stackoom
  简体   繁体   中英

Encrypt with C# & decrypt with OpenSSL

 原文  2018-10-30 11:20:08       c#/ .net/ openssl/ aes/ cbc-mode

Question

I encrypt the file by using .NET.

Next, I try to decrypt it by using OpenSSL, and I have an issue: 

bad decrypt
4294956672:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:529:

I have simplified the example:

  • I don't generate key and iv in .NET and use it from OpenSSL
  • I don't use salt
  • I don't use base64, only binary

So,

1) I get IV and key from OpenSSL 

openssl enc -aes-256-cbc -pass pass:myPassword -P -nosalt
key=69BD0330B47FF638C3471005819C28F7B938830888101C9135EF41D8641F2709
iv =71C334727A6C5DE704C21965E9BAC0F8

2) I encrypt the file:

Invoke: 

key = new byte[]{0x69, 0xBD, 0x03, 0x30, 0xB4, 0x7F, 0xF6, 0x38, 0xC3, 0x47, 0x10, 0x05, 0x81, 0x9C, 0x28, 0xF7, 0xB9, 0x38, 0x83, 0x08, 0x88, 0x10, 0x1C, 0x91, 0x35, 0xEF, 0x41, 0xD8, 0x64, 0x1F, 0x27, 0x09};
iv = new byte[]{0x71, 0xC3, 0x34, 0x72, 0x7A, 0x6C, 0x5D, 0xE7, 0x04, 0xC2, 0x19, 0x65, 0xE9, 0xBA, 0xC0, 0xF8};
byte[] response = await EncryptString(textWriter.ToString(), key, iv);

The function: 

public async Task<byte[]> EncryptString(string plainText, byte[] key, byte[] iv)
{
    Aes encryptor = Aes.Create();

    encryptor.Mode = CipherMode.CBC;
    encryptor.Key = key;
    encryptor.Padding = PaddingMode.PKCS7;
    encryptor.BlockSize = 128;
    encryptor.IV = iv;
    encryptor.KeySize = 256;

    // Convert the plainText string into a byte array
    byte[] plainBytes = Encoding.ASCII.GetBytes(plainText);

    using (MemoryStream memoryStream = new MemoryStream())
    {
        ICryptoTransform aesEncryptor = encryptor.CreateEncryptor();

        using (CryptoStream cryptoStream = new CryptoStream(memoryStream, aesEncryptor, CryptoStreamMode.Write))
        {
            await cryptoStream.WriteAsync(plainBytes, 0, plainBytes.Length);
        }
        return memoryStream.ToArray();
    }
}

3) I write the byte array to the file (I have to use FTP) 

public async Task UploadFileAsync(Uri uri, string login, string password, byte[] content)
{
    FtpWebRequest ftpRequest = (FtpWebRequest)WebRequest.Create(uri);
    ftpRequest.Method = WebRequestMethods.Ftp.UploadFile;
    ftpRequest.UseBinary = true;
    ftpRequest.UsePassive = true;
    ftpRequest.KeepAlive = true;

    SetFtpCredentials(ftpRequest, login, password);

    using (var stream = new BinaryWriter(ftpRequest.GetRequestStream()))
    {
        stream.Write(content,0,content.Length);
    }


    using (var ftpResponse = (FtpWebResponse)ftpRequest.GetResponse())
    {
        using (Stream ftpStream = ftpResponse.GetResponseStream())
        {
        }
    }
}

4) I try to decrypt the file 

openssl.exe aes-256-cbc -in input.xml -d -out output.xml -md sha256 -nosalt -debug  -K 69BD0330B47FF638C3471005819C28F7B938830888101C9135EF41D8641F2709 -iv 71C334727A6C5DE704C21965E9BAC0F8

The response: 

BIO[0x600060ee0]: ctrl(108) - FILE pointer
BIO[0x600060ee0]: ctrl return 1
BIO[0x600060f60]: ctrl(108) - FILE pointer
BIO[0x600060f60]: ctrl return 1
BIO[0x600061080]: ctrl(6) - cipher
BIO[0x600060f60]: ctrl(6) - FILE pointer
BIO[0x600060f60]: ctrl return 0
BIO[0x600061080]: ctrl return 0
BIO[0x600060ee0]: read(0,8192) - FILE pointer
BIO[0x600060ee0]: read return 1328
BIO[0x600061080]: write(0,1328) - cipher
BIO[0x600060f60]: write(0,1312) - FILE pointer
BIO[0x600060f60]: write return 1312
BIO[0x600061080]: write return 1328
BIO[0x600060ee0]: read(0,8192) - FILE pointer
BIO[0x600060ee0]: read return 0
BIO[0x600061080]: ctrl(11) - cipher
BIO[0x600061080]: ctrl return 0
bad decrypt
4294956672:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:529:
BIO[0x600060ee0]: Free - FILE pointer
BIO[0x600060f60]: Free - FILE pointer
BIO[0x600061080]: Free - cipher

What should I fix?

1 answers

solution1
 0  2018-10-31 09:44:29

I've found the mistake: 

encryptor.KeySize = 256;//This line should be removed.

See https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.aescryptoserviceprovider.keysize?view=netframework-4.7.2

Changing the KeySize value resets the key and generates a new random key. This happens whenever the KeySize property setter is invoked (including when it's assigned the same value).

So, I should not set KeySize manually.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AES encrypt with OpenSSL, decrypt with C# .Net Convert C# TripleDES ECB decrypt/encrypt into PHP with openssl_encrypt/openssl_decrypt Encrypt AES in C++(OpenSSL), decrypt in C# Decrypt string in C# that was encrypted with PHP openssl_encrypt C# encrypt/decrypt methods which are equivalent to PHP7 openssl Encrypt in C# using OpenSSL compatible format, decrypt in Poco Encrypt in C# using RSACryptoServiceProvide and decrypt using openssl_private_decrypt in PHP Encrypt in SQL and Decrypt in C# Encrypt in Coldfusion and decrypt in C# Encrypt And Decrypt An Object In C#
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM