问题描述
我支持最初在 1990 年代早期开发的庞大的 C++ 系统。 (我在我的其他帖子中提到过这个系统)我们正在开发所有新的 C# 应用程序以替换旧的 C++ 系统。使用 TcpClient,将未加密或加密的命令发送到我们的 C# 应用程序和从我们的 C# 应用程序发送到 C++ 系统。 (加密是一个可选择的功能)。发送和接收未加密的命令都没有问题。加密的命令是另一回事。我们可以成功地加密我们的命令,C++ 系统将接受这些命令。但是,从 C++ 发送到我们的 C# 系统的加密消息不能正确解密。我有一些解密不会失败,但它们都会导致一个神秘的字符串。加密使用源自 1990 年代初期的 RijndaelManaged 和 CryptoStream。如果有人可以让解密代码起作用,那么我会在未来很多年里对你说好话:-)(如果你想知道为什么我们不把加密风格替换为更简单的东西,那是因为有几个其他较旧的 C++ 系统仍在使用这种技术)
对于发送加密命令,这可以正常工作:
//Generic messages array
var messages = new string[4];
messages[0] = "";
messages[1] = "Service Manager";
messages[2] =
"<COMMAND_BLOCK><OPERATOR User=\"1234\" Password=\"password\"/>" +
"<COMMAND Target=\"targetServer\" Command=\"1024\" " +
"Data=\"1\" Priority=\"HIGH\" Id=\"-1\" " +
"Workstation=\"Server1\"/></COMMAND_BLOCK>{Convert.tochar(10)}";
messages[3] = IsEncryptionEnabled ? "1" : "0";
var formattedMessage = $"{messages[1]}{Convert.tochar(10)}{messages[2]}";
formattedMessage =
$"{Convert.tochar(messages[2].Length)}{Convert.tochar((int)Math.Floor((double)messages[2].Length / 255))}{formattedMessage}";
if (WebApiCommon.Globals.IsEncryptionEnabled) //Yes,encryption is crazy
{
var commandBytes = Encoding.UTF8.GetBytes(messages[2]);
var messageLength = commandBytes.Length;
var allocatedLength = messageLength;
var blockLength = 16;
allocatedLength = ((messageLength + blockLength - 1) / blockLength) * blockLength;
var messageBytes = new byte[allocatedLength];
for (var x = 0; x < allocatedLength; x++)
{
if (x < messageLength)
messageBytes[x] = commandBytes[x];
else // pad out for encryption
messageBytes[x] = 0;
}
while (keyString.Length < 16) // make sure keystring is exactly 16 bytes.
keyString += keyString;
if (keyString.Length > 16)
keyString = keyString.Substring(0,16);
var encoding = Encoding.GetEncoding(1252); // ANSI 1252
var key = encoding.GetBytes(keyString);
//create empty IV
var iv = new byte[16];
for (var x = 0; x < iv.Length; x++)
iv[x] = 0;
//create encryption object
var rijndael = new RijndaelManaged
{
BlockSize = 128,KeySize = 128,Padding = PaddingMode.None
};
//break into blockLength byte blocks and encrypt
var block = new byte[blockLength];
var encryptedBytes = new byte[allocatedLength];
for (var x = 0; x < allocatedLength; x += blockLength)
{
// copy current block
for (var j = 0; j < blockLength; j++)
block[j] = messageBytes[x + j];
using (var ms1 = new MemoryStream())
{
using (var cs1 = new CryptoStream(ms1,rijndael.CreateEncryptor(key,iv),CryptoStreamMode.Write))
cs1.Write(block,block.Length);
var block1 = ms1.ToArray();
for (var j = 0; j < blockLength; j++)
encryptedBytes[x + j] = block1[j];
}
}
var lsbMessageLength = new byte[2];
lsbMessageLength[0] = (byte)(allocatedLength & 0xFF);
lsbMessageLength[1] = (byte)(((allocatedLength >> 8) & 0xF) + 0x40); // 0x40 = flag to enable encryption
var controlPortStream = controlConnection.GetStream();
controlPortStream.Write(lsbMessageLength,lsbMessageLength.Length);
controlPortStream.Write(encryptedBytes,encryptedBytes.Length);
controlPortStream.Flush();
}
我包括我所有的解密代码尝试,注释掉,以及我希望工作的解密代码,但没有。如果有人能看到我做错了什么,请告诉我(首选代码):
private string DecryptMPString(string incomingMessage)
{
var keyString =
WebApiCommon.ApiRequests.SysSettings.GetList(new SysSettingDto { SectionName = "Configuration",VariableName = "Site name" }).FirstOrDefault()?.Value;
var encryptedBytes2 = Encoding.UTF8.GetBytes(incomingMessage);
var encryptedBytes = ConvertHexToAscii(encryptedBytes2);
var messageLength = encryptedBytes.Length;
var allocatedLength = messageLength;
var blockLength = 16;
allocatedLength = ((messageLength + blockLength - 1) / blockLength) * blockLength;
var messageBytes = new byte[allocatedLength];
for (var x = 0; x < allocatedLength; x++)
{
if (x < messageLength)
messageBytes[x] = encryptedBytes[x];
else // pad out for encryption
messageBytes[x] = 0;
}
while (keyString.Length < 16) // make sure keystring is exactly 16 bytes.
