aes解密和加密

o2rvlv0m  于 2021-06-20  发布在  Mysql
关注(0)|答案(1)|浏览(614)

我用这个代码来加密我的数据。不幸的是,总是有这样的错误:
输入不是有效的基64字符串,因为它包含非基64字符、两个以上的空格或空格中的无效字符。
这是我的代码-->

  1. public static string IV = "abababababababab";  // 16 chars = 128 bytes
  2.     public static string Key = "abababababababababababababababab";   // 32 chars = 256 bytes
  3.     public static string Encrypt(string decrypted)
  4.     {
  5.         byte[] textbytes = ASCIIEncoding.ASCII.GetBytes(decrypted);
  6.         AesCryptoServiceProvider encdec = new AesCryptoServiceProvider();
  7.         encdec.BlockSize = 128;
  8.         encdec.KeySize = 256;
  9.         encdec.Key = ASCIIEncoding.ASCII.GetBytes(Key);
  10.         encdec.IV = ASCIIEncoding.ASCII.GetBytes(IV);
  11.         encdec.Padding = PaddingMode.PKCS7;
  12.         encdec.Mode = CipherMode.CBC;
  14.         ICryptoTransform icrypt = encdec.CreateEncryptor(encdec.Key, encdec.IV);
  16.         byte[] enc = icrypt.TransformFinalBlock(textbytes, 0, textbytes.Length);
  17.         icrypt.Dispose();
  19.         return Convert.ToBase64String(enc);
  20.     }
  22.     public static string Decrypt(string encrypted)
  23.     {
  24.         byte[] encbytes = Convert.FromBase64String(encrypted);
  25.         AesCryptoServiceProvider encdec = new AesCryptoServiceProvider();
  26.         encdec.BlockSize = 128;
  27.         encdec.KeySize = 256;
  28.         encdec.Key = ASCIIEncoding.ASCII.GetBytes(Key);
  29.         encdec.IV = ASCIIEncoding.ASCII.GetBytes(IV);
  30.         encdec.Padding = PaddingMode.PKCS7;
  31.         encdec.Mode = CipherMode.CBC;
  33.         ICryptoTransform icrypt = encdec.CreateDecryptor(encdec.Key, encdec.IV);
  35.         byte[] dec = icrypt.TransformFinalBlock(encbytes, 0, encbytes.Length);
  36.         icrypt.Dispose();
  38.         return ASCIIEncoding.ASCII.GetString(dec);
  39.     }

这是我的登录表-->

  1. private void buttonlogin_Click(object sender, EventArgs ex)
  2.     {
  3.         if (textboxusername.Text.Length < 2 || textboxpassword.Text.Length < 4)
  4.         {
  5.             FormMsbOk.Show("Username or Password is too short!","Ok");
  6.         }
  7.         else
  8.         {
  9.             MySqlConnection con;
  10.             con = new MySqlConnection(myConnectionString);
  11.             try
  12.             {
  13.                 con.Open();
  14.                 string exists = $"CREATE TABLE IF NOT EXISTS `userlogin`.`userlogin` " +
  15.                 $"( `id` INT NOT NULL AUTO_INCREMENT , `username` VARCHAR(64)" +
  16.                 $" NOT NULL , `password` VARCHAR(64) NOT NULL , `prename` VARCHAR(64)" +
  17.                 $" NOT NULL , `surname` VARCHAR(64) NOT NULL , `emailadress` VARCHAR(64)" +
  18.                 $" NOT NULL , PRIMARY KEY (`id`)) ENGINE = InnoDB;";
  19.                 MySqlCommand cmd = new MySqlCommand(exists, con);
  20.                 cmd.ExecuteNonQuery();
  22.                 string user = AesCrypt.Encrypt(textboxusername.Text);
  23.                 string pass = AesCrypt.Encrypt(textboxpassword.Text);
  24.                 string encusr = $"SELECT * FROM userlogin WHERE username='{user}';";
  25.                 string encpass = $"SELECT * FROM userlogin WHERE password='{pass}';";
  27.                 string decusr = AesCrypt.Decrypt(encusr);
  28.                 string decpass = AesCrypt.Decrypt(encpass);
  30.                 if (decusr == textboxusername.Text && decpass == textboxpassword.Text)
  31.                 {
  32.                     FormMsbOk.Show("You logged in successfully as user: " + textboxusername.Text, "Ok");
  33.                     con.Close();
  34.                     this.Hide();
  35.                     var main = new FormMain();
  36.                     main.Closed += (s, args) => this.Close();
  37.                     main.Show();
  38.                 }
  39.                 else
  40.                 {
  41.                     textboxusername.Clear();
  42.                     textboxpassword.Clear();
  43.                     FormMsbOk.Show("Error Username or password is wrong!", "Ok");
  44.                 }
  45.             }
  46.             catch (Exception nocon)
  47.             {
  48.                 textboxusername.Clear();
  49.                 textboxpassword.Clear();
  50.                 FormMsbOk.Show("Can not open connection! " + nocon.Message,"Ok");
  51.             }

