【发布时间】:2013-06-30 08:47:05
【问题描述】:
我正在使用 Visual Basic.net 并且有以下 System.Security.Cryptography.CryptographicException 异常:
填充无效,无法移除。
这是我的代码:
Public Sub SaveEncryptedObjectToFile(FileName As String, Item As Object)
Dim fs As FileStream
Dim encryptor As CryptoStream
Dim formatter As New BinaryFormatter
Dim password As String = "MyPassword"
Dim salt As String = "InitialVector123"
Dim AES As AesManaged = New AesManaged
AES.Padding = PaddingMode.PKCS7
AES.Mode = CipherMode.CBC
Dim HashAlgorithm As String = "SHA1" 'Can be SHA1 or MD5
Dim PasswordIterations As Integer = 2
Dim InitialVector As String = "InitialVector123" 'This should be a string of 16 ASCII characters.
Dim KeySize As Integer = 256 'Can be 128, 192, or 256.
Dim InitialVectorBytes As Byte() = Encoding.ASCII.GetBytes(InitialVector)
Dim SaltValueBytes As Byte() = Encoding.ASCII.GetBytes(salt)
Dim DerivedPassword As PasswordDeriveBytes = New PasswordDeriveBytes(password, SaltValueBytes, HashAlgorithm, PasswordIterations)
Dim KeyBytes As Byte() = DerivedPassword.GetBytes(CInt(KeySize / 8))
Dim encryptTransf As ICryptoTransform = AES.CreateEncryptor(KeyBytes, InitialVectorBytes)
fs = New FileStream(FileName, FileMode.Create)
encryptor = New CryptoStream(fs, encryptTransf, CryptoStreamMode.Write)
Try
formatter.Serialize(encryptor, Item)
Catch e As SerializationException
Console.WriteLine("Failed to serialize. Reason: " & e.Message)
Throw
Finally
fs.Close()
End Try
End Sub
Public Function OpenEncryptedObjectFromFile(FileName As String) As Object
Dim fs As New FileStream(FileName, FileMode.Open)
Dim decryptor As CryptoStream
Dim ItemToReturn As New Object
Dim password As String = "MyPassword"
Dim salt As String = "InitialVector123"
Dim AES As AesManaged = New AesManaged
AES.Padding = PaddingMode.PKCS7
AES.Mode = CipherMode.CBC
Dim HashAlgorithm As String = "SHA1" 'Can be SHA1 or MD5
Dim PasswordIterations As Integer = 2
Dim InitialVector As String = "InitialVector123" 'This should be a string of 16 ASCII characters.
Dim KeySize As Integer = 256 'Can be 128, 192, or 256.
Dim InitialVectorBytes As Byte() = Encoding.ASCII.GetBytes(InitialVector)
Dim SaltValueBytes As Byte() = Encoding.ASCII.GetBytes(salt)
Dim DerivedPassword As PasswordDeriveBytes = New PasswordDeriveBytes(password, SaltValueBytes, HashAlgorithm, PasswordIterations)
Dim KeyBytes As Byte() = DerivedPassword.GetBytes(CInt(KeySize / 8))
'Dim KeyBytes As Byte() = Rfc2898DeriveBytes(CInt(KeySize / 8))
Dim decryptTrans As ICryptoTransform = AES.CreateDecryptor(KeyBytes, InitialVectorBytes)
Try
Dim formatter As New BinaryFormatter
decryptor = New CryptoStream(fs, decryptTrans, CryptoStreamMode.Read)
ItemToReturn = DirectCast(formatter.Deserialize(decryptor), Object)
Return ItemToReturn
Catch e As SerializationException
Console.WriteLine("Failed to deserialize. Reason: " & e.Message)
Throw
Finally
fs.Close()
End Try
End Function
异常发生在以下行:
ItemToReturn = DirectCast(formatter.Deserialize(decryptor), Object)
我不确定这是否与 CryptographicException 有任何关系,但我目前收到以下警告:
'Public Overrides Function GetBytes(cb As Integer) As Byte()' 已过时:'Rfc2898DeriveBytes 取代 PasswordDeriveBytes 以从密码中派生密钥材料,在新应用程序中是首选。'。
在这一行:
Dim KeyBytes As Byte() = DerivedPassword.GetBytes(CInt(KeySize / 8))
我在网上查了一下,找不到任何可行的解决方案来解决这个警告。
【问题讨论】:
标签: vb.net exception visual-studio-2012 cryptography deserialization