C＃AES-256加密 [英] C# AES-256 Encryption

问题描述

我使用RijndaelManaged的做一个简单的加密/解密工具。这是工作正常，但我试图把它与它在Unix中（甲骨文）创造了另一个程序集成。我的问题是，所有的小输入字符串，我得到完全相同的加密的十六进制作为Unix的代码生成，但对于更长的字符串，我的加密的十六进制的一半是相同的，但另一半是不同的：

I am using RijndaelManaged to make a simple encryption/decryption utility. This is working fine, but I am trying to get it integrated with another program which is created in Unix (Oracle). My problem is, for all smaller input string, i am getting the exact same encrypted hex as the Unix code is generation, but for longer strings, half of my encrypted hex is same, but the other half is different:

Unix的输出：

012345678901234 - 00984BBED076541E051A239C02D97117 
0123456789012345678 - A0ACE158AD8CF70CEAE8F76AA27F62A30EA409ECE2F7FF84F1A9AF50817FC0C4

视窗输出（我的代码）：

Windows Output (my code):

012345678901234 - 00984BBED076541E051A239C02D97117 (same as above)
0123456789012345678 - A0ACE158AD8CF70CEAE8F76AA27F62A3D9A1B396A614DA2C1281AA1F48BC3EBB (half exactly same as above)

我的Windows代码是：

My Windows code is:

public string Encrypt(byte[] PlainTextBytes, byte[] KeyBytes, string InitialVector)
        {
            byte[] InitialVectorBytes = Encoding.ASCII.GetBytes(InitialVector);
            RijndaelManaged SymmetricKey = new RijndaelManaged();
            SymmetricKey.Mode = CipherMode.ECB;
            SymmetricKey.Padding = PaddingMode.PKCS7;
            ICryptoTransform Encryptor = SymmetricKey.CreateEncryptor(KeyBytes, InitialVectorBytes);
            MemoryStream MemStream = new MemoryStream();
            CryptoStream CryptoStream = new CryptoStream(MemStream, Encryptor, CryptoStreamMode.Write);
            CryptoStream.Write(PlainTextBytes, 0, PlainTextBytes.Length);
            CryptoStream.FlushFinalBlock();
            byte[] CipherTextBytes = MemStream.ToArray();
            MemStream.Close();
            CryptoStream.Close();
            return ByteToHexConversion(CipherTextBytes);
        }

UNIX（PL / SQL）代码：

Unix (PL/SQL) code:

FUNCTION Encrypt_Card (plain_card_id  VARCHAR2)
    RETURN RAW AS
    	num_key_bytes      NUMBER := 256/8;        -- key length 256 bits (32 bytes)
    	encrypted_raw      RAW (2000);             -- stores encrypted binary text
    	encryption_type    PLS_INTEGER :=          -- total encryption type
    				    DBMS_CRYPTO.ENCRYPT_AES256
    				  + DBMS_CRYPTO.CHAIN_CBC
    				  + DBMS_CRYPTO.PAD_PKCS5;

    	key_bytes_raw  RAW(64) :=my_hex_key;
    BEGIN



     encrypted_raw := DBMS_CRYPTO.ENCRYPT
           (
              src => UTL_I18N.STRING_TO_RAW (plain_card_id, 'AL32UTF8'),
              typ => encryption_type,
              key => key_bytes_raw
           );


      RETURN encrypted_raw;
    EXCEPTION
    WHEN OTHERS THEN
    dbms_output.put_line (plain_card_id || ' - ' || SUBSTR(SQLERRM,1,100) );
    RETURN HEXTORAW ('EEEEEE');

我看到的唯一区别是使用PKCS5和PCKS7的。但是，.NET没有PCKS5。

The only difference i see is use of PKCS5 and PCKS7. But, .NET doesn't have PCKS5.

推荐答案

什么ABC说，你也似乎没有任何IV（初始化向量）在你Unix程序代码在所有。

What abc said and also you don't seem to have any IV (Initialization Vector) in you Unix code at all.

这第一部分是相同的具有与不同的模式（ECB和CBC）做的事实。欧洲央行分别加密每个块，而CBC加密在下单时使用以前的块。

The fact that the first part are the same has to do with the different modes (ECB and CBC). ECB encrypts each block separately while CBC uses the previous block when encrypting the next one.

这里发生的是，因为你使用CBC和不设置IV的IV为全零。

这意味着，第一个块欧洲央行加密和CBC加密将是相同的。

（因为XOR 0 = A）。

What happens here is that since you use CBC and do not set an IV the IV is all zeroes.
That means that the first block of ECB encryption and CBC encryption will be the same.
(Since A XOR 0 = A).

您需要确保您使用在两个系统中相同的加密方式，如果你决定CBC确保您使用相同的IV。

You need to make sure you use the same encryption mode in both systems and if you decide on CBC make sure you use the same IV.

这篇关于C＃AES-256加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！