填充无效，解密字符串时无法移除答案

【问题标题】：Padding is invalid and cannot be removed when decrypting string填充无效，解密字符串时无法移除
【发布时间】：2016-11-15 09:02:35
【问题描述】：

我有一个 AES 加密有效负载的网页，以及一个要在站点的查询字符串中发送的公钥（这是客户的请求，不是我的选择），有效负载将在其中被解密并采取行动。

这是网页：

<!DOCTYPE html>
<html>
<head>
    <title></title>
    <meta charset="utf-8" />
</head>
<body>

</body>

</html>

<script src="Scripts/CryptoJS/core.js"></script>
<script src="Scripts/CryptoJS/cipher-core.js"></script>
<script src="Scripts/CryptoJS/aes.js"></script>
<script src="Scripts/CryptoJS/enc-utf16.js"></script>
<script src="Scripts/CryptoJS/enc-base64.js"></script>

<script>
    var payload = "you can do this Rick!";
    var keyvalue = '1234567890ABCDEF';

    var key = CryptoJS.enc.Utf8.parse(keyvalue);
    var iv = CryptoJS.enc.Utf8.parse(keyvalue);


    var encrypted = CryptoJS.AES.encrypt(CryptoJS.enc.Utf8.parse(payload), key,
       {
           keySize: 128 ,
           iv: iv,
           mode: CryptoJS.mode.CBC,
           padding: CryptoJS.pad.Pkcs7
       });

    window.location = "Home/To?encrptedPayload=" + encrypted + "&ivPublicKeyNonEncrypted=" + keyvalue;

</script>

这是接收调用的控制器：

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Web;
using System.Web.Mvc;

namespace Workbench2.Controllers
{
    public class HomeController : Controller
    {
        byte[] Key = Encoding.UTF8.GetBytes("1234567890ABCDEF");

        public ActionResult Index()
        {
            return View();
        }

        public ActionResult To(string encrptedPayload, string ivPublicKeyNonEncrypted)
        {
            string result = "";

            var bIv = Encoding.UTF8.GetBytes(ivPublicKeyNonEncrypted);

            // Create an RijndaelManaged object
            // with the specified key and IV.
            using (RijndaelManaged rijAlg = new RijndaelManaged())
            {
                rijAlg.KeySize = 128;
                rijAlg.Key = Key;
                rijAlg.IV = bIv;
                rijAlg.Padding=PaddingMode.PKCS7;
                rijAlg.Mode=CipherMode.CBC;

                // Create a decrytor to perform the stream transform.
                ICryptoTransform decryptor = rijAlg.CreateDecryptor(rijAlg.Key, rijAlg.IV);                

                // Create the streams used for decryption.
                var bPayload = Encoding.UTF8.GetBytes(encrptedPayload);
                using (MemoryStream msDecrypt = new MemoryStream(bPayload))
                {
                    using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                    {
                        using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                        {
                            // Read the decrypted bytes from the decrypting stream
                            // and place them in a string.
                            result = srDecrypt.ReadToEnd(); // THIS LINE THROWS ERROR                            }
                    }
                }

            }

            return View(result);
        }               
    }
}

我收到消息“填充无效，无法删除。”当以下行执行时：

结果 = srDecrypt.ReadToEnd();

【问题讨论】：

如果您对加密字符串进行 URL 编码，会有所不同吗？

标签： c# .net encryption

【解决方案1】：

加密的数据是二进制，除非您以某种方式对其进行了编码 - see e.g. this，否则您无法将其传递到字符串中。如果您需要以字符串形式移动它，请使用base64 之类的编码。

【讨论】：