我正在尝试加密和解密我的应用程序中的一些敏感数据。所以我在 .NET 7 中有 react-native 和 api 中的移动应用程序。但我找不到解决方案。我想做什么?
我想在 react-native 中加密我的敏感信息并将数据发送到 api 应用程序并在 .NET api 应用程序中解密它。
代码是我在react-native中加密的:
import CryptoJS from 'crypto-js';
import {iv, key} from '../../secretKey';
export function Encrypt(data) {
const iv = CryptoJS.lib.WordArray.random(17);
const encryptedData = CryptoJS.AES.encrypt(data, key, {
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7,
iv: iv,
}).toString();
const result = {
chiperText: encryptedData.toString(),
iv: iv,
};
return result;
}
下面的代码是我的 DecryptionHandler.cs:
private static byte[] DeriveKeyFromPassword(string password)
{
var emptySalt = Array.Empty<byte>();
var iterations = 1000;
var desiredKeyLength = 16; // 16 bytes equal 128 bits.
var hashMethod = HashAlgorithmName.SHA384;
return Rfc2898DeriveBytes.Pbkdf2(Encoding.Unicode.GetBytes(password),
emptySalt,
iterations,
hashMethod,
desiredKeyLength);
}
public static string DecryptStringAES(string cipherText)
{
var keybytes = DeriveKeyFromPassword(keySecret);
var iv = DeriveKeyFromPassword(keySecret);
var encrypted = Convert.FromBase64String(cipherText);
var decriptedFromJavascript = DecryptStringFromBytes(encrypted, keybytes, iv);
return string.Format(decriptedFromJavascript);
}
private static string DecryptStringFromBytes(byte[] cipherText, byte[] key, byte[] iv)
{
// Check arguments.
if (cipherText == null || cipherText.Length <= 0)
{
throw new ArgumentNullException("cipherText");
}
if (key == null || key.Length <= 0)
{
throw new ArgumentNullException("key");
}
if (iv == null || iv.Length <= 0)
{
throw new ArgumentNullException("key");
}
// Declare the string used to hold
// the decrypted text.
string plaintext = null;
// Create an RijndaelManaged object
// with the specified key and IV.
using (var rijAlg = new RijndaelManaged())
{
//Settings
rijAlg.Mode = CipherMode.CBC;
rijAlg.Padding = PaddingMode.PKCS7;
rijAlg.FeedbackSize = 128;
rijAlg.Key = key;
rijAlg.IV = iv;
// Create a decrytor to perform the stream transform.
var decryptor = rijAlg.CreateDecryptor(rijAlg.Key, rijAlg.IV);
try
{
// Create the streams used for decryption.
using (var msDecrypt = new MemoryStream(cipherText))
{
using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
{
using (var srDecrypt = new StreamReader(csDecrypt))
{
// Read the decrypted bytes from the decrypting stream
// and place them in a string.
plaintext = srDecrypt.ReadToEnd();
}
}
}
}
catch(Exception ex)
{
plaintext = ex.Message;
}
}
return plaintext;
}
我的控制器 api 用于解密来自客户端的数据:
[HttpPost("decrypt")]
public IActionResult Decrypt([FromBody] RegisterModel model)
{
string decryptedData = EncryptionHandler.DecryptStringAES(model.ChiperText);
// use decryptedData in your API logic
return Ok(new { decryptedData });
}
结果 我收到 “填充无效且无法删除。” 错误!我只需要以安全的方式加密我的数据并解密。
我正在尝试在 react-native 中使用“Encrypt”方法加密数据,并在 .NET 中使用“DecryptStringAES”方法解密。但是我得到了“填充无效,无法删除。”错误。