这是我的登记表-->

  1. private void buttonregister_Click(object sender, EventArgs e)
  2.     {
  3.         if (textboxusername.Text.Length < 2 || textboxpassword.Text.Length < 4)
  4.         {
  5.             FormMsbOk.Show("Username or Password is too short! " +
  6.                 "The minimum for the user name is 2 characters and for " +
  7.                 "the password is 4 characters. ", "Ok");
  8.         }
  9.         else
  10.         {
  11.             MySqlConnection con;
  12.             con = new MySqlConnection(myConnectionString);
  13.             try
  14.             {
  15.                 con.Open();
  16.                 string exists = $"CREATE TABLE IF NOT EXISTS `userlogin`.`userlogin` " +
  17.                 $"( `id` INT NOT NULL AUTO_INCREMENT , `username` VARCHAR(64)" +
  18.                 $" NOT NULL , `password` VARCHAR(64) NOT NULL , `prename` VARCHAR(64)" +
  19.                 $" NOT NULL , `surname` VARCHAR(64) NOT NULL , `emailadress` VARCHAR(64)" +
  20.                 $" NOT NULL , PRIMARY KEY (`id`)) ENGINE = InnoDB;";
  21.                 MySqlCommand emdexists = new MySqlCommand(exists, con);
  22.                 emdexists.ExecuteNonQuery();
  23.                 string encusr = AesCrypt.Encrypt(textboxusername.Text);
  24.                 string encpass = AesCrypt.Encrypt(textboxpassword.Text);
  25.                 string encprename = AesCrypt.Encrypt(textboxprename.Text);
  26.                 string enclastname = AesCrypt.Encrypt(textboxlastname.Text);
  27.                 string encemail = AesCrypt.Encrypt(textboxemail.Text);
  28.                 string insert = $"INSERT INTO `userlogin`.`userlogin` " +
  29.                     $"(`username`, `password`, `prename`, `surname`, `emailadress`) " +
  30.                     $"VALUES ('" + encusr + "', '" + encpass + "', '" + encprename + "'," +
  31.                     " '" + enclastname + "', '" + encemail + "');";
  32.                 MySqlCommand cmdinsert = new MySqlCommand(insert, con);
  33.                 cmdinsert.ExecuteNonQuery();
  34.                 con.Close();
  35.                 FormMsbOk.Show("Registriert", "Ok");
  36.                 textboxusername.Clear();
  37.                 textboxpassword.Clear();
  38.                 textboxprename.Clear();
  39.                 textboxlastname.Clear();
  40.                 textboxrepeat.Clear();
  41.                 textboxemail.Clear();
  42.             }
  43.             catch (Exception nocon)
  44.             {
  45.                 FormMsbOk.Show("Can not open connection! " + nocon.Message, "Ok");
  46.             }
  47.         }
mysqlc#Encryptionutf-8Ascii

1条答案

按热度按时间
ubbxdtey

ubbxdtey1#

看一看 string decusr = AesCrypt.Decrypt(encusr); 并在该行上使用断点查看 encusr 在那一点上。
您正在将包含sql查询的字符串传递给 AesCrypt.Decrypt 方法,该方法希望给定一个要解密的加密值。您可能希望它处理运行该查询的结果,而不是查询本身。
其他提示: MySqlConnection 以及 MySqlCommand 两者都是 IDisposable 所以每个都应该在一个 using 阻止。一旦完成此操作,就不必担心关闭连接,因为退出using块将处理连接,这将调用close。注意,即使代码在块中抛出异常,它也会关闭它。
如果使用字符串连接来构造查询,它很容易受到sql注入攻击(以及其他问题):请改用sql参数。
正如其他人在评论中提到的,存储密码的散列而不是加密是一种好的做法。加密是一个双向的过程,它允许某人通过解密来发现密码。散列是一个单向但可重复的过程。不是试图解密存储的密码,而是创建输入密码的哈希值,并检查哈希值是否与实际密码的存储哈希值相同。但一定要用腌土豆条。

赞(0)分享  回复(0)举报  2021-06-20
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com