手动解密使用 MachineKey.Protect 加密的数据

【问题标题】:Manually decrypt data encrypted with MachineKey.Protect手动解密使用 MachineKey.Protect 加密的数据
【发布时间】:2016-05-21 09:22:51
【问题描述】:

我正在尝试手动解密使用 MachineKey.Protect() 加密的数据。我正在使用 AES 和 SHA1 算法。

        // unencrypted input in HEX: 010203
        // AES key in HEX: CCA0DC9874B3F9E679E0A576F77EDF9B121CAB2F9A363A4EAF99976F7B51FA89
        // want to decrypt this: A738E5F98920E37AB14C5F4332D4C7F0EC683680AAA0D34B806E75DECF04B7A3DB651E688B563F77BA107FB15990C88FB8023386

这是一个例子。 

        // Some input data
        var input = new byte[] { 1, 2, 3 };

        // this just works fine
        var protectedData = System.Web.Security.MachineKey.Protect(input, "ApplicationCookie", "v1");

        // protectedData  in hex: A738E5F98920E37AB14C5F4332D4C7F0EC683680AAA0D34B806E75DECF04B7A3DB651E688B563F77BA107FB15990C88FB8023386

        // works
        var unprotectedInput = System.Web.Security.MachineKey.Unprotect(protectedData, "ApplicationCookie", "v1");

        // now lets do it manually
        // in web.config machineKey is configured: AES and SHA1

        var algorithm = new AesManaged();
        algorithm.Padding = PaddingMode.PKCS7;
        algorithm.Mode = CipherMode.CBC;
        algorithm.KeySize = 256;
        algorithm.BlockSize = 128;
        var validationAlgorithm = new HMACSHA1();

        // this is the key from web.config
        var key = HexToBinary("CCA0DC9874B3F9E679E0A576F77EDF9B121CAB2F9A363A4EAF99976F7B51FA89");

        using (SymmetricAlgorithm encryptionAlgorithm = algorithm)
        {
            encryptionAlgorithm.Key = key;
            int offset = encryptionAlgorithm.BlockSize / 8; //16
            int buffer1Count = validationAlgorithm.HashSize / 8; // 20
            int count = checked(protectedData.Length - offset - buffer1Count); // 16
            byte[] numArray = new byte[offset];
            Buffer.BlockCopy((Array)protectedData, 0, (Array)numArray, 0, numArray.Length);
            encryptionAlgorithm.IV = numArray; // in HEX: A738E5F98920E37AB14C5F4332D4C7F0
            using (MemoryStream memoryStream = new MemoryStream())
            {
                using (ICryptoTransform decryptor = encryptionAlgorithm.CreateDecryptor())
                {
                    using (CryptoStream cryptoStream = new CryptoStream((Stream)memoryStream, decryptor, CryptoStreamMode.Write))
                    {
                        cryptoStream.Write(protectedData, offset, count);

                        // Padding is invalid and cannot be removed.
                        cryptoStream.FlushFinalBlock();
                        var result = memoryStream.ToArray();
                    }
                }
            }
        }

我遇到了一个异常(填充不正确)。

我不知道还能尝试什么...

这是 MachineKey.Protect 的代码,https://msdn.microsoft.com/cs-cz/library/system.web.security.machinekey.protect(v=vs.110).aspx

    public byte[] Protect(byte[] clearData)
    {
      // this is AESManaged
      using (SymmetricAlgorithm encryptionAlgorithm = this._cryptoAlgorithmFactory.GetEncryptionAlgorithm())
      {
        // this is our key
        encryptionAlgorithm.Key = this._encryptionKey.GetKeyMaterial();
        if (this._predictableIV)
          encryptionAlgorithm.IV = CryptoUtil.CreatePredictableIV(clearData, encryptionAlgorithm.BlockSize);
        else
          encryptionAlgorithm.GenerateIV();
        byte[] iv = encryptionAlgorithm.IV;
        using (MemoryStream memoryStream = new MemoryStream())
        {
          memoryStream.Write(iv, 0, iv.Length);
          using (ICryptoTransform encryptor = encryptionAlgorithm.CreateEncryptor())
          {
            using (CryptoStream cryptoStream = new CryptoStream((Stream) memoryStream, encryptor, CryptoStreamMode.Write))
            {
              cryptoStream.Write(clearData, 0, clearData.Length);
              cryptoStream.FlushFinalBlock();
              using (KeyedHashAlgorithm validationAlgorithm = this._cryptoAlgorithmFactory.GetValidationAlgorithm())
              {
                validationAlgorithm.Key = this._validationKey.GetKeyMaterial();
                byte[] hash = validationAlgorithm.ComputeHash(memoryStream.GetBuffer(), 0, checked ((int) memoryStream.Length));
                memoryStream.Write(hash, 0, hash.Length);
                return memoryStream.ToArray();
              }
            }
          }
        }
      }
    }

【问题讨论】:

  • 我已经从加密数据中尝试了所有 6 种数据组合,iv 和 sha1,在任何情况下我都没有得到有效的 PKCS#7 填充。 (我没有填充解密,所以我可以看到填充字节)。有一个缺失的部分。因此我删除了我的答案,因为它没有任何帮助。
  • 是的,很简单:解密密钥是错误的,请看下面我的回答..

标签: c# asp.net .net iis encryption


【解决方案1】:

解密密钥错误。

MachineKey.Protect/UnProtect() 在使用之前修改密钥。

它正在做这样的事情:

            public static byte[] DeriveKey(byte[] key, int keySize, string primaryPurpose, params string[] specificPurposes)
            {
                var secureUtf8Encoding = new UTF8Encoding(false, true);
                var hash = new HMACSHA512(key);

                using (hash)
                {
                    var label = secureUtf8Encoding.GetBytes(primaryPurpose);

                    byte[] context;

                    using (var memoryStream = new MemoryStream())
                    {
                        using (var binaryWriter = new BinaryWriter(memoryStream, secureUtf8Encoding))
                        {
                            foreach (var str in specificPurposes)
                                binaryWriter.Write(str);
                            context = memoryStream.ToArray();
                        }
                    }

                    return DeriveKeyImpl(hash, label, context, keySize);
                }
            }

            public static byte[] DeriveKeyImpl(HMAC hmac, byte[] label, byte[] context, int keyLengthInBits)
            {
                int count1 = label != null ? label.Length : 0;
                int count2 = context != null ? context.Length : 0;
                byte[] buffer = new byte[checked(4 + count1 + 1 + count2 + 4)];
                if (count1 != 0)
                    Buffer.BlockCopy((Array)label, 0, (Array)buffer, 4, count1);
                if (count2 != 0)
                    Buffer.BlockCopy((Array)context, 0, (Array)buffer, checked(5 + count1), count2);
                WriteUInt32ToByteArrayBigEndian(checked((uint)keyLengthInBits), buffer, checked(5 + count1 + count2));
                int dstOffset = 0;
                int val1 = keyLengthInBits / 8;
                byte[] numArray = new byte[val1];
                uint num = 1;
                while (val1 > 0)
                {
                    WriteUInt32ToByteArrayBigEndian(num, buffer, 0);
                    byte[] hash = hmac.ComputeHash(buffer);
                    int count3 = Math.Min(val1, hash.Length);
                    Buffer.BlockCopy((Array)hash, 0, (Array)numArray, dstOffset, count3);
                    checked { dstOffset += count3; }
                    checked { val1 -= count3; }
                    checked { ++num; }
                }
                return numArray;
            }

指定正确的目的非常重要。对于标准 MachineKey.Protect,主要原因是“User.MachineKey.Protect”。此示例的密钥大小为 256(以位为单位)。

【讨论】:

    猜你喜欢
    • 2018-11-17
    • 1970-01-01
    • 1970-01-01
    • 2010-10-25
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode