在SagePay表单集成中使用asp.net网页加密加密字段

Question

我总是得到一个错误:这是Crypt字段

 <form action="@SagePaySettings.FormPaymentUrl" method="POST" id="gopayment" name="gopayment">
        <input type="hidden" name="VPSProtocol" value="@SagePaySettings.ProtocolVersion.VersionString()">
        <input type="hidden" name="TxType" value="@SagePaySettings.DefaultTransactionType">
        <input type="hidden" name="Vendor" value="@SagePaySettings.VendorName">
        <input type="hidden" name="Crypt" value="@Crypt">

有人可以在c#中发送asp.net网页的加密例程吗？

sage pay团队在这方面帮不上忙。

它必须在CBC模式下使用AES(块大小为128位)进行加密，并使用提供的密码作为密钥和初始化向量进行PKCS#5填充，并将结果编码为十六进制(确保字母为大写)。

Answer 1

嗨，在分配搜索后，我已经处理了这个，所以我想显示答案，以防其他人需要这个。毫无疑问，这可以做得更好，因为我在asp和c#中只是一个开始，但它是有效的。

using System;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.IO;

public static class EncryptionHelper
{
    private static byte[] keyAndIvBytes;

    static EncryptionHelper()
    {
        // You'll need a more secure way of storing this, I this isn't
        // a real key
        keyAndIvBytes = UTF8Encoding.UTF8.GetBytes("123123123123123b");
    }

    public static string ByteArrayToHexString(byte[] ba)
    {
        return BitConverter.ToString(ba).Replace("-", "");
    }

    public static byte[] StringToByteArray(string hex)
    {
        return Enumerable.Range(0, hex.Length)
                         .Where(x => x % 2 == 0)
                         .Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
                         .ToArray();
    }

    public static string DecodeAndDecrypt(string cipherText)
    {
        string DecodeAndDecrypt = AesDecrypt(StringToByteArray(cipherText));
        return (DecodeAndDecrypt);
    }

    public static string EncryptAndEncode(string plaintext)
    {
        return ByteArrayToHexString(AesEncrypt(plaintext));
    }

    public static string AesDecrypt(Byte[] inputBytes)
    {
        Byte[] outputBytes = inputBytes;

        string plaintext = string.Empty;

        using (MemoryStream memoryStream = new MemoryStream(outputBytes))
        {
            using (CryptoStream cryptoStream = new CryptoStream(memoryStream, GetCryptoAlgorithm().CreateDecryptor(keyAndIvBytes, keyAndIvBytes), CryptoStreamMode.Read))
            {
                using (StreamReader srDecrypt = new StreamReader(cryptoStream))
                {
                    plaintext = srDecrypt.ReadToEnd();
                }
            }
        }

        return plaintext;
    }

    public static byte[] AesEncrypt(string inputText)
    {
        byte[] inputBytes = UTF8Encoding.UTF8.GetBytes(inputText);//AbHLlc5uLone0D1q

        byte[] result = null;
        using (MemoryStream memoryStream = new MemoryStream())
        {
            using (CryptoStream cryptoStream = new CryptoStream(memoryStream, GetCryptoAlgorithm().CreateEncryptor(keyAndIvBytes, keyAndIvBytes), CryptoStreamMode.Write))
            {
                cryptoStream.Write(inputBytes, 0, inputBytes.Length);
                cryptoStream.FlushFinalBlock();

                result = memoryStream.ToArray();
            }
        }

        return result;
    }


    private static RijndaelManaged GetCryptoAlgorithm()
    {
        RijndaelManaged algorithm = new RijndaelManaged();
        //set the mode, padding and block size
        algorithm.Padding = PaddingMode.PKCS7;
        algorithm.Mode = CipherMode.CBC;
        algorithm.KeySize = 128;
        algorithm.BlockSize = 128;
        return algorithm;
    }
}

我这样称呼这个类：-

string crypt = "blahblahblah";
string EncryptAndEncode = EncryptionHelper.EncryptAndEncode(crypt);
string DecodeAndDecrypt = EncryptionHelper.DecodeAndDecrypt(EncryptAndEncode);