文章/答案/技术大牛

发布

问C# <->密钥交换
EN

Stack Overflow用户

提问于 2014-12-21 10:45:50

回答 1查看 502关注 0票数 3

我想用C#和PHP之间的动态密钥交换建立一个加密的通信系统。目前，我有一个工作的加密/解密PHP <-> PHP和C# <-> C#，但是由于某种原因它不能工作PHP <-> C#。问题是，C#代码解密后的字符串会产生比PHP预期更长的输出，但是当将输出视为简单字符串时，数据是相同的。例如，从C#发送给PHP的字符串"daa“，解密长度为28，这不是应该的。从PHP发送到C#的字符串也是如此，我得到一个编译器错误ArgumentException: length

C#代码：

public static string EncryptTest(string input)
{
    string key = "256 bit key (32 char)";

    input = Md5Sum(input).Substring(0, 4) + input;

    var encoding = new UTF8Encoding();
    var Key = encoding.GetBytes(key);
    byte[] encrypted;
    byte[] result;

    using (var rj = new RijndaelManaged())
    {
        try
        {
            rj.Padding = PaddingMode.PKCS7;
            rj.Mode = CipherMode.CBC;
            rj.KeySize = 256;
            rj.BlockSize = 256;
            rj.Key = Key;
            rj.GenerateIV();

            using (ICryptoTransform encryptor = rj.CreateEncryptor())
            {
                using (MemoryStream ms = new MemoryStream())
                {
                    using (CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
                    {
                        using (StreamWriter writer = new StreamWriter(cs))
                        {
                            writer.Write(input);
                        }
                    }

                    encrypted = ms.ToArray();
                    result = new byte[rj.BlockSize / 8 + encrypted.Length];

                    // Result is built as: IV (plain text) + Encrypted(data)
                    Array.Copy(rj.IV, result, rj.BlockSize / 8);
                    Array.Copy(encrypted, 0, result, rj.BlockSize / 8, encrypted.Length);
                }
            }
        }
        finally
        {
            rj.Clear();
        }
    }
    return Convert.ToBase64String(result);
}

public static string DecryptTest(string input)
{
    string key = "256 bit key (32 char)";

    byte[] data = Convert.FromBase64String(input);

    if (data.Length < 32)
        return null;

    var encoding = new UTF8Encoding();
    var Key = encoding.GetBytes(key);

    using (RijndaelManaged aes = new RijndaelManaged())
    {
        aes.Padding = PaddingMode.PKCS7;
        aes.Mode = CipherMode.CBC;
        aes.KeySize = 256;
        aes.BlockSize = 256;
        aes.Key = Key;

        // Extract the IV from the data first.
        byte[] iv = new byte[aes.BlockSize / 8];
        Array.Copy(data, iv, iv.Length);
        aes.IV = iv;

        // The remainder of the data is the encrypted data we care about.
        byte[] encryptedData = new byte[data.Length - iv.Length];
        Array.Copy(data, iv.Length, encryptedData, 0, encryptedData.Length);

        using (ICryptoTransform decryptor = aes.CreateDecryptor())
        {
            using (MemoryStream ms = new MemoryStream(encryptedData))
            {
                using (CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read))
                {
                    using (StreamReader reader = new StreamReader(cs))
                    {
                        string output = reader.ReadToEnd();

                        if (output.Length < 4)
                            return null;

                        string dataHash = output.Substring(0, 4);
                        string dataInput = output.Substring(4);
                        string dataInputHash = Md5Sum(dataInput).Substring(0, 4);

                        if (dataHash != dataInputHash)
                            return null;

                        return dataInput;
                    }
                }
            }
        }
    }
}

private static string Md5Sum(string strToEncrypt)
{
    UTF8Encoding ue = new UTF8Encoding();
    byte[] bytes = ue.GetBytes(strToEncrypt);

    MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
    byte[] hashBytes = md5.ComputeHash(bytes);

    string hashString = "";

    for (int i = 0; i < hashBytes.Length; i++)
    {
        hashString += Convert.ToString(hashBytes[i], 16).PadLeft(2, '0');
    }

    return hashString.PadLeft(32, '0');
}

PHP代码：

$key = "256 bit key (32 char)";

function iv()
{
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
    return mcrypt_create_iv($iv_size, MCRYPT_RAND);
}
function encrypt($data, $key32)
{
    # Prepend 4-chars data hash to the data itself for validation after decryption
    $data = substr(md5($data), 0, 4).$data;
    # Prepend $iv to decrypted data
    $iv = iv();
    $enc = $iv.mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key32, $data, MCRYPT_MODE_CBC, $iv);
    return base64_encode($enc);
}
function decrypt($data, $key32)
{
    $data = base64_decode($data);
    if ($data === false || strlen($data) < 32)
        return null;
    $iv = substr($data, 0, 32);
    $encrypted = substr($data, 32);
    $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key32, $encrypted, MCRYPT_MODE_CBC, $iv), "\0");
    if ($decrypted === false || is_null($decrypted) || strlen($decrypted) < 4)
        return null;
    $dataHash = substr($decrypted, 0, 4);
    $data = substr($decrypted, 4);
    if (substr(md5($data), 0, 4) !== $dataHash)
        return null; // it breaks here, md5 sum is not correct because of the length
    return $data;
}

php

encryption

dynamic

exchange-server

回答 1

Stack Overflow用户

回答已采纳

发布于 2014-12-21 12:07:42

PHP / mcrypt不使用PKCS#7填充，它使用0.n字节的零填充，其中n是块大小。

要使用PKCS#7-在加密前填充明文，请使用：

$pad = $blockSize - (strlen($data) % $blockSize);
$pdata = $data . str_repeat(chr($pad), $pad);

要在解密后卸载明文，只需执行以下操作：

$pad = ord($pdata[strlen($pdata) - 1]);
$data = substr($pdata, 0, strlen($pdata) - $pad);

PKCS#7现在是填充的特殊标准。零填充是不确定的；如果明文以零本身结尾，它可能会改变明文。

票数 2

页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持

原文链接：

https://stackoverflow.com/questions/27588629

复制

相似问题

问C# <->密钥交换
EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问C# <->密钥交换EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问C# <->密钥交换
EN