keyString += keyString;
if (keyString.Length > 16)
keyString = keyString.Substring(0,16);
var encoding = Encoding.GetEncoding(1252); // ANSI 1252
var key = encoding.GetBytes(keyString);
//create empty IV
var iv = new byte[16];
for (var x = 0; x < iv.Length; x++)
iv[x] = 0;
//create encryption object
//var rijndael = new RijndaelManaged
//{
// BlockSize = 128,// KeySize = 128,// Padding = PaddingMode.None
//};
//break into blockLength byte blocks and encrypt
//var block = new byte[blockLength];
//var decryptedBytes = new byte[allocatedLength];
//for (var x = 0; x < allocatedLength; x += blockLength)
//{
// // copy current block
// for (var j = 0; j < blockLength; j++)
// block[j] = messageBytes[x + j];
using (var rijndael = new RijndaelManaged())
{
rijndael.BlockSize = 128;
rijndael.KeySize = 128;
rijndael.Padding = PaddingMode.None;
var decryptor = rijndael.CreateDecryptor(key,iv);
var decryptedBytes = decryptor.TransformFinalBlock(messageBytes,allocatedLength);
return Encoding.UTF8.GetString(decryptedBytes,decryptedBytes.Length);
}
//using (var encryptedStream = new MemoryStream(encryptedBytes))
// {
// using (var decryptedStream = new MemoryStream())
// {
// using (var cryptoStream = new CryptoStream(encryptedStream,rijndael.CreateDecryptor(key,CryptoStreamMode.Read))
// {
// int data;
// while ((data = cryptoStream.ReadByte()) != -1)
// decryptedStream.WriteByte((byte)data);
// }
// return Encoding.UTF8.GetString(decryptedStream.ToArray(),decryptedStream.ToArray().Length);
// //var block1 = decryptedStream.ToArray();
// //for (var j = 0; j < blockLength; j++)
// // decryptedBytes[x + j] = block1[j];
// }
//}
//}
// return Encoding.UTF8.GetString(decryptedBytes,decryptedBytes.Length);
//using (var encryptedStream = new MemoryStream(encoding.GetBytes(incomingMessage)))
//{
// //stream where decrypted contents will be stored
// using (var decryptedStream = new MemoryStream())
// {
// using (var aes = new RijndaelManaged { KeySize = 128,BlockSize = 128,Padding = PaddingMode.None })
// {
// using (var decryptor = aes.CreateDecryptor(key,iv))
// {
// //decrypt stream and write it to parent stream
// using (var cryptoStream = new CryptoStream(encryptedStream,decryptor,CryptoStreamMode.Read))
// {
// int data;
// while ((data = cryptoStream.ReadByte()) != -1)
// decryptedStream.WriteByte((byte)data);
// }
// }
// }
// //reset position in prep for reading
// decryptedStream.Position = 0;
// var decryptedBytes = decryptedStream.ToArray();
// return Encoding.UTF8.GetString(decryptedBytes,decryptedBytes.Length);
// }
//}
}
private static byte[] ConvertHexToAscii(byte[] hexBytes)
{
int newLength = (hexBytes.Length) / 2;
var buffer = new byte[newLength];
for (int i = 0,j = 0; i < newLength; i++,j += 2)
