【发布时间】:2015-05-29 04:57:35
【问题描述】:
Windows 应用程序和服务器应用程序之间的加密通信存在问题。客户端应用程序在 Windows 上运行,用 C 编写并使用 CryptoAPI。服务器应用程序使用 PHP 和 Openssl 扩展。选择了 AES-256-CBC 作为密码算法。使用相同的算法 Openssl 和 CryptoAPI 会产生不同的结果。我对 RC2-CBC 算法也有同样的问题。这个在线工具http://asecuritysite.com/Encryption/openssl 生成的结果和openssl一样,所以我断定C代码中的那个bug。
PHP 代码:
<?php
//$flag = OPENSSL_RAW_DATA;
$flag = false;
//this string will encode
$dataString = 'some data string';
$pass = "1234567812345678";
$method = "aes-256-cbc";
$iv = "Zievrs8NZievrs8N";
echo "original:\n";
var_dump($dataString);
$encryptedMessage = openssl_encrypt($dataString, $method, $pass, $flag, $iv);
echo "after encrypt:\n";
var_dump($encryptedMessage);
echo "vector:\n";
var_dump($iv);
$decryptedMessage = openssl_decrypt($encryptedMessage, $method, $pass, $flag, $iv);
echo "after decrypt:\n";
var_dump($decryptedMessage);
输出:
original:
string(16) "some data string"
after encrypt:
string(44) "9O8UAaRRCfneeRbRCeiYi9nOM8F2KA6gtkAsvPliUdA="
vector:
string(16) "Zievrs8NZievrs8N"
after decrypt:
string(16) "some data string"
C 代码:
BOOL SetKey(BYTE* szKey, DWORD dwKeySize, HCRYPTPROV* m_hProv, HCRYPTHASH* m_hHash, HCRYPTKEY* m_hKey)
{
BOOL m_fOK= TRUE;
if (*m_hProv == 0) {
m_fOK = CryptAcquireContextA(m_hProv, NULL,
NULL, //MS_DEF_PROV_A,
PROV_RSA_AES,
CRYPT_VERIFYCONTEXT
);
}
if (m_fOK && (*m_hHash != 0)) {
m_fOK = CryptDestroyHash(*m_hHash);
m_hHash = 0;
}
if (m_fOK && (*m_hHash == 0)) {
m_fOK = CryptCreateHash(*m_hProv, CALG_SHA_256, 0, 0, m_hHash);
}
if (m_fOK) {
m_fOK = CryptHashData(*m_hHash, (BYTE*)szKey, dwKeySize, 0);
}
if (m_fOK) {
m_fOK = CryptDeriveKey(*m_hProv, CALG_AES_256, *m_hHash, CRYPT_EXPORTABLE | CRYPT_NO_SALT, m_hKey);
}
if (m_fOK) {
DWORD mode = CRYPT_MODE_CBC;
m_fOK = CryptSetKeyParam(*m_hKey, KP_MODE, (BYTE*)&mode, 0);
}
if (m_fOK) {
BYTE iv[] = {'Z','i','e','v','r','s','8','N','Z','i','e','v','r','s','8','N',0};
m_fOK = CryptSetKeyParam(*m_hKey, KP_IV, (BYTE*)iv, 0);
}
return m_fOK;
}
BOOL EncryptDecrypt(BYTE* pData, BYTE** pRes, DWORD* dwDataLen, BYTE* pKey, DWORD dwKeySize, BOOL fEncrypt)
{
HCRYPTPROV m_hProv = 0;
HCRYPTHASH m_hHash = 0;
HCRYPTKEY m_hKey = 0;
BOOL m_fOK= TRUE;
m_fOK = SetKey(pKey, dwKeySize, &m_hProv, &m_hHash, &m_hKey);
if (fEncrypt) {
DWORD dwTotalBufferSize = 0;
DWORD dwNewLen = *dwDataLen;
if((m_fOK = CryptEncrypt(m_hKey, 0, TRUE, 0, NULL, &dwNewLen, dwTotalBufferSize))) {
*pRes = (BYTE*)malloc(dwNewLen);
memcpy(*pRes, pData, *dwDataLen);
dwTotalBufferSize = dwNewLen;
if(!(m_fOK = CryptEncrypt(m_hKey, 0, TRUE, 0, *pRes, dwDataLen, dwTotalBufferSize))) {
free(*pRes);
*pRes = NULL;
*dwDataLen = 0;
}
}
}
else {
*pRes = (BYTE*)malloc(*dwDataLen);
memcpy(*pRes, pData, *dwDataLen);
if(!(m_fOK = CryptDecrypt(m_hKey, 0, TRUE, 0, *pRes, dwDataLen))) {
DWORD err = GetLastError();
char msg[100];
wsprintfA(msg, "err = %d\n", err);
OutputDebugStringA(msg);
free(*pRes);
*pRes = NULL;
*dwDataLen = 0;
}
}
if (m_hKey) CryptDestroyKey(m_hKey);
if (m_hHash) CryptDestroyHash(m_hHash);
if (m_hProv) CryptReleaseContext(m_hProv, 0);
return m_fOK;
}
void main() {
const char* data = "some data string";
BYTE* res = NULL;
DWORD len = strlen(data);
EncryptDecrypt((BYTE*)data, &res, &len, (BYTE*)"1234567812345678", 16, TRUE);
size_t len_en = 0;
char* base64 = base64_encode(res, len, &len_en);
printf("base64 = %s\n", base64);
}
输出:
base64 = miFMwk4/ZwjMLsnV4Po9UdWxix32TrK5BcSgSKYr384=
【问题讨论】:
-
我认为您忘记使用 pkcs7 填充数据;另见this answer。
-
感谢您的好回答,它揭示了一些启示,但不幸的是没有帮助。根据 MSDN CryptoAPI 使用 PKCS#5,但手动禁用它并实现 PKCS#7 填充对结果没有影响(在解密后还观察缓冲区末尾未分配字节的值给出了 PKCS#7 的良好指纹)。我尝试使用 AES-128 并通过 RFC3602 示例检查编码结果,并在 PHP 中获得正确的输出(带有内置和手动填充)。但不在 C 程序中。我建议加密上下文配置错误(提供者名称、类型、哈希算法,也许还有其他)
-
忘记添加链接RFC3602
标签: php c openssl cryptoapi mismatch