From b6c9d9885a59bdcce920d68ee115a26fbddf143f Mon Sep 17 00:00:00 2001
From: Fu Diwei <fudiwei@sina.com>
Date: Mon, 18 Oct 2021 17:31:32 +0800
Subject: [PATCH] =?UTF-8?q?fix(wxapi):=20=E4=BF=AE=E5=A4=8D=20AES=20?=
 =?UTF-8?q?=E8=A7=A3=E5=AF=86=E7=BB=93=E6=9E=9C=E7=BB=93=E5=B0=BE=E6=9C=89?=
 =?UTF-8?q?=E5=86=97=E4=BD=99=E7=9A=84=E7=A9=BA=E7=99=BD=E5=AD=97=E7=AC=A6?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Utilities/AESUtility.cs                   | 21 ++++++++-----------
 1 file changed, 9 insertions(+), 12 deletions(-)

diff --git a/src/SKIT.FlurlHttpClient.Wechat.Api/Utilities/AESUtility.cs b/src/SKIT.FlurlHttpClient.Wechat.Api/Utilities/AESUtility.cs
index 40239248..07d0a63f 100644
--- a/src/SKIT.FlurlHttpClient.Wechat.Api/Utilities/AESUtility.cs
+++ b/src/SKIT.FlurlHttpClient.Wechat.Api/Utilities/AESUtility.cs
@@ -11,13 +11,13 @@ namespace SKIT.FlurlHttpClient.Wechat.Api.Utilities
     public static class AESUtility
     {
         /// <summary>
-        /// 解密数据。
+        /// 基于 CBC 模式解密数据。
         /// </summary>
         /// <param name="keyBytes">AES 密钥字节数组。</param>
         /// <param name="ivBytes">加密使用的初始化向量字节数组。</param>
         /// <param name="cipherBytes">待解密数据字节数组。</param>
         /// <returns>解密后的数据字节数组。</returns>
-        public static byte[] Decrypt(byte[] keyBytes, byte[] ivBytes, byte[] cipherBytes)
+        public static byte[] DecryptWithCBC(byte[] keyBytes, byte[] ivBytes, byte[] cipherBytes)
         {
             if (keyBytes == null) throw new ArgumentNullException(nameof(keyBytes));
             if (ivBytes == null) throw new ArgumentNullException(nameof(ivBytes));
@@ -25,32 +25,29 @@ namespace SKIT.FlurlHttpClient.Wechat.Api.Utilities
 
             using (SymmetricAlgorithm aes = Aes.Create())
             {
+                aes.Mode = CipherMode.CBC;
+                aes.Padding = PaddingMode.PKCS7;
                 aes.Key = keyBytes;
                 aes.IV = ivBytes;
 
-                using (Stream ms = new MemoryStream(cipherBytes))
-                using (Stream cs = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Read))
-                {
-                    byte[] plainBytes = new byte[cipherBytes.Length];
-                    cs.Read(plainBytes, 0, plainBytes.Length);
-                    return plainBytes;
-                }
+                using ICryptoTransform transform = aes.CreateDecryptor();
+                return transform.TransformFinalBlock(cipherBytes, 0, cipherBytes.Length);
             }
         }
 
         /// <summary>
-        /// 解密数据。
+        /// 基于 CBC 模式解密数据。
         /// </summary>
         /// <param name="encodingKey">经 Base64 编码后的 AES 密钥。</param>
         /// <param name="encodingIV">经 Base64 编码后的 AES 初始化向量。</param>
         /// <param name="encodingCipherText">经 Base64 编码后的待解密数据。</param>
         /// <returns>解密后的文本数据。</returns>
-        public static string Decrypt(string encodingKey, string encodingIV, string encodingCipherText)
+        public static string DecryptWithCBC(string encodingKey, string encodingIV, string encodingCipherText)
         {
             if (encodingKey == null) throw new ArgumentNullException(nameof(encodingKey));
             if (encodingCipherText == null) throw new ArgumentNullException(nameof(encodingCipherText));
 
-            byte[] plainBytes = Decrypt(
+            byte[] plainBytes = DecryptWithCBC(
                 keyBytes: Convert.FromBase64String(encodingKey),
                 ivBytes: Convert.FromBase64String(encodingIV),
                 cipherBytes: Convert.FromBase64String(encodingCipherText)