buffer[i] = (byte)(((hexBytes[j] - '0') << 4) + (hexBytes[j + 1] - '0'));
return buffer;
}
这是在最初提出问题后的几天,但这里是用于创建由我的 C# 解决方案获取的消息的 C++ 加密代码:
BYTE* CEncrypt::Encrypt(LPCTSTR pszData,WORD& nLength)
{
if(nLength && m_bEncryptEnabled && m_nBlockSize == 16)
{
int nBufferSize = m_nBlockSize * (nLength/m_nBlockSize + (nLength % m_nBlockSize == 0?0:1));
BYTE* cBuffer = new BYTE[nBufferSize];
if(cBuffer)
{
memcpy(cBuffer,pszData,nLength);
while (nLength < nBufferSize) // zero last bytes in case short
cBuffer[nLength++] = '\0';
for (int nIndex = 0; nIndex < nLength; nIndex += m_nBlockSize)
{
Encrypt(cBuffer + nIndex);
}
return cBuffer;
}
}
return NULL;
}
/* There is an obvIoUs time/space Trade-off possible here. *
* Instead of just one ftable[],I Could have 4,the other *
* 3 pre-rotated to save the ROTL8,ROTL16 and ROTL24 overhead */
void CEncrypt::Encrypt(BYTE *buff)
{
int i,j,k,m;
DWORD a[8],b[8],*x,*y,*t;
for (i=j=0; i<Nb; i++,j+=4)
{
a[i] = pack((BYTE *)&buff[j]);
a[i] ^= fkey[i];
}
k = Nb;
x = a;
y = b;
/* State alternates between a and b */
for (i=1; i<Nr; i++)
{ /* Nr is number of rounds. May be odd. */
/* if Nb is fixed - unroll this next loop and hard-code in the values of fi[] */
for (m=j=0; j<Nb; j++,m+=3)
{ /* deal with each 32-bit element of the State */
/* This is the time-critical bit */
y[j]=fkey[k++]^ftable[(BYTE)x[j]]^
ROTL8(ftable[(BYTE)(x[fi[m]]>>8)])^
ROTL16(ftable[(BYTE)(x[fi[m+1]]>>16)])^
ROTL24(ftable[x[fi[m+2]]>>24]);
}
t = x;
x = y;
y = t; /* swap pointers */
}
/* Last Round - unroll if possible */
for (m=j=0; j<Nb; j++,m+=3)
{
y[j] = fkey[k++]^(DWORD)fbsub[(BYTE)x[j]]^
ROTL8((DWORD)fbsub[(BYTE)(x[fi[m]]>>8)])^
ROTL16((DWORD)fbsub[(BYTE)(x[fi[m+1]]>>16)])^
ROTL24((DWORD)fbsub[x[fi[m+2]]>>24]);
}
for (i=j=0; i<Nb; i++,j+=4)
{
unpack(y[i],(BYTE *)&buff[j]);
x[i] = y[i] = 0; /* clean up stack */
}
return;
}
解决方法
对于这样的问题,通常最好将其分解为尽可能小的组件。在这种情况下,您应该从所有其他逻辑中分离出加密和解密功能。这将使您可以测试这些函数,将它们的输出与已知的良好函数进行比较,并且无需太多工作即可运行代码:
static byte[] Encrypt(string[] messages)
{
string keyString = "mysupersecretkey";
var formattedMessage = $"{messages[1]}{Convert.ToChar(10)}{messages[2]}";
formattedMessage =
$"{Convert.ToChar(messages[2].Length)}{Convert.ToChar((int)Math.Floor((double)messages[2].Length / 255))}{formattedMessage}";
if (true /*WebApiCommon.Globals.IsEncryptionEnabled*/) //Yes,encryption is crazy
{
var commandBytes = Encoding.UTF8.GetBytes(formattedMessage);
// Create a buffer block-aligned that's big enough for commandBytes
var messageBytes = new byte[((commandBytes.Length - 1) | 15) + 1];
// Copy commandBytes into the buffer
Buffer.BlockCopy(commandBytes,messageBytes,commandBytes.Length);
while (keyString.Length < 16) // make sure keystring is exactly 16 bytes.
