不兼容的AES实现？ [英] Incompatible AES implementations?

问题描述

我编译从这个网站一些AES实现code，这是应该亲热一个128位的密钥加密。我测试了这行一起工作的加密/解密程序。

I've compiled some AES implementation code from this site, it's supposed to perfrom a 128 bits key encryption. I tested the encryption/decryption programs which work OK together.

但是，如果我加密与所提到的code什么，然后尝试通过内置在linux的OpenSSL工具解密，我只是不能解密，甚至记录了我的坏的幻数的错误。同样的，如果我加密与OpenSSL的东西，并试图解密与code将无法正常工作。我试图与这两个CBC ECB。

However if I encrypt anything with the mentioned code and then try to decrypt it by openssl tool built-in in linux, I just can't get decrypt it, it even logs me the bad magic number error. Same, if I encrypt anything with openssl and try to decrypt with the code won't work. I tried with both cbc ecb.

如果他们都实现AES，不应该它的工作方式相同？

If they're both implementing AES, shouldn't it work same way?

推荐答案

它看起来像C code为使用ECB并不做任何填充。所以尝试加密的16个字节的消息（的倍数），然后加入16字节的值16（PKCS＃7填充）。或使用的16个字节的消息（的倍数）和--nopad在OpenSSL的（更可能工作）。同时，使用AES-128-ECB或不管​​它被称为。

it looks like the C code is using ECB and does no padding. so try encrypting a message (a multiple) of 16 bytes followed by 16 bytes of value 16 (pkcs#7 padding). or use a message (a multiple) of 16 bytes and --nopad in openssl (more likely to work). also, use aes-128-ecb or whatever it's called.

一个块加密作品的块的文本 - 在这种情况下，它的16个字符。所以，如果你不想再担心填充你需要给块的一个确切的数字。

a block cipher works on "chunks" of text - in this case, it's 16 characters long. so if you don't want to worry about padding you need to give an exact number of chunks.

另外，ECB模式（这样做又没有额外的处理每块）是不安全的多种用途。见维基百科的文章（看企鹅照片）。

also, ecb mode (doing each chunk in turn with no extra processing) isn't secure for many uses. see the wikipedia article (look at the penguin photos).

> echo -n "abcdabcdabcdabcd" > msg
> wc msg
 0  1 16 msg
> openssl enc -aes-128-ecb -nopad -in msg -K 0 -S "" -iv ""
[noise]
> openssl enc -aes-128-ecb -nopad -in msg -K 0 -S "" -iv "" | wc
 0 1 16

尝试自己上面，看看其他code将其解密（编辑2组明确的重点，并删除IV和盐 - 不知道是什么，后两者是在这种情况下）。

try the above yourself and see if the other code decrypts it (edit 2 sets the key explicitly, and removes IV and salt - not sure what the latter two are for in this case).

据我所知，这个问题涉及到的方式，密码被转换为关键。 OpenSSL的似乎是在做额外的事情，我无法摆脱的，除非我指定密钥为十六进制（ -K 0 ）。如果我这样做，其他程序无法正常工作（需要密码）。

as far as i can tell, the problem is related to the way that the password is converted to a key. openssl seems to be doing something extra that i can't get rid of unless i specify a key as hex (-K 0). and if i do that, the other program doesn't work (needs a password).

对不起，我的想法。

这篇关于不兼容的AES实现？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！