我正在使用python程序获取一个大字符串(256字节或更多)并使用AES-CBC对其进行加密。这将发生在Linux系统上,然后加密的数据将被传输到Windows机器,在那里它将被解密。我能够加密python中的数据,但无法解密PowerShell中的数据。我相信我的问题是PowerShell代码,但我不完全确定。在PowerShell中,我得到一大串ASCII字符作为输出:
IV is equal to 81 114 150 34 27 90 82 1 78 188 221 119 110 240 56 183
AES key is TXlwYXNzcGhyYXNlS2V5MQ==
Unencrypted string: TextMustBe16BytesUsually
Encrypted string: ZjE5NGRkMjY0MGU3NzJhNjRlZWI1MjlhYzlmNzk4N2NhNjE4ZjlmZDE5MmE3MWJjZDczMTBlZjBmNDQ3ZTUzMw==
Unencrypted string: g�V��⓪����DĖ u���.Ӣ���B�#�!�v����ƭɐ
我将在下面发布两者的来源,非常感谢任何帮助。
的Python:
from Crypto.Cipher import AES
import hashlib
import sys
import base64
import binascii
import Padding
val='TextMustBe16BytesUsually'
password='ew+39INFhCg+rcNZsY/bd64hWoopaOA5m8r9mgfF/x0='
ival= 12345678
plaintext=val
def encrypt2(plaintext,key, mode,iv):
encobj = AES.new(key,mode,iv)
return(encobj.encrypt(plaintext))
def decrypt2(ciphertext,key, mode,iv):
encobj = AES.new(key,mode,iv)
return(encobj.decrypt(ciphertext))
key = hashlib.sha256(password).digest()
iv= hex(ival)[2:8].zfill(16)
print "IV: "+ base64.b64encode(iv)
plaintext=val
plaintext = Padding.appendPadding(plaintext,blocksize=Padding.AES_blocksize,mode=0)
ciphertext = encrypt2(plaintext,key,AES.MODE_CBC,iv)
print ciphertext
print "Cipher (CBC): "+ base64.b64encode(binascii.hexlify(bytearray(ciphertext)))
plaintext = decrypt2(ciphertext,key,AES.MODE_CBC,iv)
plaintext = Padding.removePadding(plaintext,mode=0)
print "Decrypt: "+plaintext
Powershell的:
function Create-AesManagedObject($key, $IV) {
$aesManaged = New-Object "System.Security.Cryptography.AesManaged"
$aesManaged.Mode = [System.Security.Cryptography.CipherMode]::CBC
$aesManaged.Padding = [System.Security.Cryptography.PaddingMode]::Zeros
$aesManaged.BlockSize = 128
$aesManaged.KeySize = 256
if ($IV) {
if ($IV.getType().Name -eq "String") {
$aesManaged.IV = [System.Convert]::FromBase64String($IV)
}
else {
$aesManaged.IV = $IV
}
}
if ($key) {
if ($key.getType().Name -eq "String") {
$aesManaged.Key = [System.Convert]::FromBase64String($key)
}
else {
$aesManaged.Key = $key
}
}
$aesManaged
}
function Create-AesKey() {
$aesManaged = Create-AesManagedObject
$aesManaged.GenerateKey()
[System.Convert]::ToBase64String($aesManaged.Key)
}
function Decrypt-String($key, $encryptedStringWithIV) {
$bytes = [System.Convert]::FromBase64String($encryptedStringWithIV)
$aesManaged = Create-AesManagedObject $key $IV
$decryptor = $aesManaged.CreateDecryptor();
$unencryptedData = $decryptor.TransformFinalBlock($bytes, 16, $bytes.Length - 16);
$aesManaged.Dispose()
[System.Text.Encoding]::UTF8.GetString($unencryptedData).Trim([char]0)
}
$key = "ew+39INFhCg+rcNZsY/bd64hWoopaOA5m8r9mgfF/x0="
"KEY:"
$key
"IV:"
$IV
$unencryptedString = "TextMustBe16BytesUsually"
"ENCRYPTED STRING"
$encryptedString = "ZjE5NGRkMjY0MGU3NzJhNjRlZWI1MjlhYzlmNzk4N2NhNjE4ZjlmZDE5MmE3MWJjZDczMTBlZjBmNDQ3ZTUzMw=="
$encryptedString
$backToPlainText = Decrypt-String $key $encryptedString
"Plain Text"
$backToPlainText
答案 0 :(得分:1)
我修改了你的加密。您的加密缺少$ IV参考。
解密附加IV数组并将其传递给对象。
function Encrypt-String($key, $unencryptedString) {
$bytes = [System.Text.Encoding]::UTF8.GetBytes($unencryptedString)
$aesManaged = Create-AesManagedObject $key $IV
$encryptor = $aesManaged.CreateEncryptor()
$encryptedData = $encryptor.TransformFinalBlock($bytes, 0, $bytes.Length);
[byte[]] $fullData = $aesManaged.IV + $encryptedData
$aesManaged.Dispose()
[System.Convert]::ToBase64String($fullData)
}
function Decrypt-String($key, $encryptedStringWithIV) {
$bytes = [System.Convert]::FromBase64String($encryptedStringWithIV)
$IV = $bytes[0..15]
$aesManaged = Create-AesManagedObject $key $IV
$decryptor = $aesManaged.CreateDecryptor();
$unencryptedData = $decryptor.TransformFinalBlock($bytes, 16, $bytes.Length - 16);
$aesManaged.Dispose()
[System.Text.Encoding]::UTF8.GetString($unencryptedData).Trim([char]0)
}
$unencryptedString = "TextMustBe16BytesUsually"
$encryptedString = Encrypt-String $key $unencryptedString
$backToPlainText = Decrypt-String $key $encryptedString
$backToPlainText