keyString += keyString;
if (keyString.Length > 16)
keyString = keyString.Substring(0,16);
var encoding = Encoding.GetEncoding(1252); // ANSI 1252
var key = encoding.GetBytes(keyString);
//create empty IV
var iv = new byte[16];
//create encryption object
var rijndael = new RijndaelManaged
{
BlockSize = 128,KeySize = 128,Padding = PaddingMode.None
};
using (var ms1 = new MemoryStream())
{
// Encrypt messageBytes
using (var cs1 = new CryptoStream(ms1,rijndael.CreateEncryptor(key,iv),CryptoStreamMode.Write))
cs1.Write(messageBytes,messageBytes.Length);
var encryptedBytes = ms1.ToArray();
// Create the message length
var lsbMessageLength = new byte[2];
lsbMessageLength[0] = (byte)(encryptedBytes.Length & 0xFF);
lsbMessageLength[1] = (byte)(((encryptedBytes.Length >> 8) & 0xF) + 0x40); // 0x40 = flag to enable encryption
// Combine the message length along with the encrypted bytes
byte[] ret = new byte[lsbMessageLength.Length + encryptedBytes.Length];
Buffer.BlockCopy(lsbMessageLength,ret,lsbMessageLength.Length);
Buffer.BlockCopy(encryptedBytes,lsbMessageLength.Length,encryptedBytes.Length);
// Return it
return ret;
}
}
}
static string Decrypt(byte[] encryptedBytes)
{
string keyString = "mysupersecretkey";
// Get the message bytes from the bytes
var allocatedLength = (encryptedBytes[1] & 0xF) << 8 | encryptedBytes[0];
// And pull out the encrypted bytes
var messageBytes = new byte[allocatedLength];
Buffer.BlockCopy(encryptedBytes,2,allocatedLength);
while (keyString.Length < 16) // make sure keystring is exactly 16 bytes.
keyString += keyString;
if (keyString.Length > 16)
keyString = keyString.Substring(0,16);
var encoding = Encoding.GetEncoding(1252); // ANSI 1252
var key = encoding.GetBytes(keyString);
//create empty IV
var iv = new byte[16];
for (var x = 0; x < iv.Length; x++)
iv[x] = 0;
using (var rijndael = new RijndaelManaged())
{
rijndael.BlockSize = 128;
rijndael.KeySize = 128;
rijndael.Padding = PaddingMode.None;
var decryptor = rijndael.CreateDecryptor(key,iv);
var decryptedBytes = decryptor.TransformFinalBlock(messageBytes,allocatedLength);
return Encoding.UTF8.GetString(decryptedBytes,decryptedBytes.Length);
}
}
然后您可以通过几个快速调用来练习:
string[] messages = { "","system name","Command" };
var encrypted = Encrypt(messages);
Console.WriteLine(BitConverter.ToString(encrypted).Replace("-",""));
var decrypted = Decrypt(encrypted);
Console.WriteLine(decrypted);
输出:
2040622E097E5E8D438C9156384757A56C83B764BDF5B0D34346B2A7D56BD96016D7
system name
Command
然后,您可以根据 C++ 实现验证加密字符串是否正确,并且无需运行其余的网络代码即可验证解密的响应。
,问题在于您的加密代码为每个块创建了一个新的加密器:
for (var x = 0; x < allocatedLength; x += blockLength)
{
// copy current block
for (var j = 0; j < blockLength; j++)
block[j] = messageBytes[x + j];
using (var ms1 = new MemoryStream())
{
using (var cs1 = new CryptoStream(ms1,CryptoStreamMode.Write))
cs1.Write(block,block.Length);
var block1 = ms1.ToArray();
for (var j = 0; j < blockLength; j++)
encryptedBytes[x + j] = block1[j];
}
}
... 这使得它本质上是一个 ECB 转换。 C++ 代码也在做同样的事情。
在您的 C# Decrypt 中,您尝试一次解密整个块:
using (var rijndael = new RijndaelManaged())
{
rijndael.BlockSize = 128;
rijndael.KeySize = 128;
rijndael.Padding = PaddingMode.None;
var decryptor = rijndael.CreateDecryptor(key,iv);
var decryptedBytes = decryptor.TransformFinalBlock(messageBytes,allocatedLength);
return Encoding.UTF8.GetString(decryptedBytes,decryptedBytes.Length);
}
...这将适用于第一个块,但不适用于其余块。更改它以使用新的解密器处理每个块......它会起作用:
string finalString = "";
var blockLength = 16;
using (var rijndael = new RijndaelManaged())
{
rijndael.BlockSize = 128;
rijndael.KeySize = 128;
rijndael.Padding = PaddingMode.None;
for (var bytePos = 0; bytePos < allocatedLength; bytePos += blockLength)
{
var decryptor = rijndael.CreateDecryptor(key,iv);
var decryptedBytes = decryptor.TransformFinalBlock(messageBytes.Skip(bytePos).ToArray(),blockLength);
finalString += Encoding.UTF8.GetString(decryptedBytes,decryptedBytes.Length);
}
}
return finalString;