使用C#与PHP进行AES GCM加密

2022-05-30 00:00:00 php c# bouncycastle

我正在使用C#.NET框架和PHP在我的客户端/服务器应用程序中执行一些加密方法。加密方法是AES-256-GCM,在PHP中可以非常简单。我从here复制的.NET代码,只做了一点修改。.NET版本产生了不同的值。

在PHP版本中,我可以这样编写

<?php
   
$dynamicSecretKey = "2192B39425BBD08B6E8E61C5D1F1BC9F428FC569FBC6F78C0BC48FCCDB0F42AE";
$iv = "E1E592E87225847C11D948684F3B070D";
$plainText = 'Test only. PHP and C# encryption';
$tag = null;

$content = openssl_encrypt($plainText, 'AES-256-GCM', $dynamicSecretKey, OPENSSL_RAW_DATA,$iv, $tag);

echo bin2hex($tag)."
";

$cipherText = base64_encode($content.$tag);

echo $cipherText."
";

$cipherTextWithTag = base64_decode($cipherText);
echo bin2hex($cipherTextWithTag);
echo "
";

$tag = substr($cipherTextWithTag , -16, 16);
$cipherText = substr($cipherTextWithTag, 0, - 16);

$decryptedText = openssl_decrypt($cipherText, 'AES-256-GCM', $dynamicSecretKey, OPENSSL_RAW_DATA, $iv,$tag);

echo $decryptedText;

?>

在C#中,我尝试使其相同

private RunTest()
{
    //$dynamicSecretKey = "2192B39425BBD08B6E8E61C5D1F1BC9F428FC569FBC6F78C0BC48FCCDB0F42AE";
    string dynamicSecretKey = "3777217A25432A462D4A614E645267556B58703272357538782F413F4428472B";
    //$iv = "E1E592E87225847C11D948684F3B070D";
    string iv = "E1E592E87225847C11D94868";
    //$plainText = 'Test only. PHP and C# encryption';
    string plainText = "Test only. PHP and C# encryption";
    //$tag = null;
    byte[] tag = null;

    //$content = openssl_encrypt($plainText, 'AES-256-GCM', $dynamicSecretKey, OPENSSL_RAW_DATA,$iv, $tag);
    var content = AesGcm.Openssl_Encrypt(plainText, dynamicSecretKey, iv);
    //$cipherText = base64_encode($content.$tag);
    string cipherText = AesGcm.Base64Encode(AesGcm.Combine(content.cipherText, content.tag));
    //bool same = cipherText.Equals("+u3YJpiHMy6p0mDxlquYq7utAOk7r6ppKGcnYAVD9iMPSe7fhWNNoMNto6Z6p0tM");

    //$cipherTextWithTag = base64_decode($cipherText);
    string cipherTextWithTag = AesGcm.Base64Decode(cipherText); //RESULTED UNREAD CHARACTERS

    //$tag = substr($cipherTextWithTag, -16, 16);
    //tag = cipherTextWithTag.Substring(cipherTextWithTag.Length - 16, 16);
    //$cipherText = substr($cipherTextWithTag, 0, -16);
    //cipherText = cipherTextWithTag.Substring(0, cipherTextWithTag.Length - 16);
    string decryptedText = AesGcm.Openssl_Decrypt(cipherText, dynamicSecretKey, iv, AesGcm.ByteArrayToHex(content.tag)); //ERROR
}

internal static class AesGcm
{
    internal static (byte[] ciphertext, byte[] nonce, byte[] tag) Encrypt(string plaintext, byte[] key, byte[] iv)
    {
        const int nonceLength = 12; // in bytes
        const int tagLenth = 16; // in bytes

        var plaintextBytes = Encoding.UTF8.GetBytes(plaintext);
        var bcCiphertext = new byte[plaintextBytes.Length + tagLenth];

        var cipher = new GcmBlockCipher(new AesEngine());
        var parameters = new AeadParameters(new KeyParameter(key), tagLenth * 8, iv);
        cipher.Init(true, parameters);

        var offset = cipher.ProcessBytes(plaintextBytes, 0, plaintextBytes.Length, bcCiphertext, 0);
        cipher.DoFinal(bcCiphertext, offset);

        // Bouncy Castle includes the authentication tag in the ciphertext
        var ciphertext = new byte[plaintextBytes.Length];
        var tag = new byte[tagLenth];
        Buffer.BlockCopy(bcCiphertext, 0, ciphertext, 0, plaintextBytes.Length);
        Buffer.BlockCopy(bcCiphertext, plaintextBytes.Length, tag, 0, tagLenth);

        return (ciphertext, iv, tag);
    }

    private static string Decrypt(byte[] ciphertext, byte[] key, byte[] iv, byte[] tag)
    {
        var plaintextBytes = new byte[ciphertext.Length];

        var cipher = new GcmBlockCipher(new AesEngine());
        var parameters = new AeadParameters(new KeyParameter(key), tag.Length * 8, iv);
        cipher.Init(false, parameters);

        var bcCiphertext = ciphertext.Concat(tag).ToArray();

        var offset = cipher.ProcessBytes(bcCiphertext, 0, bcCiphertext.Length, plaintextBytes, 0);
        cipher.DoFinal(plaintextBytes, offset);

        return Encoding.UTF8.GetString(plaintextBytes);
    }

    internal static (byte[] cipherText, byte[] tag) Openssl_Encrypt(string plaintext, string key, string iv)
    {
        var plainTextBytes = Encoding.UTF8.GetBytes(plaintext);
        var bKey = HexToByteArray(key);
        var bIv = HexToByteArray(iv);
        var result = Encrypt(plaintext, bKey, bIv);
        return (result.ciphertext, result.tag);
    }

    internal static string Openssl_Decrypt(string ciphertext, string key, string iv, string tag)
    {
        var bKey = HexToByteArray(key);
        var bIv = HexToByteArray(iv);
        var bTag = HexToByteArray(tag);
        var bCipherText = Convert.FromBase64String(ciphertext);

        var result = Decrypt(bCipherText, bKey, bIv, bTag);
        return Base64Decode(result);
    }

    public static byte[] HexToByteArray(string hex)
    {
        return Enumerable.Range(0, hex.Length)
                         .Where(x => x % 2 == 0)
                         .Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
                         .ToArray();
    }

    public static string ByteArrayToHex(byte[] ba) => BitConverter.ToString(ba).Replace("-", "").ToLower();

    public static string Base64Encode(string plainText)
    {
        var plainTextBytes = Encoding.UTF8.GetBytes(plainText);
        return Convert.ToBase64String(plainTextBytes);
    }

    public static string Base64Decode(string base64EncodedData)
    {
        var base64EncodedBytes = Convert.FromBase64String(base64EncodedData);
        return Encoding.UTF8.GetString(base64EncodedBytes);
    }

    public static string Base64Encode(byte[] plainText)
    {
        return Convert.ToBase64String(plainText);
    }

    public static string Base64Decode(byte[] base64EncodedData)
    {
        return Encoding.UTF8.GetString(base64EncodedData);
    }

    public static byte[] Combine(params byte[][] arrays)
    {
        byte[] rv = new byte[arrays.Sum(a => a.Length)];
        int offset = 0;
        foreach (byte[] array in arrays)
        {
            System.Buffer.BlockCopy(array, 0, rv, offset, array.Length);
            offset += array.Length;
        }
        return rv;
    }
}

编辑:

包含所有方法。

此问题与here

不重复

解决方案

您做的第一件奇怪的事情是在Encrypt的末尾:

// BlockCopy(Array src, int srcOffset, Array dst, int dstOffset, int count)
Buffer.BlockCopy(bcCiphertext, 0, ciphertext, 0, plaintextBytes.Length);
Buffer.BlockCopy(bcCiphertext, plaintextBytes.Length, tag, 0, tagLenth);

您正在将字节复制到密文和标记(本地数组)中!?

另一件奇怪的事:

// new AeadParameters(KeyParameter key, int macSize, byte[] nonce)
var parameters = new AeadParameters(new KeyParameter(key), tagLenth * 8, iv);

您要将IV扇区写入随机数字段?!

相关文章