問題描述

我是密碼學(xué)的新手.我的要求是解密/加密使用 openssl 加密/解密的文本.我們使用的算法是 Openssl 中的 aes-256-cbc.所以，我試圖在我的應(yīng)用程序中實現(xiàn)相同的功能.到目前為止，經(jīng)過大量谷歌搜索，我所能做的就是......

I am a newbie to cryptography. My requirement is to decrypt/encrypt the text that is encrypted/decrypted using openssl. The algorithm that we are using is aes-256-cbc in the Openssl. So, I am trying to implement the same functionality in my application. so far after a lot of googling all i was able to do is..

private static string Encryptor(string TextToEncrypt)
{
    //Turn the plaintext into a byte array.
    byte[] PlainTextBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(TextToEncrypt);            

    //Setup the AES providor for our purposes.
    AesCryptoServiceProvider aesProvider = new AesCryptoServiceProvider();

    aesProvider.BlockSize = 128;
    aesProvider.KeySize = 256;  
    //My key and iv that i have used in openssl
    aesProvider.Key = System.Text.Encoding.ASCII.GetBytes(strKey);
    aesProvider.IV = System.Text.Encoding.ASCII.GetBytes(strIV);  
    aesProvider.Padding = PaddingMode.PKCS7;
    aesProvider.Mode = CipherMode.CBC;

    ICryptoTransform cryptoTransform = aesProvider.CreateEncryptor(aesProvider.Key, aesProvider.IV);            
    byte[] EncryptedBytes = cryptoTransform.TransformFinalBlock(PlainTextBytes, 0, PlainTextBytes.Length);
    return Convert.ToBase64String(EncryptedBytes);                        
}

private static string Decryptor(string TextToDecrypt)
{
    byte[] EncryptedBytes = Convert.FromBase64String(TextToDecrypt);

    //Setup the AES provider for decrypting.            
    AesCryptoServiceProvider aesProvider = new AesCryptoServiceProvider();
    //aesProvider.Key = System.Text.Encoding.ASCII.GetBytes(strKey);
    //aesProvider.IV = System.Text.Encoding.ASCII.GetBytes(strIV);
    aesProvider.BlockSize = 128;
    aesProvider.KeySize = 256;  
    //My key and iv that i have used in openssl
    aesProvider.Key = System.Text.Encoding.ASCII.GetBytes(strKey);
    aesProvider.IV = System.Text.Encoding.ASCII.GetBytes(strIV);  
    aesProvider.Padding = PaddingMode.PKCS7;
    aesProvider.Mode = CipherMode.CBC;


    ICryptoTransform cryptoTransform = aesProvider.CreateDecryptor(aesProvider.Key, aesProvider.IV);
    byte[] DecryptedBytes = cryptoTransform.TransformFinalBlock(EncryptedBytes, 0, EncryptedBytes.Length);
    return System.Text.Encoding.ASCII.GetString(DecryptedBytes);
}

我的 openssl 命令是

My openssl command is

openssl aes-256-cbc -e -nosalt -a -in  inputfile.txt -out  output.txt -k key -iv ivkey

我的密鑰長度是 32 位，iv 是 16 位

My key length is 32digits and iv is 16digits

謝謝...

推薦答案

首先，閱讀openssl的man enc.使用 -k 時會忽略 -iv.您可能想要大寫 -K.其次，與 openssl 工具一起使用時，key 和 iv 值是十六進制的，如果您的 C# 使用與命令行相同的字符串，那么您需要執(zhí)行 適當(dāng)?shù)霓D(zhuǎn)換而不是 Encoding.ASCII.GetBytes(7 位編碼無論如何都不是正確的答案).

First, read man enc for openssl. -iv is ignored when -k is used. You probably want capital -K. Second, the key and iv values are hexadecimal when used with the openssl tool, if your C# is using the same string as the command line then you need to do appropriate conversions rather than Encoding.ASCII.GetBytes (a 7 bit encoding is never the right answer anyway).

對于純文本，您不妨使用 Encoding.UTF8.GetBytes/GetString，因為它向后兼容 ASCII.

For your plain text, you might as well use Encoding.UTF8.GetBytes/GetString since it is backwards compatible with ASCII.

如果出于某種原因你真的想使用小寫的-k，一個生成密鑰和iv的密碼，這要困難得多，因為openssl使用它自己的密鑰派生方案.此外，與 -nosalt 標(biāo)志一起使用也很危險.

If for some reason you actually want to use lowercase -k, a password to generate both the key and iv, that is much more difficult as openssl uses it's own key derivation scheme. Also, it is dangerous to use with the -nosalt flag.

-nosalt:在密鑰派生例程中不使用鹽.這個選項應(yīng)該除非用于測試目的或與古代兼容，否則不得使用OpenSSL 和 SSLeay 的版本.

-nosalt: doesn't use a salt in the key derivation routines. This option SHOULD NOT be used except for test purposes or compatibility with ancient versions of OpenSSL and SSLeay.

這是危險的原因之一，是因為 IV 不應(yīng)該是可預(yù)測的或不能重復(fù)用于 AES-CBC，如果您不使用鹽，密碼將始終生成具有相同 IV 的相同密鑰這會使您遭受多次攻擊，并可能泄露有關(guān)明文的信息.

One of the reasons this is dangerous, is due to the fact that IV's should not be predictable or reused for AES-CBC and if you don't use a salt, the passphrase will always produce the same key with the same IV that opens you up to several attacks and can leak info about the plaintext.

您可以從這篇博文中了解如何從密碼短語、與 openssl 相同的密鑰和 IV 派生 在 C# 中解密 OpenSSL AES 文件 雖然它是專門針對 AES-128 的，但注釋會引導(dǎo)您了解如何修改 aes-256，來自 manEVP_BytesToKey:

You can find out how to derive from passphrase, the same key and IV as openssl from this blog post Decrypting OpenSSL AES files in C# although it is specifically for AES-128 the comments lead you to how to modify for aes-256, from man EVP_BytesToKey:

Hash0 = ''
Hash1 = MD5(Hash0 + Password + Salt)
Hash2 = MD5(Hash1 + Password + Salt)
Hash3 = MD5(Hash2 + Password + Salt)

Key = Hash1 + Hash2
IV = Hash3

這篇關(guān)于使用 OpenSSL 的 AES-256/CBC 加密和 C# 中的解密的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網(wǎng)！