使用C#与PHP进行AES GCM加密
我正在使用C#.NET框架和PHP在我的客户端/服务器应用程序中执行一些加密方法。加密方法是AES-256-GCM,在PHP中可以非常简单。我从here复制的.NET代码,只做了一点修改。.NET版本产生了不同的值。
在PHP版本中,我可以这样编写
<?php
$dynamicSecretKey = "2192B39425BBD08B6E8E61C5D1F1BC9F428FC569FBC6F78C0BC48FCCDB0F42AE";
$iv = "E1E592E87225847C11D948684F3B070D";
$plainText = 'Test only. PHP and C# encryption';
$tag = null;
$content = openssl_encrypt($plainText, 'AES-256-GCM', $dynamicSecretKey, OPENSSL_RAW_DATA,$iv, $tag);
echo bin2hex($tag)."
";
$cipherText = base64_encode($content.$tag);
echo $cipherText."
";
$cipherTextWithTag = base64_decode($cipherText);
echo bin2hex($cipherTextWithTag);
echo "
";
$tag = substr($cipherTextWithTag , -16, 16);
$cipherText = substr($cipherTextWithTag, 0, - 16);
$decryptedText = openssl_decrypt($cipherText, 'AES-256-GCM', $dynamicSecretKey, OPENSSL_RAW_DATA, $iv,$tag);
echo $decryptedText;
?>
在C#中,我尝试使其相同
private RunTest()
{
//$dynamicSecretKey = "2192B39425BBD08B6E8E61C5D1F1BC9F428FC569FBC6F78C0BC48FCCDB0F42AE";
string dynamicSecretKey = "3777217A25432A462D4A614E645267556B58703272357538782F413F4428472B";
//$iv = "E1E592E87225847C11D948684F3B070D";
string iv = "E1E592E87225847C11D94868";
//$plainText = 'Test only. PHP and C# encryption';
string plainText = "Test only. PHP and C# encryption";
//$tag = null;
byte[] tag = null;
//$content = openssl_encrypt($plainText, 'AES-256-GCM', $dynamicSecretKey, OPENSSL_RAW_DATA,$iv, $tag);
var content = AesGcm.Openssl_Encrypt(plainText, dynamicSecretKey, iv);
//$cipherText = base64_encode($content.$tag);
string cipherText = AesGcm.Base64Encode(AesGcm.Combine(content.cipherText, content.tag));
//bool same = cipherText.Equals("+u3YJpiHMy6p0mDxlquYq7utAOk7r6ppKGcnYAVD9iMPSe7fhWNNoMNto6Z6p0tM");
//$cipherTextWithTag = base64_decode($cipherText);
string cipherTextWithTag = AesGcm.Base64Decode(cipherText); //RESULTED UNREAD CHARACTERS
//$tag = substr($cipherTextWithTag, -16, 16);
//tag = cipherTextWithTag.Substring(cipherTextWithTag.Length - 16, 16);
//$cipherText = substr($cipherTextWithTag, 0, -16);
//cipherText = cipherTextWithTag.Substring(0, cipherTextWithTag.Length - 16);
string decryptedText = AesGcm.Openssl_Decrypt(cipherText, dynamicSecretKey, iv, AesGcm.ByteArrayToHex(content.tag)); //ERROR
}
internal static class AesGcm
{
internal static (byte[] ciphertext, byte[] nonce, byte[] tag) Encrypt(string plaintext, byte[] key, byte[] iv)
{
const int nonceLength = 12; // in bytes
const int tagLenth = 16; // in bytes
var plaintextBytes = Encoding.UTF8.GetBytes(plaintext);
var bcCiphertext = new byte[plaintextBytes.Length + tagLenth];
var cipher = new GcmBlockCipher(new AesEngine());
var parameters = new AeadParameters(new KeyParameter(key), tagLenth * 8, iv);
cipher.Init(true, parameters);
var offset = cipher.ProcessBytes(plaintextBytes, 0, plaintextBytes.Length, bcCiphertext, 0);
cipher.DoFinal(bcCiphertext, offset);
// Bouncy Castle includes the authentication tag in the ciphertext
var ciphertext = new byte[plaintextBytes.Length];
var tag = new byte[tagLenth];
Buffer.BlockCopy(bcCiphertext, 0, ciphertext, 0, plaintextBytes.Length);
Buffer.BlockCopy(bcCiphertext, plaintextBytes.Length, tag, 0, tagLenth);
return (ciphertext, iv, tag);
}
private static string Decrypt(byte[] ciphertext, byte[] key, byte[] iv, byte[] tag)
{
var plaintextBytes = new byte[ciphertext.Length];
var cipher = new GcmBlockCipher(new AesEngine());
var parameters = new AeadParameters(new KeyParameter(key), tag.Length * 8, iv);
cipher.Init(false, parameters);
var bcCiphertext = ciphertext.Concat(tag).ToArray();
var offset = cipher.ProcessBytes(bcCiphertext, 0, bcCiphertext.Length, plaintextBytes, 0);
cipher.DoFinal(plaintextBytes, offset);
return Encoding.UTF8.GetString(plaintextBytes);
}
internal static (byte[] cipherText, byte[] tag) Openssl_Encrypt(string plaintext, string key, string iv)
{
var plainTextBytes = Encoding.UTF8.GetBytes(plaintext);
var bKey = HexToByteArray(key);
var bIv = HexToByteArray(iv);
var result = Encrypt(plaintext, bKey, bIv);
return (result.ciphertext, result.tag);
}
internal static string Openssl_Decrypt(string ciphertext, string key, string iv, string tag)
{
var bKey = HexToByteArray(key);
var bIv = HexToByteArray(iv);
var bTag = HexToByteArray(tag);
var bCipherText = Convert.FromBase64String(ciphertext);
var result = Decrypt(bCipherText, bKey, bIv, bTag);
return Base64Decode(result);
}
public static byte[] HexToByteArray(string hex)
{
return Enumerable.Range(0, hex.Length)
.Where(x => x % 2 == 0)
.Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
.ToArray();
}
public static string ByteArrayToHex(byte[] ba) => BitConverter.ToString(ba).Replace("-", "").ToLower();
public static string Base64Encode(string plainText)
{
var plainTextBytes = Encoding.UTF8.GetBytes(plainText);
return Convert.ToBase64String(plainTextBytes);
}
public static string Base64Decode(string base64EncodedData)
{
var base64EncodedBytes = Convert.FromBase64String(base64EncodedData);
return Encoding.UTF8.GetString(base64EncodedBytes);
}
public static string Base64Encode(byte[] plainText)
{
return Convert.ToBase64String(plainText);
}
public static string Base64Decode(byte[] base64EncodedData)
{
return Encoding.UTF8.GetString(base64EncodedData);
}
public static byte[] Combine(params byte[][] arrays)
{
byte[] rv = new byte[arrays.Sum(a => a.Length)];
int offset = 0;
foreach (byte[] array in arrays)
{
System.Buffer.BlockCopy(array, 0, rv, offset, array.Length);
offset += array.Length;
}
return rv;
}
}
编辑:
包含所有方法。
此问题与here
不重复解决方案
您做的第一件奇怪的事情是在Encrypt的末尾:
// BlockCopy(Array src, int srcOffset, Array dst, int dstOffset, int count)
Buffer.BlockCopy(bcCiphertext, 0, ciphertext, 0, plaintextBytes.Length);
Buffer.BlockCopy(bcCiphertext, plaintextBytes.Length, tag, 0, tagLenth);
您正在将字节复制到密文和标记(本地数组)中!?
另一件奇怪的事:
// new AeadParameters(KeyParameter key, int macSize, byte[] nonce)
var parameters = new AeadParameters(new KeyParameter(key), tagLenth * 8, iv);
您要将IV扇区写入随机数字段?!
相关文章