Rijndael托管解密問題
[英]RijndaelManaged Decryption Issue
問題描述
我支持最初在 1990 年代初期開發的龐大 C++ 系統。 (我在我的其他帖子中提到過這個系統)我們正在開發所有新的 C# 應用程序,以取代舊的 C++ 系統。 使用 TcpClient,未加密或加密的命令發送到 C# 應用程序和從 C++ 系統發送。 (加密是一個可選功能)。 未加密的命令可以毫無問題地發送和接收。 加密命令是另一回事。 我們可以成功加密我們的命令,C++ 系統將接受這些命令。 但是,從 C++ 發送到我們的 C# 系統的加密消息不能正確解密。 我已經得到了一些解密不會失敗,但它們都會產生一個神秘的字符串。 加密使用源自 1990 年代初期的 RijndaelManaged 和 CryptoStream。 如果那里的任何人都可以使解密代碼起作用,那么我會在未來很多年對您說好話:-)(如果您想知道為什么我們不將加密樣式替換為更簡單的東西,那是因為有幾個其他較舊的 C++ 系統仍在使用此技術)
對於發送加密命令,這可以正常工作:
//Generic messages array
var messages = new string[4];
messages[0] = "";
messages[1] = "Service Manager";
messages[2] =
"<COMMAND_BLOCK><OPERATOR User=\"1234\" Password=\"password\"/>" +
"<COMMAND Target=\"targetServer\" Command=\"1024\" " +
"Data=\"1\" Priority=\"HIGH\" Id=\"-1\" " +
"Workstation=\"Server1\"/></COMMAND_BLOCK>{Convert.ToChar(10)}";
messages[3] = IsEncryptionEnabled ? "1" : "0";
var formattedMessage = $"{messages[1]}{Convert.ToChar(10)}{messages[2]}";
formattedMessage =
$"{Convert.ToChar(messages[2].Length)}{Convert.ToChar((int)Math.Floor((double)messages[2].Length / 255))}{formattedMessage}";
if (WebApiCommon.Globals.IsEncryptionEnabled) //Yes, encryption is crazy
{
var commandBytes = Encoding.UTF8.GetBytes(messages[2]);
var messageLength = commandBytes.Length;
var allocatedLength = messageLength;
var blockLength = 16;
allocatedLength = ((messageLength + blockLength - 1) / blockLength) * blockLength;
var messageBytes = new byte[allocatedLength];
for (var x = 0; x < allocatedLength; x++)
{
if (x < messageLength)
messageBytes[x] = commandBytes[x];
else // pad out for encryption
messageBytes[x] = 0;
}
while (keyString.Length < 16) // make sure keystring is exactly 16 bytes.
keyString += keyString;
if (keyString.Length > 16)
keyString = keyString.Substring(0, 16);
var encoding = Encoding.GetEncoding(1252); // ANSI 1252
var key = encoding.GetBytes(keyString);
//create empty IV
var iv = new byte[16];
for (var x = 0; x < iv.Length; x++)
iv[x] = 0;
//create encryption object
var rijndael = new RijndaelManaged
{
BlockSize = 128,
KeySize = 128,
Padding = PaddingMode.None
};
//break into blockLength byte blocks and encrypt
var block = new byte[blockLength];
var encryptedBytes = new byte[allocatedLength];
for (var x = 0; x < allocatedLength; x += blockLength)
{
// copy current block
for (var j = 0; j < blockLength; j++)
block[j] = messageBytes[x + j];
using (var ms1 = new MemoryStream())
{
using (var cs1 = new CryptoStream(ms1, rijndael.CreateEncryptor(key, iv), CryptoStreamMode.Write))
cs1.Write(block, 0, block.Length);
var block1 = ms1.ToArray();
for (var j = 0; j < blockLength; j++)
encryptedBytes[x + j] = block1[j];
}
}
var lsbMessageLength = new byte[2];
lsbMessageLength[0] = (byte)(allocatedLength & 0xFF);
lsbMessageLength[1] = (byte)(((allocatedLength >> 8) & 0xF) + 0x40); // 0x40 = flag to enable encryption
var controlPortStream = controlConnection.GetStream();
controlPortStream.Write(lsbMessageLength, 0, lsbMessageLength.Length);
controlPortStream.Write(encryptedBytes, 0, encryptedBytes.Length);
controlPortStream.Flush();
}
我包括我所有的解密代碼嘗試,注釋掉,以及我希望工作的解密代碼,但沒有。 如果有人能看到我做錯了什么,請告訴我(首選代碼):
private string DecryptMPString(string incomingMessage)
{
var keyString =
WebApiCommon.ApiRequests.SysSettings.GetList(new SysSettingDto { SectionName = "Configuration", VariableName = "Site name" }).FirstOrDefault()?.Value;
var encryptedBytes2 = Encoding.UTF8.GetBytes(incomingMessage);
var encryptedBytes = ConvertHexToAscii(encryptedBytes2);
var messageLength = encryptedBytes.Length;
var allocatedLength = messageLength;
var blockLength = 16;
allocatedLength = ((messageLength + blockLength - 1) / blockLength) * blockLength;
var messageBytes = new byte[allocatedLength];
for (var x = 0; x < allocatedLength; x++)
{
if (x < messageLength)
messageBytes[x] = encryptedBytes[x];
else // pad out for encryption
messageBytes[x] = 0;
}
while (keyString.Length < 16) // make sure keystring is exactly 16 bytes.
