加密和解密的字节数组

Question

我有使用测试以下的效用函数，以序列化我的对象到加密的字节数组，并且还从解密的字节数组

//encryption key 
public static byte[] Key = new byte[]{0x43, 0x72, 0x6e, 0x6d, 0x54, 0x4d, 0x65, 
             0x94, 0x16, 0x32, 0x44, 0x84, 0x7e, 0x18, 
             0x64, 0x76, 0x6e, 0x63, 0x64, 0x7a, 0x5f, 
             0x84, 0x7f, 0x9a}; 

//Decrypt byte[] 
public static byte[] Decrypt(byte[] data) 
{ 
    MemoryStream ms = new MemoryStream(); 
    Rijndael alg = Rijndael.Create(); 
    alg.Key = Key; 
    CryptoStream cs = new CryptoStream(ms, 
    alg.CreateDecryptor(), CryptoStreamMode.Write); 
    cs.Write(data, 0, data.Length); 
    cs.Close(); 
    byte[] decryptedData = ms.ToArray(); 
    return decryptedData; 
} 

//Encrypt byte[] 
public static byte[] Encrypt(byte[] data) 
{ 
    MemoryStream ms = new MemoryStream(); 
    Rijndael alg = Rijndael.Create(); 
    alg.Key = Key; 
    CryptoStream cs = new CryptoStream(ms, 
    alg.CreateEncryptor(), CryptoStreamMode.Write); 
    cs.Write(data, 0, data.Length); 
    cs.Close(); 
    byte[] encryptedData = ms.ToArray(); 
    return encryptedData; 
} 

//serialize object to memory stream 
public static MemoryStream SerializeToStream(object o) 
{ 
    MemoryStream stream = new MemoryStream(); 
    IFormatter formatter = new BinaryFormatter(); 
    formatter.Serialize(stream, o); 
    return stream; 
} 

//deserialize object from memory stream 
public static T DerializeFromStream<T>(MemoryStream memoryStream) where T : new() 
{ 
    if (memoryStream == null) { return new T(); } 
    T o; 
    BinaryFormatter binaryFormatter = new BinaryFormatter(); 
    using (memoryStream) 
    { 
     memoryStream.Seek(0, SeekOrigin.Begin); 
     o = (T)binaryFormatter.Deserialize(memoryStream); 
    } 
    return o; 
} 

反序列化，在这里上述的效用函数

//serialize to stream then to byte array 
var obj = new SomeObject(); 
var bytes = SerializeToStream(obj).ToArray(); 
bytes = Encrypt(bytes); 

//deserialize to decrypted byte array then to stream then to object 
var memoryStream = new MemoryStream(); 
var Decryptedbytearray = Decrypt(bytes); 
//fille the stream 
memoryStream.Write(Decryptedbytearray, 0, Decryptedbytearray.Length); 
//deserialize the object from the stream 
//it fails here giving an exception saying the binary data is not valid 
var obj2 = DerializeFromStream<SomeObject>(memoryStream); 

反序列化对象时出现问题，请参阅注释最后一行，我做错了什么？

Answer 1

如果你调试你的代码，你会发现它不能正确解密。原因是你不仅要使用相同的key，还要使用相同的IV。

从MSDN：

的IV属性无论何时创建新实例SymmetricAlgorithm类之一的自动设定为一个新的随机值或当手动调用GenerateIV方法。 IV特性的大小必须是相同的块大小属性除以8

看看this question关于如何创建密钥并从密码一个IV细节。