AES解密失败,"填充无效,无法删除"

时间:2015-11-02 17:32:30

标签: c# cryptography aes

我正在使用Java编写的服务器进行跨平台应用程序,因此我最终使用了C#for Windows。 我终于在这两种语言中克服了BigIntegers不同字节的所有障碍(Java:big endian,C#:little),所以我也成功地进行了密钥交换。 现在这就是问题所在,在Java中我使用AES/CBC/PKCS5Padding进行加密,但是在C#中没有可用的PKCS5,但正如我在其他帖子中读到的这个主题在SO上,PKCS7被告知是与PKCS5相同或Java确实使用PKCS7而不是PKCS5。我不知道什么是正确的。

所以这就是代码:

using (System.Security.Cryptography.RijndaelManaged rijndael = new System.Security.Cryptography.RijndaelManaged())
{
    byte[] iv = new byte[16];
    for (int i = 0; i < 16; i++)
        iv[i] = 0;
    rijndael.Padding = PaddingMode.PKCS7;
    rijndael.Mode = CipherMode.CBC;
    rijndael.Key = Sys.PrivateKey;
    rijndael.KeySize = 128;
    rijndael.BlockSize = 128;
    rijndael.IV = iv;
    Sys.LogWrite("Decrypt input bytes length: " + buff.Length + ", keyLength: " + Sys.PrivateKey.Length);
    Sys.LogWriteBuffer("Input bytes", buff);
    Sys.LogWriteBuffer("Input key", Sys.PrivateKey);
    ICryptoTransform decryptor = rijndael.CreateDecryptor(rijndael.Key, rijndael.IV);
    buff=rijndael.CreateDecryptor().TransformFinalBlock(buff, 0, buff.Length);
    Sys.LogWriteBuffer("buffer: ", buff);
}

请忽略IV始终为00 00 00 00,这仅用于测试目的。 数据始终来自服务器,密钥在密钥交换中生成:

Decrypt input bytes length: 32, keyLength: 16
Input bytes: 7C 25 3F 49 9E D5 51 67 E2 86 F9 86 2E C1 8F 22 70 51 65 74 FC 39 2C 52 A6 83 36 B5 9A C7 27 B9 
Input key: 1C 13 C2 33 50 57 00 DB FD 60 E2 1C 27 2A A5 00

如果我把它放到任何这样的在线AES解密器http://aes.online-domain-tools.com/,我总能得到正确的结果:[[27,{"Established":true}]] 但是在C#中我只能得到这个:

System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed.
   at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
   at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)

我甚至尝试过PaddingMode.None,它没有抛出任何异常,但输出只是随机字节。 即使在线解密器可以正确解决它,我做错了什么?

其他示例输入数据应该产生相同的结果[[27,{"Established":true}]]

Decrypt input bytes length: 32, keyLength: 16
Input bytes: 85 5C 55 24 44 B8 77 A5 EF CE E7 A1 45 EC F3 84 2F 8B 74 1F AB D9 BE D0 82 64 BC 0D B0 50 73 63 
Input key: B2 21 FA 17 63 E6 4C 25 48 03 84 64 8B 70 05 00 

Decrypt input bytes length: 32, keyLength: 16
Input bytes: 8B FC 47 B4 91 05 B7 E1 6C 0E 61 78 D2 51 6B 77 EF 80 30 49 37 05 DA 79 47 52 D1 24 B9 DE A7 F3 
Input key: E7 BF E0 AA AC F1 26 42 06 D6 59 44 F9 33 74 63

请注意,IV始终是16个空字节。

1 个答案:

答案 0 :(得分:2)

我终于找到了这个问题而且令人难以置信! 而不是以这种方式创建解密器:

ICryptoTransform decryptor = rijndael.CreateDecryptor(rijndael.Key, rijndael.IV);

我应该以这种方式创建它:

ICryptoTransform decryptor = rijndael.CreateDecryptor(Sys.PrivateKey, iv);

因此,如果将来有任何人遇到类似的问题,这里已经是一般功能:

        public static String Decrypt(byte[] buff, byte[] key, byte[] iv)
        {
            using (System.Security.Cryptography.RijndaelManaged rijndael = new System.Security.Cryptography.RijndaelManaged())
            {
                rijndael.Padding = PaddingMode.PKCS7;
                rijndael.Mode = CipherMode.CBC;
                rijndael.KeySize = 128;
                rijndael.BlockSize = 128;
                ICryptoTransform decryptor = rijndael.CreateDecryptor(key, iv);
                System.IO.MemoryStream memoryStream = new System.IO.MemoryStream(buff);
                CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
                byte[] output = new byte[buff.Length];
                int readBytes = cryptoStream.Read(output, 0, output.Length);
                return System.Text.Encoding.UTF8.GetString(output, 0, readBytes);
            }
        }

希望它有所帮助。

相关问题
最新问题