keyString += keyString;
if (keyString.Length > 16)
keyString = keyString.Substring(0, 16);
var encoding = Encoding.GetEncoding(1252); // ANSI 1252
var key = encoding.GetBytes(keyString);
//create empty IV
var iv = new byte[16];
for (var x = 0; x < iv.Length; x++)
iv[x] = 0;
//create encryption object
//var rijndael = new RijndaelManaged
//{
// BlockSize = 128,
// KeySize = 128,
// Padding = PaddingMode.None
//};
//break into blockLength byte blocks and encrypt
//var block = new byte[blockLength];
//var decryptedBytes = new byte[allocatedLength];
//for (var x = 0; x < allocatedLength; x += blockLength)
//{
// // copy current block
// for (var j = 0; j < blockLength; j++)
// block[j] = messageBytes[x + j];
using (var rijndael = new RijndaelManaged())
{
rijndael.BlockSize = 128;
rijndael.KeySize = 128;
rijndael.Padding = PaddingMode.None;
var decryptor = rijndael.CreateDecryptor(key, iv);
var decryptedBytes = decryptor.TransformFinalBlock(messageBytes, 0, allocatedLength);
return Encoding.UTF8.GetString(decryptedBytes, 0, decryptedBytes.Length);
}
//using (var encryptedStream = new MemoryStream(encryptedBytes))
// {
// using (var decryptedStream = new MemoryStream())
// {
// using (var cryptoStream = new CryptoStream(encryptedStream, rijndael.CreateDecryptor(key, iv), CryptoStreamMode.Read))
// {
// int data;
// while ((data = cryptoStream.ReadByte()) != -1)
// decryptedStream.WriteByte((byte)data);
// }
// return Encoding.UTF8.GetString(decryptedStream.ToArray(), 0, decryptedStream.ToArray().Length);
// //var block1 = decryptedStream.ToArray();
// //for (var j = 0; j < blockLength; j++)
// // decryptedBytes[x + j] = block1[j];
// }
//}
//}
// return Encoding.UTF8.GetString(decryptedBytes, 0, decryptedBytes.Length);
//using (var encryptedStream = new MemoryStream(encoding.GetBytes(incomingMessage)))
//{
// //stream where decrypted contents will be stored
// using (var decryptedStream = new MemoryStream())
// {
// using (var aes = new RijndaelManaged { KeySize = 128, BlockSize = 128, Padding = PaddingMode.None })
// {
// using (var decryptor = aes.CreateDecryptor(key, iv))
// {
// //decrypt stream and write it to parent stream
// using (var cryptoStream = new CryptoStream(encryptedStream, decryptor, CryptoStreamMode.Read))
// {
// int data;
// while ((data = cryptoStream.ReadByte()) != -1)
// decryptedStream.WriteByte((byte)data);
// }
// }
// }
// //reset position in prep for reading
// decryptedStream.Position = 0;
// var decryptedBytes = decryptedStream.ToArray();
// return Encoding.UTF8.GetString(decryptedBytes, 0, decryptedBytes.Length);
// }
//}
}
private static byte[] ConvertHexToAscii(byte[] hexBytes)
{
int newLength = (hexBytes.Length) / 2;
var buffer = new byte[newLength];
for (int i = 0, j = 0; i < newLength; i++, j += 2)
buffer[i] = (byte)(((hexBytes[j] - '0') << 4) + (hexBytes[j + 1] - '0'));
return buffer;
}
這是最初的問題之后的幾天,但這里是用於創建由我的 C# 解決方案拾取的消息的 C++ 加密代碼:
BYTE* CEncrypt::Encrypt(LPCTSTR pszData,WORD& nLength)
{
if(nLength && m_bEncryptEnabled && m_nBlockSize == 16)
{
int nBufferSize = m_nBlockSize * (nLength/m_nBlockSize + (nLength % m_nBlockSize == 0?0:1));
BYTE* cBuffer = new BYTE[nBufferSize];
if(cBuffer)
{
memcpy(cBuffer,pszData,nLength);
while (nLength < nBufferSize) // zero last bytes in case short
cBuffer[nLength++] = '\0';
for (int nIndex = 0; nIndex < nLength; nIndex += m_nBlockSize)
{
Encrypt(cBuffer + nIndex);
}
return cBuffer;
}
}
return NULL;
}
/* There is an obvious time/space trade-off possible here. *
* Instead of just one ftable[], I could have 4, the other *
