C＃TripleDes的供应商没有初始化向量？ [英] C# TripleDES Provider without an Initialization Vector?

问题描述

我有一组TripleDes的从远程系统来编码加密文档。我需要在C＃中的数据进行解码，我有过键或编码算法没有控制权。我只有键和模式（CBC），位于一个文件中的数据。

I have a set of encrypted documents encoded with TripleDES coming from a remote system. I need to decode the data in C# and I have no control over the key or encoding algorithm. All I have is the key and the mode (CBC) and the data located in a file.

TripleDESCryptoServiceProvider是很容易使用，但我想不出如何使用解密没有初始化向量。

The TripleDESCryptoServiceProvider is easy enough to use, but I can't figure out how to use the Decryptor without an Initialization Vector.

我们有一个有24个字节（192bit的）键与解密，但没有别的。

We have a have 24 byte (192bit) key to decrypt with, but nothing else.

   string key = "1468697320656E6372797174696F6E206973737265206933";            
   byte[] keyData = ParseHex(key);  //  key is OK at 24 bytes                     

   TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider();
   des.Mode = CipherMode.CBC;            
   des.GenerateIV();

   var decryptor = des.CreateDecryptor(keyData,null);  // des.IV

   var encoded = File.ReadAllBytes(@"..\..\..\..\test.tdes");
   byte[] output = decryptor.TransformFinalBlock(encoded, 0, encoded.Length);

这彻头彻尾的坏数据失败。如果我切换到TransformBlock至少运行的代码，但只产生乱码：

This fails outright with Bad data. If I switch to TransformBlock the code at least runs but produces just gibberish:

   byte[] output = new byte[10000];
   var count = decryptor.TransformBlock(encoded, 0, encoded.Length, output, 0);

所以，问题是：

So the questions are:

• 如果我只有一个关键是需要InitializationVector？


• 如果不为null正确的事情通过？


• 还有什么会我可能需要设置超出键和模式？


• 为什么TransformBlock至少工作和TransformFinalBlock只是失败？

• If I only have a key is the InitializationVector required?
• If not is null the right thing to pass?
• What else would I possibly need to set beyond the key and mode?
• Why does TransformBlock at least work and TransformFinalBlock just fails?

原来解码问题引起的，而不是通过缺少初始化向量，而是通过从加密数据的提供者的信息不正确。更新后的工作代码如下所示：

It turns out the decoding problem was caused, not by the missing Initialization Vector, but by incorrect information from the provider of the encrypted data. The updated working code looks like this:

        // Read the test data
        byte[] encoded = File.ReadAllBytes(@"..\..\..\..\test.tdes");            

        // Get the key into a byte array
        string key = "1468697320656E6372797174696F6E206973737265206933";           
        byte[] keyData = ParseHex(key);                        


        TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider();
        des.Mode = CipherMode.ECB;      // Make sure this is correct!!!
        des.Padding = PaddingMode.Zeros;   // Make sure this is correct!!!
        des.Key = keyData;

        var decryptor = des.CreateDecryptor();  
        byte[] output = decryptor.TransformFinalBlock(encoded, 0, encoded.Length);

        string dataString = Encoding.Default.GetString(encoded);
        Console.WriteLine(dataString);

        Console.WriteLine("\r\n\r\nDecoded:");
        string result = Encoding.Default.GetString(output);
        Console.WriteLine(result);

        Console.Read();

在我们的例子中，关键是使用适当的CipherMode和填充。固定填充制成TransformFinalBlock（）不工作的坏数据的错误。 。固定CipherMode做出正确的未加密的数据。

The key in our case was using the proper CipherMode and Padding. Fixing the padding made TransformFinalBlock() work without Bad Data errors. Fixing the CipherMode made properly unencrypted the data.

道德：在CipherMode.ECB模式至少有一个初始化向量，你并不需要提供一个初始化向量。如果没有提供供应商IV将自动生成一个，但解密仍然有效（至少ECB）。

Moral of the story: In CipherMode.ECB mode at least an Initialization Vector you don't need to provide an initialization vector. If no IV is provided the provider will auto-generate one, but the decryption still works (at least with ECB).

在最后它关键是要确保你有的所有信息的从加密的数据提供者。

In the end it's CRUCIAL to make sure you have all the information from the provider that encrypted the data.

推荐答案

试图回答每个点：

• 初始化向量是必需的CBC模式。它不需要是个秘密（不像键），所以应该从远程系统发送。


• 由于您所需要的IV，null不是通过正确的事情。


• 填充模式。你需要知道哪些填充模式被使用。


• TransformFinalBlock可能失败，因为填充模式是错误的。

• The Initialization Vector is required in CBC mode. It is not required to be a secret (unlike the key) so it should be sent from the remote system.
• Since you need the IV, null is not the right thing to pass.
• Padding mode. You need to know which padding mode is used.
• TransformFinalBlock probably fails because the Padding mode is wrong.

修改

ECB（电子密码本）和CBC（密码块链接）之间的差额，如下图所示：

The difference between ECB (Electronic Code Book) and CBC (Cipher Block Chaining) is illustrated below:

正如你可以看到没有IV在ECB模式下使用。所以，即使你提供的话，会被忽略。

As you can see no IV is used in ECB mode. So even if you provide one it will be ignored.

这篇关于C＃TripleDes的供应商没有初始化向量？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！