Python至C#AES CBC PKCS7 [英] Python to C# AES CBC PKCS7

问题描述

我正在尝试将此C#代码转换为Python(2.5，GAE).问题是每次运行加密(在同一字符串上)时，来自python脚本的加密字符串都是不同的.

I'm trying to convert this C# code to Python (2.5, GAE). The problem is that the encrypted string from the python script is different each time the encryption (on the same string) is run.

string Encrypt(string textToEncrypt, string passphrase)
 {
    RijndaelManaged rijndaelCipher = new RijndaelManaged();
    rijndaelCipher.Mode = CipherMode.CBC;
    rijndaelCipher.Padding = PaddingMode.PKCS7;

    rijndaelCipher.KeySize = 128;
    rijndaelCipher.BlockSize = 128;
    byte[] pwdBytes = Encoding.UTF8.GetBytes(passphrase);
    byte[] keyBytes = new byte[16];
    int len = pwdBytes.Length;
    if (len > keyBytes.Length)
    {
        len = keyBytes.Length;
    }
    Array.Copy(pwdBytes, keyBytes, len);
    rijndaelCipher.Key = keyBytes;
    rijndaelCipher.IV = new byte[16];
    ICryptoTransform transform = rijndaelCipher.CreateEncryptor();
    byte[] plainText = Encoding.UTF8.GetBytes(textToEncrypt);
    return Convert.ToBase64String(transform.TransformFinalBlock(plainText, 0, plainText.Length));
}

Python代码:(PKCS7Encoder: http://japrogbits.blogspot.com/2011/02/using-encrypted-data-between-python-and.html )

Python code: (PKCS7Encoder: http://japrogbits.blogspot.com/2011/02/using-encrypted-data-between-python-and.html)

from Crypto.Cipher import AES
from pkcs7 import PKCS7Encoder
#declared outside of all functions
key = '####'
mode = AES.MODE_CBC
iv = '\x00' * 16
encryptor = AES.new(key, mode, iv)
encoder = PKCS7Encoder()

def function(self):
 text = self.request.get('passwordTextBox')
 pad_text = encoder.encode(text)
 cipher = encryptor.encrypt(pad_text)
 enc_cipher = base64.b64encode(cipher)

C#代码是继承的.必须以相同的方式对Python代码进行加密和解密，以便C#代码可以正确解码该值.

The C# code is inherited. Python code must be encrypted and decrypted the same way so that the C# code can decode the value correctly.

注意:我是python的菜鸟:)

Note: I am a noob at python :)

对不起.应该区分出有一个正在调用的函数.

sorry. should have made the distinction that there was a function being called.

谢谢！

推荐答案

您的C#代码无效.

Encrypt 函数将密码短语作为 string密码短语，但随后尝试在此行中引用它. byte [] pwdBytes = Encoding.UTF8.GetBytes(键)；

The Encrypt function takes in the passphrase as string passphrase but then tries to reference it in this line byte[] pwdBytes = Encoding.UTF8.GetBytes(key);

将 key 更改为 passphrase .

这两个函数现在对我产生相同的结果:

The two functions now produce identical results for me:

Python

secret_text = 'The rooster crows at midnight!'
key = 'A16ByteKey......'
mode = AES.MODE_CBC
iv = '\x00' * 16

encoder = PKCS7Encoder()
padded_text = encoder.encode(secret_text)

e = AES.new(key, mode, iv)
cipher_text = e.encrypt(padded_text)

print(base64.b64encode(cipher_text))

# e = AES.new(key, mode, iv)
# cipher_text = e.encrypt(padded_text)
# print(base64.b64encode(cipher_text))

C#(具有上面提到的拼写错误)

Console.WriteLine(Encrypt("The rooster crows at midnight!", "A16ByteKey......"));

Python结果

XAW5KXVbItrc3WF0xW175UJoiAfonuf + s54w2iEs + 7A =

XAW5KXVbItrc3WF0xW175UJoiAfonuf+s54w2iEs+7A=

C#结果

XAW5KXVbItrc3WF0xW175UJoiAfonuf + s54w2iEs + 7A =

XAW5KXVbItrc3WF0xW175UJoiAfonuf+s54w2iEs+7A=

我怀疑您在python代码中多次重复使用"e".如果您取消注释我的python脚本的最后两行，您将看到输出现在不同.但是，如果取消注释最后三行，则会看到输出是相同的.正如Foon所说，这是由于 CBC的工作方式.

I suspect you're re-using 'e' in your python code multiple times. If you uncomment the last two lines of my python script, you'll see the output is now different. But if you uncomment the last three lines, you'll see the output is the same. As Foon said, this is due to how CBC works.

CBC(密码块链接)在对块中的字节序列进行加密时起作用.通过将IV与纯文本的第一字节合并在一起来对第一块进行加密("rooster ...").第二个块使用第一个操作的结果而不是IV.

CBC (Cipher-block chaining) works when encrypting a sequence of bytes in blocks. The first block is encrypted by incorporating the IV with the first bytes of your plaintext ("The rooster..."). The second block uses the result of that first operation instead of the IV.

当您第二次调用 e.encrypt()时(例如，取消注释python脚本的最后两行)，您从上次中断的地方接了电话.在加密第一个块时，将使用最后一个加密块的输出，而不是使用IV.这就是为什么结果看起来不同的原因.通过不喜欢python脚本的最后三行，您可以初始化一个新的加密器，该加密器将在其第一个块中使用IV，从而使您获得相同的结果.

When you call e.encrypt() a second time (e.g. by uncommmenting the last two lines of the python script) you pick up where you left off. Instead of using the IV when encrypting the first block, it will use the output of the last encrypted block. This is why the results look different. By uncommening the last three lines of the python script you initialize a new encryptor which will use the IV for its first block, causing you to get identical results.

这篇关于Python至C#AES CBC PKCS7的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！