* 3 pre-rotated to save the ROTL8, ROTL16 and ROTL24 overhead */
void CEncrypt::Encrypt(BYTE *buff)
{
int i,j,k,m;
DWORD a[8],b[8],*x,*y,*t;
for (i=j=0; i<Nb; i++,j+=4)
{
a[i] = pack((BYTE *)&buff[j]);
a[i] ^= fkey[i];
}
k = Nb;
x = a;
y = b;
/* State alternates between a and b */
for (i=1; i<Nr; i++)
{ /* Nr is number of rounds. May be odd. */
/* if Nb is fixed - unroll this next loop and hard-code in the values of fi[] */
for (m=j=0; j<Nb; j++,m+=3)
{ /* deal with each 32-bit element of the State */
/* This is the time-critical bit */
y[j]=fkey[k++]^ftable[(BYTE)x[j]]^
ROTL8(ftable[(BYTE)(x[fi[m]]>>8)])^
ROTL16(ftable[(BYTE)(x[fi[m+1]]>>16)])^
ROTL24(ftable[x[fi[m+2]]>>24]);
}
t = x;
x = y;
y = t; /* swap pointers */
}
/* Last Round - unroll if possible */
for (m=j=0; j<Nb; j++,m+=3)
{
y[j] = fkey[k++]^(DWORD)fbsub[(BYTE)x[j]]^
ROTL8((DWORD)fbsub[(BYTE)(x[fi[m]]>>8)])^
ROTL16((DWORD)fbsub[(BYTE)(x[fi[m+1]]>>16)])^
ROTL24((DWORD)fbsub[x[fi[m+2]]>>24]);
}
for (i=j=0; i<Nb; i++,j+=4)
{
unpack(y[i], (BYTE *)&buff[j]);
x[i] = y[i] = 0; /* clean up stack */
}
return;
}
2 個解決方案
解決方案1
2 2021-03-08 23:28:16
對於這樣的問題,通常最好將其分解為盡可能小的組件。 在這種情況下,您應該將加密和解密 function 與所有其他邏輯分開。 這將讓您測試這些功能,將它們的 output 與已知的良好功能進行比較,並且無需太多工作即可運行代碼:
static byte[] Encrypt(string[] messages)
{
string keyString = "mysupersecretkey";
var formattedMessage = $"{messages[1]}{Convert.ToChar(10)}{messages[2]}";
formattedMessage =
$"{Convert.ToChar(messages[2].Length)}{Convert.ToChar((int)Math.Floor((double)messages[2].Length / 255))}{formattedMessage}";
if (true /*WebApiCommon.Globals.IsEncryptionEnabled*/) //Yes, encryption is crazy
{
var commandBytes = Encoding.UTF8.GetBytes(formattedMessage);
// Create a buffer block-aligned that's big enough for commandBytes
var messageBytes = new byte[((commandBytes.Length - 1) | 15) + 1];
// Copy commandBytes into the buffer
Buffer.BlockCopy(commandBytes, 0, messageBytes, 0, commandBytes.Length);
while (keyString.Length < 16) // make sure keystring is exactly 16 bytes.
keyString += keyString;
if (keyString.Length > 16)
keyString = keyString.Substring(0, 16);
var encoding = Encoding.GetEncoding(1252); // ANSI 1252
var key = encoding.GetBytes(keyString);
//create empty IV
var iv = new byte[16];
//create encryption object
var rijndael = new RijndaelManaged
{
BlockSize = 128,
KeySize = 128,
Padding = PaddingMode.None
};
using (var ms1 = new MemoryStream())
{
// Encrypt messageBytes
using (var cs1 = new CryptoStream(ms1, rijndael.CreateEncryptor(key, iv), CryptoStreamMode.Write))
cs1.Write(messageBytes, 0, messageBytes.Length);
var encryptedBytes = ms1.ToArray();
// Create the message length
var lsbMessageLength = new byte[2];
lsbMessageLength[0] = (byte)(encryptedBytes.Length & 0xFF);
lsbMessageLength[1] = (byte)(((encryptedBytes.Length >> 8) & 0xF) + 0x40); // 0x40 = flag to enable encryption
// Combine the message length along with the encrypted bytes
byte[] ret = new byte[lsbMessageLength.Length + encryptedBytes.Length];
Buffer.BlockCopy(lsbMessageLength, 0, ret, 0, lsbMessageLength.Length);
Buffer.BlockCopy(encryptedBytes, 0, ret, lsbMessageLength.Length, encryptedBytes.Length);
// Return it
return ret;
}
}
}
static string Decrypt(byte[] encryptedBytes)
{
string keyString = "mysupersecretkey";
// Get the message bytes from the bytes
var allocatedLength = (encryptedBytes[1] & 0xF) << 8 | encryptedBytes[0];
// And pull out the encrypted bytes
var messageBytes = new byte[allocatedLength];
Buffer.BlockCopy(encryptedBytes, 2, messageBytes, 0, allocatedLength);
while (keyString.Length < 16) // make sure keystring is exactly 16 bytes.
keyString += keyString;
if (keyString.Length > 16)
keyString = keyString.Substring(0, 16);
var encoding = Encoding.GetEncoding(1252); // ANSI 1252
var key = encoding.GetBytes(keyString);
//create empty IV
var iv = new byte[16];
for (var x = 0; x < iv.Length; x++)
iv[x] = 0;
using (var rijndael = new RijndaelManaged())
{
rijndael.BlockSize = 128;
rijndael.KeySize = 128;
rijndael.Padding = PaddingMode.None;
var decryptor = rijndael.CreateDecryptor(key, iv);
var decryptedBytes = decryptor.TransformFinalBlock(messageBytes, 0, allocatedLength);
return Encoding.UTF8.GetString(decryptedBytes, 0, decryptedBytes.Length);
}
}
然后,您可以通過幾個快速調用來練習:
string[] messages = { "", "system name", "Command" };
var encrypted = Encrypt(messages);
Console.WriteLine(BitConverter.ToString(encrypted).Replace("-", ""));
var decrypted = Decrypt(encrypted);
Console.WriteLine(decrypted);
哪個輸出:
2040622E097E5E8D438C9156384757A56C83B764BDF5B0D34346B2A7D56BD96016D7
system name
Command
然后,您可以根據 C++ 實現驗證加密的字符串是否正確,以及解密后的響應無需通過網絡代碼的 rest 運行。
解決方案2
1 已采納 2021-03-17 01:36:39
問題是您的加密代碼為每個塊創建了一個新的加密器:
for (var x = 0; x < allocatedLength; x += blockLength)
{
// copy current block
for (var j = 0; j < blockLength; j++)
block[j] = messageBytes[x + j];
using (var ms1 = new MemoryStream())
{
using (var cs1 = new CryptoStream(ms1, rijndael.CreateEncryptor(key, iv), CryptoStreamMode.Write))
cs1.Write(block, 0, block.Length);
var block1 = ms1.ToArray();
for (var j = 0; j < blockLength; j++)
encryptedBytes[x + j] = block1[j];
}
}
...這使得它本質上是一個 ECB 轉換。 C++ 代碼也在做同樣的事情。
在您的 C# Decrypt 上,您嘗試一次解密整個塊:
using (var rijndael = new RijndaelManaged())
{
rijndael.BlockSize = 128;
rijndael.KeySize = 128;
rijndael.Padding = PaddingMode.None;
var decryptor = rijndael.CreateDecryptor(key, iv);
var decryptedBytes = decryptor.TransformFinalBlock(messageBytes, 0, allocatedLength);
return Encoding.UTF8.GetString(decryptedBytes, 0, decryptedBytes.Length);
}
...這將適用於第一個塊,但不適用於 rest。 將其更改為使用新的解密器處理每個塊......它將起作用:
string finalString = "";
var blockLength = 16;
using (var rijndael = new RijndaelManaged())
{
rijndael.BlockSize = 128;
rijndael.KeySize = 128;
rijndael.Padding = PaddingMode.None;
for (var bytePos = 0; bytePos < allocatedLength; bytePos += blockLength)
{
var decryptor = rijndael.CreateDecryptor(key, iv);
var decryptedBytes = decryptor.TransformFinalBlock(messageBytes.Skip(bytePos).ToArray(), 0, blockLength);
finalString += Encoding.UTF8.GetString(decryptedBytes, 0, decryptedBytes.Length);
}
}
return finalString;
使用RijndaelManaged的CryptoJs加密和C#解密-錯誤
[英]CryptoJs encryption and c# decryption using RijndaelManaged - Error
RijndaelManaged Decryption - 如何優雅地刪除padding / 0?
[英]RijndaelManaged Decryption - How can I remove the padding /0 gracefully?
如何在C#中將RijndaelManaged生成的IV附加到數據以進行AES解密
[英]How to append a RijndaelManaged generated IV to data for AES decryption in C#
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.