Question

我遇到_Crypt_EncryptData()的问题。我想加密数据，存储它，然后重新读回来。

似乎_Crypt_EncryptData()和_Crypt_DecryptData()不对称;前者对输出值进行隐式十六进制编码。但后者对输入进行了隐式二进制转换（到目前为止一直很好），但随后在其输出上进行了隐式十六进制转换！因此在一个文件中：

$ciphertext=_Crypt_EncryptData($cleartext, $g_hKey, $CALG_3DES)
$cleartext=_HexToString(_Crypt_DecryptData($ciphertext, $g_hKey, $CALG_3DES))

（erk！）会给我原来的明文。我无法跨调用从文件中恢复明文。密文每次都在变化，例如用字符串＆＃34;这是一个测试＆＃34;，在我得到的后续执行中：

 0x0B656F9BCC35B73A6EA9D08701E78713
 0xEBE1E744668C379CE74480C3A56303A2
 0x25F50D6B833B3CEF60FCFAF8AE673CF3

如果由于不同的初始化向量，我会期待这个，但是看看＆＃34; Crypt.au3＆＃34;我认为无法设置或获得IV（我知道DES3是不安全的 - 这是一场不同的战斗）。是我还是AutoIt？

以下是重现此问题的完整脚本来源：

#include <StringConstants.au3>
#include <Crypt.au3>
#include <String.au3>

_Crypt_Startup() 
$inifile="C:\test_au_enc.ini"
$g_hKey = _Crypt_DeriveKey("s3cr3t.S4uce", $CALG_3DES)

; test previous invocation
$readback=IniRead($inifile, "main", "pass", "Failed")
if ("Failed"=$readback) Then
   MsgBox(0, "Enc Dec", "Failed to read ini file")
Else
   $dec=_HexToString(_Crypt_DecryptData($readback, $g_hKey, $CALG_3DES))
   MsgBox(0,"Enc Dec", "Read from previous: " & $dec)
   ; this fails to recover the cleartext
EndIf


$subj=InputBox("Enc Dec", "Please supply a string to encrypt", "This is a test");

; encrypt the string and write it to a file...
$enc=_Crypt_EncryptData($subj, $g_hKey, $CALG_3DES)
IniWrite($inifile, "main", "pass", $enc)

; now read back the value and decrypt
$readback=IniRead($inifile, "main", "pass", "Failed")
$dec=_HexToString(_Crypt_DecryptData($readback, $g_hKey, $CALG_3DES))
InputBox("Enc Dec", "Encrypted:" & $enc & @CRLF & "decrypted:" & $dec, $enc)
; here the decrypted text matches the cleartext

Answer 1

根据help file;使用_Crypt_DeriveKey()是正确的，但在使用您自己的派生密钥时，您应该像这样调用_Crypt_EncryptData()和_Crypt_DecryptData()：

$enc = _Crypt_EncryptData($subj, $g_hKey, $CALG_USERKEY)
$dec = _HexToString(_Crypt_DecryptData($readback, $g_hKey, $CALG_USERKEY))

$CALG_USERKEY参数的差异为$iAlgID，它告诉将$vCryptKey参数视为密钥的句柄而不是密码。这似乎按预期工作。

以下是完整代码：

#include <StringConstants.au3>
#include <Crypt.au3>
#include <String.au3>

_Crypt_Startup()
$inifile="C:\test_au_enc.ini"
$g_hKey = _Crypt_DeriveKey("s3cr3t.S4uce", $CALG_3DES)

; test previous invocation
$readback=IniRead($inifile, "main", "pass", "Failed")
if ("Failed"=$readback) Then
   MsgBox(0, "Enc Dec", "Failed to read ini file")
Else
   $dec=_HexToString(_Crypt_DecryptData($readback, $g_hKey, $CALG_USERKEY))
   MsgBox(0,"Enc Dec", "Read from previous: " & $dec)
   ; this fails to recover the cleartext
EndIf


$subj=InputBox("Enc Dec", "Please supply a string to encrypt", "This is a test");

; encrypt the string and write it to a file...
$enc=_Crypt_EncryptData($subj, $g_hKey, $CALG_USERKEY)
IniWrite($inifile, "main", "pass", $enc)

; now read back the value and decrypt
$readback=IniRead($inifile, "main", "pass", "Failed")
$dec=_HexToString(_Crypt_DecryptData($readback, $g_hKey, $CALG_USERKEY))
InputBox("Enc Dec", "Encrypted:" & $enc & @CRLF & "decrypted:" & $dec, $enc)
; here the decrypted text matches the cleartext

_Crypt_EncryptData（）和_Crypt_DecryptData（）混淆

1 个答案: