使用 C# 和 CryptoJS 的不同加密结果

人气:540 发布:2022-10-16 标签: javascript c# cryptography aes cryptojs

问题描述

我在用 C# 编写的服务器应用程序中使用 AES 加密了一些数据.例如,我使用预定义的密钥(32 字节)和 IV(16 字节)...

I encrypt some data using AES in a server application, which is written in C#. I use a predefined key (32 bytes) and IV (16 bytes), for instance...

Key: 81fe1681..6a451c1c
IV:  e83c..ae76

这是我用来加密数据的 C# 代码:

This is my C# code I use to encrypt the data:

async Task<byte[]> Encrypt(string privateKey, string pin, byte[] data)
{
    using (var sha = SHA256.Create())
    {
        byte[] keyHash = sha.ComputeHash(Encoding.UTF8.GetBytes($"{privateKey}"));
        byte[] pinHash = sha.ComputeHash(Encoding.UTF8.GetBytes($"{pin}"));
        using (Aes aes = Aes.Create())
        {
            byte[] key = keyHash.Slice(0, aes.Key.Length);
            byte[] iv = pinHash.Slice(0, aes.IV.Length);
            using (ICryptoTransform transform = aes.CreateEncryptor(key, iv))
            using (var stream = new MemoryStream())
            using (var cryptStream = new CryptoStream(stream, transform, CryptoStreamMode.Write))
            {
                await cryptStream.WriteAsync(data, 0, data.Length);
                await cryptStream.FlushAsync();

                return stream.ToArray();
            }
        }
    }
}

加密的结果数据看起来像...

The encrypted result data looks like...

534c..28f5

现在,我想使用 CryptoJS 解密客户端应用程序中的数据.我使用完全相同的密钥和IV信息,但解密似乎失败了……至少解密的结果总是空的.

Now, I want to decrypt the data in a client application using CryptoJS. I use the exact same key and IV information, but decryption seems to fail... at least the decrypted result is always empty.

所以,我在客户端加密了数据(当然密钥和 IV 相同),结果密文不同;更准确地说,它是相同的,但最后有更多数据......

So, I encrypted the data on the client (of course same key and IV) and in result the ciphered text is different; more precisely it is identical but has more data at the end...

534c..28f5bbd5..ac0e

如果我对服务器上的数据进行加密,我最后得不到的额外数据是什么?

What is this additional data at the end that I don´t get if I encrypt the data on the server?

如果我解密已在客户端加密的密文,则解密有效.顺便提一下,模式和填充在服务器和客户端都是默认的,即CBCPkcs7;密钥大小应为 256.这是我用来解密服务器加密的数据的代码:

If I decrypt the ciphered text that has been encrypted on the client, the decryption works. Just to mention it, mode and padding are default on both server and client, which is CBC and Pkcs7; keysize should be 256. This is the code I use to decrypt the data that has been ciphered by the server:

let keyHash: WordArray = CryptoJS.SHA256(CryptoJS.enc.Utf8.parse(privateKey));
let key: WordArray = CryptoJS.lib.WordArray.create(keyHash.words.slice(0, 8), 32);

let pinHash: WordArray = CryptoJS.SHA256(CryptoJS.enc.Utf8.parse(pin));
let iv: WordArray = CryptoJS.lib.WordArray.create(pinHash.words.slice(0, 4), 16);

let cfg: CryptoJS.lib.IBlockCipherCfg = { iv: iv };
let paramsData: CryptoJS.lib.CipherParamsData = { 
    ciphertext: cipherBuffer
};

let decrypted: WordArray = CryptoJS.AES.decrypt(paramsData, key, cfg);

推荐答案

对于写入,块的刷新出现问题.FlushFinalBlock() 不同于 Flush()(或 FlushAsync()).您必须同时执行它们,或者简单地处理 CryptoStream.这将解决代码没有写入最后一个数据块的事实.

For the write there was a problem with the flushing of the blocks. The FlushFinalBlock() is distinct from the Flush() (or from the FlushAsync()). You have to do them both, or simply dispose the CryptoStream. This will solve the fact that the code wasn't writing the last block of data.

async static Task<byte[]> Encrypt(string privateKey, string pin, byte[] data)
{
    using (var sha = SHA256.Create())
    {
        byte[] keyHash = sha.ComputeHash(Encoding.UTF8.GetBytes($"{privateKey}"));
        byte[] pinHash = sha.ComputeHash(Encoding.UTF8.GetBytes($"{pin}"));
        using (Aes aes = Aes.Create())
        {
            byte[] key = keyHash.Slice(0, aes.Key.Length);
            byte[] iv = pinHash.Slice(0, aes.IV.Length);

            Trace.WriteLine($"Key length: { key.Length }, iv length: { iv.Length }, block mode: { aes.Mode }, padding: { aes.Padding }");

            using (var stream = new MemoryStream())
            using (ICryptoTransform transform = aes.CreateEncryptor(key, iv))
            {
                using (var cryptStream = new CryptoStream(stream, transform, CryptoStreamMode.Write))
                {
                    await cryptStream.WriteAsync(data, 0, data.Length);
                }

                return stream.ToArray();
            }
        }
    }
}

打字稿代码似乎可以解密.

The typescript code seems to be able to decrypt it.

工作小提琴:https://jsfiddle.net/uj58twrr/3/

447