2];
for (int x = 0; x < pToDecrypt.Length / 2; x++)
{
int i = (Convert.ToInt32(pToDecrypt.Substring(x * 2, 2), 16));
inputByteArray[x] = (byte)i;
} des.Key = ASCIIEncoding.ASCII.GetBytes(sKey); //建立加密对象的密钥和偏移量,此值重要,不能修改
des.IV = ASCIIEncoding.ASCII.GetBytes(sKey);
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
StringBuilder ret = new StringBuilder(); //建立StringBuild对象,CreateDecrypt使用的是流对象,必须把解密后的文本变成流对象 return System.Text.Encoding.Default.GetString(ms.ToArray());
} /// <summary>
/// DEC 加密过程
/// </summary>
/// <param name="pToEncrypt">需要加密的字符串</param>
/// <param name="sKey">密钥</param>
/// <returns>加密后字符串</returns>
private string Encrypt(string pToEncrypt, string sKey)
{
DESCryptoServiceProvider des = new DESCryptoServiceProvider(); //把字符串放到byte数组中 byte[] inputByteArray = Encoding.Default.GetBytes(pToEncrypt);
//byte[] inputByteArray=Encoding.Unicode.GetBytes(pToEncrypt); des.Key = ASCIIEncoding.ASCII.GetBytes(sKey); //建立加密对象的密钥和偏移量
des.IV = ASCIIEncoding.ASCII.GetBytes(sKey); //原文使用ASCIIEncoding.ASCII方法的GetBytes方法
MemoryStream ms = new MemoryStream(); //使得输入密码必须输入英文文本
CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
StringBuilder ret = new StringBuilder();
foreach (byte b in ms.ToArray())
{
ret.AppendFormat("{0:X2}", b);
}
ret.ToString();
return ret.ToString();
}
-------------
有没有考虑字符串长度的奇偶问题?如果字串长度为基数,按照你上面这句话,会少掉一个字符的。其实想把pToDecrypt加密,远不用这么复杂,直接将string转成byte数组就可以了。
byte[] result = new UTF8Encoding().GetBytes(pToDecrypt);
这就是明文。使用des加密得到byte[]的密文然后入库;解密是反过程:先解密成byte[]的明文,然后:
string 明文字符串 = new UTF8Encoding().GetString(解密后的byte[]对象)