CryptographicEngine.DecryptAndAuthenticate 方法
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
解密並驗證資料。 如需詳細資訊和完整的程式碼範例,請參閱 EncryptedAndAuthenticatedData。
public:
static IBuffer ^ DecryptAndAuthenticate(CryptographicKey ^ key, IBuffer ^ data, IBuffer ^ nonce, IBuffer ^ authenticationTag, IBuffer ^ authenticatedData);
static IBuffer DecryptAndAuthenticate(CryptographicKey const& key, IBuffer const& data, IBuffer const& nonce, IBuffer const& authenticationTag, IBuffer const& authenticatedData);
public static IBuffer DecryptAndAuthenticate(CryptographicKey key, IBuffer data, IBuffer nonce, IBuffer authenticationTag, IBuffer authenticatedData);
function decryptAndAuthenticate(key, data, nonce, authenticationTag, authenticatedData)
Public Shared Function DecryptAndAuthenticate (key As CryptographicKey, data As IBuffer, nonce As IBuffer, authenticationTag As IBuffer, authenticatedData As IBuffer) As IBuffer
參數
- key
- CryptographicKey
要使用的對稱金鑰。
- data
- IBuffer
要解密和驗證的資料。
- nonce
- IBuffer
要使用的 Nonce。 這必須是 EncryptAndAuthenticate 方法所使用的相同 nonce。
- authenticationTag
- IBuffer
驗證標籤。
- authenticatedData
- IBuffer
已驗證的資料。 這可以是 Null。
傳回
包含解密資料的緩衝區。如果方法失敗,驗證就會失敗;如果方法成功,驗證也會成功。
範例
public void AuthenticatedDecryption(
String strAlgName,
CryptographicKey key,
EncryptedAndAuthenticatedData objEncrypted,
BinaryStringEncoding encoding,
IBuffer buffNonce)
{
// Declare a buffer to contain the decrypted data.
IBuffer buffDecrypted;
// Open a SymmetricKeyAlgorithmProvider object for the specified algorithm.
SymmetricKeyAlgorithmProvider objAlgProv = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);
// The input key must be securely shared between the sender of the encrypted message
// and the recipient. The nonce must also be shared but does not need to be shared
// in a secure manner. If the sender encodes the message string to a buffer, the
// binary encoding method must also be shared with the recipient.
// The recipient uses the DecryptAndAuthenticate() method as follows to decrypt the
// message, authenticate it, and verify that it has not been altered in transit.
buffDecrypted = CryptographicEngine.DecryptAndAuthenticate(
key,
objEncrypted.EncryptedData,
buffNonce,
objEncrypted.AuthenticationTag,
null);
// Convert the decrypted buffer to a string (for display). If the sender created the
// original message buffer from a string, the sender must tell the recipient what
// BinaryStringEncoding value was used. Here, BinaryStringEncoding.Utf8 is used to
// convert the message to a buffer before encryption and to convert the decrypted
// buffer back to the original plaintext.
String strDecrypted = CryptographicBuffer.ConvertBinaryToString(encoding, buffDecrypted);
}
備註
已驗證的加密會加密,並在一個作業中驗證內容。 驗證器也稱為標籤,會在加密期間使用,而進程的輸出包含標籤加密文字組。 如需詳細資訊,請參閱 AuthenticationTag 和 EncryptedData 屬性。 解密程式會根據標記驗證加密文字。
您可以在SymmetricKeyAlgorithmProvider類別上呼叫OpenAlgorithm方法,並指定要開啟的演算法名稱之後,使用已驗證的加密演算法。 已驗證加密和解密支援下列演算法名稱:
- SymmetricAlgorithmNames.AesGcm
- SymmetricAlgorithmNames.AesCcm 如需包含下列程式碼範例的完整範例,請參閱 EncryptedAndAuthenticatedData 類別。