[英]How to decrypt with WinRT without changing existing encryption code in .NET Desktop App?
I have a little problem with the whole encrypt/decrypt cr*p ;-) 我对整个加密/解密cr * p有一点问题;-)
Is it possible to decrypt data in WinRt (Windows Store App) which was encrypted in a .NET Desktop Application and vice versa? 是否可以在WinRt(Windows应用商店)中解密在.NET桌面应用程序中加密的数据,反之亦然? I cannot change the code of the Desktop App because it is already in use.
我无法更改桌面应用程序的代码,因为它已在使用中。
I already tried a few tutorials for the CryptographicEngine in WinRT but I never get results which match with the ones from the Desktop App. 我已经尝试过WinRT中有关CryptographicEngine的一些教程,但是我从未获得与Desktop App匹配的结果。
Maybe somebody could help me? 也许有人可以帮我吗? I'm very new to .NET development and I never really did anything with Encryption so I have no idea what I'm doing ;-)
我对.NET开发非常陌生,我从来没有真正使用Encryption做任何事情,所以我不知道自己在做什么;-)
Here is some of the code used in the Desktop App - I can't change that code! 这是桌面应用程序中使用的一些代码-我无法更改该代码!
private string pwd = "password";
private string salt = "salt";
public byte[] Encrypt(byte[] data)
{
PasswordDeriveBytes derivedPassword = new PasswordDeriveBytes(pwd, Encoding.ASCII.GetBytes(salt));
byte[] key = derivedPassword.GetBytes(16);
byte[] iv = Encoding.ASCII.GetBytes("1234567891234567");
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
byte[] cipherBytes = null;
using (ICryptoTransform encryptor = symmetricKey.CreateEncryptor(key, iv))
{
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cryptoStream = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(data, 0, data.Length);
cryptoStream.FlushFinalBlock();
cryptoStream.Close();
cipherBytes = ms.ToArray();
ms.Close();
}
}
}
symmetricKey.Clear();
return cipherBytes;
}
Here an example method that I tried in WinRT - but the result was different to that from the Desktop App (Most of the code is from http://blog.lordinaire.fr/2012/12/winrt-encryption-and-decryption-with-aes-algorithm/ ) 这是我在WinRT中尝试过的示例方法-但结果与桌面应用程序不同(大多数代码来自http://blog.lordinaire.fr/2012/12/winrt-encryption-and-decryption- with-aes-algorithm / )
non functioning code was removed - see edit 无效代码已删除-请参见编辑
I would really apreciate some help 我真的很感谢您的帮助
greetings from Austria 来自奥地利的问候
Edit I tried a few things, but I still could not get it to work right :( I just can't get the right key. To test the encryption nonetheless, I hardcoded the key - then it works. 编辑我尝试了一些尝试,但是我仍然无法使其正常工作:(我只是无法获得正确的密钥。尽管如此,为了测试加密,我对密钥进行了硬编码-然后它可以工作。
Like Nate Diamond suggested, I used the KeyDerivationAlogrithm with an empty salt and an already salted password. 就像Nate Diamond所建议的那样,我将KeyDerivationAlogrithm与空盐和已经加盐的密码一起使用。 One problem is, I don't know how "to salt".
