使用Windows AES加密提供程序解密C ++中的C#加密数据

时间:2017-04-21 13:05:15

标签: c# c++ encryption aes

我需要使用RijndaelManaged加密C#中的数据并使用C ++代码解密。

C#加密代码:

static string Encrypt(string plainText)
{
    byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);

    var keyBytes = new byte[] { /* ... 32 bytes of a key */};
    byte[] iv = new byte[] { /* ... 16 bytes of IV */ };


    var symmetricKey = new RijndaelManaged() 
    { 
        Mode = CipherMode.CBC, 
        Padding = PaddingMode.Zeros, 
        BlockSize = 128, // Must be 128 to be compatible with AES
        KeySize = 256 
    };

    var encryptor = symmetricKey.CreateEncryptor(keyBytes, iv);

    byte[] cipherTextBytes;
    using(var memoryStream = new MemoryStream())
    {
        using(var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
        {
            cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
            cryptoStream.FlushFinalBlock();
            cipherTextBytes = memoryStream.ToArray();
            cryptoStream.Close();
        }
        memoryStream.Close();
    }
    return Convert.ToBase64String(cipherTextBytes);
}

但是当用C ++代码解密时,我总是从CryptDecrypt获得NTE_BAD_DATA回复。这是C ++代码(为清楚起见,删除了所有检查):

__declspec(dllexport) DWORD  Decrypt(char* stringBuffer)
{
string encryptedString(stringBuffer);

// Decode base64 string to byte array. Works ok, the binary array is the same as the one in C# code.
vector<BYTE> encryptionBuffer = Base64::decode(encryptedString);
DWORD bufferSize = encryptionBuffer.size();

struct CryptoBlob {
    BLOBHEADER header;
    DWORD cbKeySize;
    BYTE rgbKeyData[32];
} keyBlob;

keyBlob.header.bType = PLAINTEXTKEYBLOB;
keyBlob.header.bVersion = CUR_BLOB_VERSION;
keyBlob.header.reserved = 0;
keyBlob.header.aiKeyAlg = CALG_AES_256;
keyBlob.cbKeySize = 32;

BYTE keyData[32] = { /* 32 bytes of a key the same as in C# code */ };
BYTE ivData[16] = { /* 16 bytes of IV the same as in C# code */ };

memcpy(keyBlob.rgbKeyData, keyData, 32);

HCRYPTKEY hPubKey;
HCRYPTPROV hProv;

CryptAcquireContext(
    &hProv,
    NULL,
    NULL,
    PROV_RSA_AES,
    CRYPT_VERIFYCONTEXT);

CryptImportKey(hProv, (const LPBYTE)&keyBlob, sizeof(keyBlob), 0, 0, &hPubKey);
CryptSetKeyParam(hPubKey, KP_IV, ivData, 0);

// Here the error happens, the value returned is 0x80090005 (NTE_BAD_DATA)
DWORD err = CryptDecrypt(hPubKey, 0, TRUE, 0, encryptionBuffer.data(), &bufferSize);

// overwrite the input buffer with decrypted data
memset(stringBuffer, 0, encryptedString.length());
memcpy(stringBuffer, encryptionBuffer.data(), bufferSize);

return 0;
}

知道可能出现什么问题吗? 谢谢!

2 个答案:

答案 0 :(得分:5)

当您将TRUE作为第3个参数传递给CryptDecrypt时,它会尝试撤消PKCS#7填充。当它无法撤消该填充时,它会发出NTE_BAD_DATA。

由于您已将加密的填充模式更改为Pkcs7以外的值,因此您需要传递FALSE并执行手动删除。

由于PaddingMode.Zeros本身并不可撤销,因此无法执行任何删除操作。

答案 1 :(得分:0)

如果以上不是答案,我建议在C ++和C#中查看它们的键/ iv,并确保字节数组看起来完全相同。

最后一个额外的字符可能会导致问题。

如果它们不匹配,请注意在编程语言和实现之间,返回的输出类型(例如有符号/无符号,字符/字节数组)可能存在差异,这也会导致问题。

相关问题
最新问题