共用方式為


CryptographicEngine.DecryptAndAuthenticate 方法

定義

解密並驗證資料。 如需詳細資訊和完整的程式碼範例,請參閱 EncryptedAndAuthenticatedData

public:
 static IBuffer ^ DecryptAndAuthenticate(CryptographicKey ^ key, IBuffer ^ data, IBuffer ^ nonce, IBuffer ^ authenticationTag, IBuffer ^ authenticatedData);
 static IBuffer DecryptAndAuthenticate(CryptographicKey const& key, IBuffer const& data, IBuffer const& nonce, IBuffer const& authenticationTag, IBuffer const& authenticatedData);
public static IBuffer DecryptAndAuthenticate(CryptographicKey key, IBuffer data, IBuffer nonce, IBuffer authenticationTag, IBuffer authenticatedData);
function decryptAndAuthenticate(key, data, nonce, authenticationTag, authenticatedData)
Public Shared Function DecryptAndAuthenticate (key As CryptographicKey, data As IBuffer, nonce As IBuffer, authenticationTag As IBuffer, authenticatedData As IBuffer) As IBuffer

參數

key
CryptographicKey

要使用的對稱金鑰。

data
IBuffer

要解密和驗證的資料。

nonce
IBuffer

要使用的 Nonce。 這必須是 EncryptAndAuthenticate 方法所使用的相同 nonce。

authenticationTag
IBuffer

驗證標籤。

authenticatedData
IBuffer

已驗證的資料。 這可以是 Null

傳回

包含解密資料的緩衝區。如果方法失敗,驗證就會失敗;如果方法成功,驗證也會成功。

範例

public void AuthenticatedDecryption(
    String strAlgName,
    CryptographicKey key,
    EncryptedAndAuthenticatedData objEncrypted,
    BinaryStringEncoding encoding,
    IBuffer buffNonce)
{
    // Declare a buffer to contain the decrypted data.
    IBuffer buffDecrypted;

    // Open a SymmetricKeyAlgorithmProvider object for the specified algorithm.
    SymmetricKeyAlgorithmProvider objAlgProv = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);

    // The input key must be securely shared between the sender of the encrypted message
    // and the recipient. The nonce must also be shared but does not need to be shared
    // in a secure manner. If the sender encodes the message string to a buffer, the
    // binary encoding method must also be shared with the recipient.
    // The recipient uses the DecryptAndAuthenticate() method as follows to decrypt the 
    // message, authenticate it, and verify that it has not been altered in transit.
    buffDecrypted = CryptographicEngine.DecryptAndAuthenticate(
        key,
        objEncrypted.EncryptedData,
        buffNonce,
        objEncrypted.AuthenticationTag,
        null);

    // Convert the decrypted buffer to a string (for display). If the sender created the
    // original message buffer from a string, the sender must tell the recipient what 
    // BinaryStringEncoding value was used. Here, BinaryStringEncoding.Utf8 is used to
    // convert the message to a buffer before encryption and to convert the decrypted
    // buffer back to the original plaintext.
    String strDecrypted = CryptographicBuffer.ConvertBinaryToString(encoding, buffDecrypted);

}

備註

已驗證的加密會加密,並在一個作業中驗證內容。 驗證器也稱為標籤,會在加密期間使用,而進程的輸出包含標籤加密文字組。 如需詳細資訊,請參閱 AuthenticationTagEncryptedData 屬性。 解密程式會根據標記驗證加密文字。

您可以在SymmetricKeyAlgorithmProvider類別上呼叫OpenAlgorithm方法,並指定要開啟的演算法名稱之後,使用已驗證的加密演算法。 已驗證加密和解密支援下列演算法名稱:

適用於

另請參閱