stackoom
  简体   繁体   中英

Encrypt and Decrypt data using Blowfish with Coldfusion and .NET/BouncyCastle

 原文  2019-01-24 18:08:38       c#/ encryption/ coldfusion/ bouncycastle/ blowfish

Question

I am trying to mimic coldfusion Blowfish/Hex encryption using BouncyCastle for ASP.NET MVC. I was able to successfully decrypt a string encrypted in CF using the steps laid out in this link: Encrypt and Decrypt data using Blowfish/CBC/PKCS5Padding

Other than adding a \\0 to the end of the 7 character string, it works great.

I am not trying to utilize Blowfish/CBC/PKCS5Padding, just Blowfish/Hex. I am unable to get the reverse (encryption) working. Below is the code I have so far

I have tried using manual padding of =, as well as ignoring. However, even when using the additional character, it still doesn't sync.

Decryption (does work):

string keyString = "TEST";
BlowfishEngine engine = new BlowfishEngine();
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(engine);
cipher.Init(false, new KeyParameter(Convert.FromBase64String(keyString)));
byte[] out1 = Hex.Decode(hexstring);
byte[] out2 = new byte[cipher.GetOutputSize(out1.Length)];
int len2 = cipher.ProcessBytes(out1, 0, out1.Length, out2, 0);
cipher.DoFinal(out2, len2);
string myval = Encoding.UTF8.GetString(out2);

Encryption (doesn't work):

string keyString = "TEST";
string stringToEncrypt = "0123456";
stringToEncrypt = stringToEncrypt + "=";
BlowfishEngine engine2 = new BlowfishEngine();
PaddedBufferedBlockCipher cipher2 = new PaddedBufferedBlockCipher(engine2);
cipher2.Init(true, new KeyParameter(Convert.FromBase64String(keyString)));
byte[] inB = Hex.Encode(Convert.FromBase64String(stringToEncrypt));
byte[] outB = new byte[cipher2.GetOutputSize(inB.Length)];
int len1 = cipher2.ProcessBytes(inB, 0, inB.Length, outB, 0);
cipher2.DoFinal(outB, len1);
var myval2 = BitConverter.ToString(outB).Replace("-", "");

"Doesn't work" meaning - it returns an encrypted string that in no way mirrors the string encrypted by CF. On top of that, the returned string, when decrypted using the above method, does not match with what was originally entered (using the .NET/BouncyCastle encryption)

1 answers

solution1
 1 ACCPTED  2019-01-25 12:35:54

The C# code is decoding the input as base64, when it is actually just plain text. So you are encrypting the wrong value. That is why the result doesn't match the encrypted string from CF. Since CF always uses UTF8, use this:

byte[] inB = Encoding.UTF8.GetBytes(stringToEncrypt);

Instead of:

byte[] inB = Hex.Encode(Convert.FromBase64String(stringToEncrypt));

Additional Security Tips:

  1. I'm no expert in encryption, but from what I've read , you should use CBC mode , with a different IV every time, for better security. (The current code uses ECB, which is less secure).

  2. For anyone reading this thread in the future, obviously the key value "TEST" is just for illustration. Don't use arbitrary values as keys , because it weakens security. Always use strong keys generated by a standard crypto library. For example, in CF use the GenerateSecretKey function.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to decrypt data using the BouncyCastle Blowfish implementation? Encrypt and Decrypt data using Blowfish/CBC/PKCS5Padding Can't decrypt OpenPGP data I encrypt with BouncyCastle C# Convert encrypt/decrypt from Java to C# using bouncycastle getting error into encrypt and decrypt data using ASP.NET Encrypt in Coldfusion and decrypt in C# PHP encrypt string using blowfish Trying to decrypt a string with public key(not private) using bouncycastle in .net Encrypt with iOS; Decrypt with .Net Symmetric encrypt/decrypt in .NET
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM