AES 使用 OpenSSL 加密，使用 C# .Net 解密 [英] AES encrypt with OpenSSL, decrypt with C# .Net

问题描述

我需要知道如何在 AES-OpenSSL 中加密消息并在 .NET(C# 或 VB)中解密或知道 AES-OPENSSL 和 AES-.NET 之间有什么区别

I need to know how to encrypt a message in AES-OpenSSL and decrypt in .NET (C# or VB) OR Know what is the difference between AES-OPENSSL and AES-.NET

谢谢！

VB.NET 中的代码:

Public Function AES_Decrypt(ByVal prm_key As String, ByVal prm_iv As String, ByVal prm_text_to_decrypt As String)

    Dim sEncryptedString As String = prm_text_to_decrypt

    Dim myRijndael As New RijndaelManaged
    myRijndael.Padding = PaddingMode.Zeros
    myRijndael.Mode = CipherMode.CBC
    myRijndael.KeySize = 256
    myRijndael.BlockSize = 256

    Dim key() As Byte
    Dim IV() As Byte

    key = System.Text.Encoding.ASCII.GetBytes(prm_key)
    IV = System.Text.Encoding.ASCII.GetBytes(prm_iv)

    Dim decryptor As ICryptoTransform = myRijndael.CreateDecryptor(key, IV)

    Dim sEncrypted As Byte() = Convert.FromBase64String(sEncryptedString)

    Dim fromEncrypt() As Byte = New Byte(sEncrypted.Length) {}

    Dim msDecrypt As New MemoryStream(sEncrypted)
    Dim csDecrypt As New CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)

    csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length)

    Return (System.Text.Encoding.ASCII.GetString(fromEncrypt))

End Function

推荐答案

在您的评论中，您要求一种在 C# 中加密和在 OpenSSL 中解密的方法.这是在 C# 中很好的 EVP_BytesToKey 实现.

In your comment, you ask for a way to encrypt in C# and Decrypt in OpenSSL. Here's a good implementation of EVP_BytesToKey in C#.

现在你只需要在 C# 中生成一个随机字节数组，然后在两边使用这些函数(OpenSSL 端的 EVP 和 C# 中的第二个)和你的公共随机字节数组.

Now you just have to generate a random byte array in C#, then use these functions (EVP on OpenSSL side and the second one in C#) on both sides with your common random byte array.

请注意，您必须使用相同的哈希算法:在给定的链接中，使用的是 MD5.您可能必须将其更改为 SHA1，具体取决于 EVP_BytesToKey 正在使用的一个(或相反).同样的方式，你必须根据你的需要调整帖子中给出的 Derive 算法中的 key 和 iv 大小，这里是 32 和 32.

Beware though, you have to use the same hash algorithm: in the given link, MD5 is used. You might have to change it to SHA1 depending on the one EVP_BytesToKey is using (or the other way round). The same way, you have to adapt the key and iv size in the Derive algorithm given in the post depending on your needs, here 32 and 32.

希望有所帮助.

编辑 1:我忘了.正如 owlstead 在他的评论中所说，Rijndael 允许您使用 256 位的块大小.但是，AES 块大小始终固定为 128 位，因此您的块大小必须为 128 位，而您的 iv 为 16 字节.

EDIT 1: I forgot. As owlstead said in his comment, Rijndael allows you to use a block size of 256 bits. However, AES block size is always fixed to 128 bits, so your block size MUST be 128 bits and your iv 16 bytes.

当您想使用盐时，还有一个问题.OpenSSL 使用 base64 加密的Salt__"和实际的 salt 数组在您的加密字节数组前面.您可以在这篇文章.

There is also a catch when you wish to use salt. OpenSSL prepends your encrypted byte array with a base64 encryption of "Salt__" and the actual salt array. You can find an example in this post.

编辑 2:OpenSSL 1.1.0c 更改了一些内部组件中使用的摘要算法.以前用的是MD5，1.1.0改用SHA256.请注意，更改不会影响 EVP_BytesToKey 和诸如 openssl enc 之类的命令.

EDIT 2: OpenSSL 1.1.0c changed the digest algorithm used in some internal components. Formerly, MD5 was used, and 1.1.0 switched to SHA256. Be careful the change is not affecting you in both EVP_BytesToKey and commands like openssl enc.

这篇关于AES 使用 OpenSSL 加密，使用 C# .Net 解密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！