从C#代码中查找PHP中的类似代码(AES-256解密)

时间:2017-10-17 07:04:09

标签: c# php encryption aes

我一直在尝试使用PHP中的类似模式来跟随c#代码。我花了7天时间,尝试在我的EPin API应用程序中实现简单的加密通信。问题是,来自php脚本的响应给了我空白

public static string AESDecryptText(string input, string key)
{
    // Get the bytes of the string
    byte[] bytesToBeDecrypted = Convert.FromBase64String(input);
    byte[] keyBytes = Encoding.UTF8.GetBytes(key);
    keyBytes = SHA256.Create().ComputeHash(keyBytes);

    byte[] bytesDecrypted = AESDecrypt(bytesToBeDecrypted, keyBytes);

    string result = Encoding.UTF8.GetString(bytesDecrypted);

    return result;
}

public static byte[] AESDecrypt(byte[] bytesToBeDecrypted, byte[] keyBytes)
{
    byte[] decryptedBytes = null;

    // Set your salt here, change it to meet your flavor:
    // The salt bytes must be at least 8 bytes.
    byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };

    using (MemoryStream ms = new MemoryStream())
    {
        using (RijndaelManaged AES = new RijndaelManaged())
        {
            AES.KeySize = 256;
            AES.BlockSize = 128;

            var key = new Rfc2898DeriveBytes(keyBytes, saltBytes, 1000);
            AES.Key = key.GetBytes(AES.KeySize / 8);
            AES.IV = key.GetBytes(AES.BlockSize / 8);

            AES.Mode = CipherMode.CBC;

            using (var cs = new CryptoStream(ms, AES.CreateDecryptor(), CryptoStreamMode.Write))
            {
                cs.Write(bytesToBeDecrypted, 0, bytesToBeDecrypted.Length);
                cs.Close();
            }
            decryptedBytes = ms.ToArray();
        }
    }

    return decryptedBytes;
}

来自其他帖子的我的PHP代码.. 

function DecryptString($content, $password = 
 '4J2lh3Lz4q6ACo16VrL1oLDnh3k7G1KaXliUPVPV8o0='){


 $password = mb_convert_encoding($password, "utf-16le");
        $padding = 32 - (strlen($password) % 32);
        $password .= str_repeat("\0", $padding);
        $iv = substr($password, 0, 8);
        $data = base64_decode($content);

       $decrypted  = openssl_decrypt($data, 'AES-256-CBC', $password, 
 OPENSSL_RAW_DATA, $iv);
        $decrypted = mb_convert_encoding($decrypted, "utf-8", "utf-16le");
        return $decrypted;
}


 function decryption(){

    $password = "4J2lh3Lz4q6ACo16VrL1oLDnh3k7G1KaXliUPVPV8o0=";
    $content = "wKamNpehMEqJQ4NcUueNuXq1PbupsxwEvwcJ0CeI+8Q=";
    echo $this->DecryptString($content, $password);

    }

每次打印时,显示空白。请帮忙解决这个问题

1 个答案:

答案 0 :(得分:0)

在您的C#代码中,使用SHA256哈希密码,Rfc2898DeriveBytes创建密钥和IV。 PHP类似函数是hash(使用sha256)和hash_pbkdf2

与您的C#AESDecryptText方法相当的PHP:

function AESDecryptText($content, $password){
    $password = hash('sha256', $password, true);
    $salt = pack("C*",1,2,3,4,5,6,7,8);
    $bytes = hash_pbkdf2("sha1", $password, $salt, 1000, 48, true);
    $key = substr($bytes, 0, 32);
    $iv = substr($bytes, 32, 16);
    return openssl_decrypt($content, 'AES-256-CBC', $key, 0, $iv);
}

一些注意事项:

  • 每个密码的盐应该是唯一的。
  • IV应该是随机的,与密码或密钥无关 您可以使用openssl_random_pseudo_bytes创建随机字节。
  • Salt和IV不必保密,您可以将它们存储在密文旁边。
  • 您应该考虑使用HMAC来验证您的密文 您可以将hash_hmac用于此目的。
相关问题
最新问题