一个问题是,我不知道如何“加盐”。 I tried putting the salt in front, at the end, in the middle and alternating every symbol - still not the right key :( Here the code I was using:
我尝试将盐放在前面,后面,中间,并交替每个符号-仍然不是正确的键:(这是我正在使用的代码:
// password = 11112222333344445555 // salt = aaaabbbbccccddddeeee
private string password = "11112222333344445555aaaabbbbccccddddeeee";
private byte[] salt = new byte[20];
private uint iterationCount = 100;
private static byte[] keyBytes = null;
public static byte[] KeyBytes
{
get
{
//for (int i = 0; i < salt.Length; i++)
//{
// salt[i] = 0;
//}
// Setup KDF parameters for the desired salt and iteration count
KeyDerivationParameters kdfParameters = KeyDerivationParameters.BuildForPbkdf2(CryptographicBuffer.CreateFromByteArray(salt), iterationCount);
// Get a KDF provider for PBKDF2, and store the source password in a Cryptographic Key
KeyDerivationAlgorithmProvider kdf = KeyDerivationAlgorithmProvider.OpenAlgorithm(KeyDerivationAlgorithmNames.Pbkdf2Sha1);
IBuffer passwordBuffer = CryptographicBuffer.ConvertStringToBinary(password, BinaryStringEncoding.Utf8);
CryptographicKey passwordSourceKey = kdf.CreateKey(passwordBuffer);
// Generate key material from the source password, salt, and iteration count. Only call DeriveKeyMaterial once,
// since calling it twice will generate the same data for the key and IV.
uint totalDataNeeded = 16;
IBuffer keyAndIv = CryptographicEngine.DeriveKeyMaterial(passwordSourceKey, kdfParameters, totalDataNeeded);
// Split the derived bytes into a seperate key and IV
keyBytes = keyAndIv.ToArray();
return keyBytes;
}
}
Here the code of my encrypt method - it yields the same result as the one in the .NET Desktop App :) 这是我的加密方法的代码-它产生的结果与.NET Desktop App中的结果相同:)
private byte[] btVector = Encoding.UTF8.GetBytes("1234567891234567");
private byte[] keyBytes = Encoding.UTF8.GetBytes("123456789123456789123456");
public byte[] Encrypt(byte[] data)
{
// Get the key and iv and put all into IBuffers
IBuffer keyBuffer = WindowsRuntimeBuffer.Create(KeyBytes, 0, 16, 16); ;
IBuffer iv = WindowsRuntimeBuffer.Create(InitialVectorBytes, 0, 16, 16);
IBuffer plainText = CryptographicBuffer.CreateFromByteArray(data);
byte[] encryptedData;
// Setup an AES key, using AES in CBC mode and applying PKCS#7 padding on the input
SymmetricKeyAlgorithmProvider aesProvider = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);
CryptographicKey aesKeySymm = aesProvider.CreateSymmetricKey(keyBuffer);
// Encrypt the data and convert it to byte array
IBuffer encrypted = CryptographicEngine.Encrypt(aesKeySymm, plainText, iv);
CryptographicBuffer.CopyToByteArray(encrypted, out encryptedData);
return encryptedData;
}
PBKDF[1/2] are basically this: PBKDF [1/2]基本上是这样的:
1. Take a password.
2. Add a salt.
3. Hash the combined password and salt. Store in `result`
4. For (number of iterations)
1. Hash `result`, store in `result`.
The big difference between PBKDF1 and PBKDF2 is the first part of step 4. In PBKDF1, it is as printed. PBKDF1和PBKDF2之间的最大区别是步骤4的第一部分。在PBKDF1中,它是印刷而成的。 In PBKDF2, it changes to this:
在PBKDF2中,它更改为:
4. For (number of iterations)
1. Combine `result` and `salt`. Store in `result`
2. Hash `result`, store in `result`.
So, you have a few options. 因此,您有一些选择。
Option 1: 选项1:
Create a custom implementation of PBKDF1. 创建PBKDF1的自定义实现。 The
HashAlgorithmProvider
makes it very easy to repeatedly hash the result. HashAlgorithmProvider
使重复哈希结果变得非常容易。
Option 2: 选项2:
Use PBKDF2 with an empty salt
byte
array and the combined salt and password as your secret
. 将PBKDF2与空的
salt
byte
数组结合使用,并将盐和密码组合作为secret
。 This should have the same effect as PBKDF1. 这应具有与PBKDF1相同的效果。
It should be noted that if at all possible, you should probably switch to using PBKDF2. 应该注意的是,如果可能的话,您应该切换到使用PBKDF2。
Hope this helps and happy coding! 希望这对您有所帮助,并祝您编程愉快!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.