我不确定这是否是问这个问题的正确地方。但是我没有C#的经验,并且受命将一段安全代码转换为Golang
我想知道我是否错过了这里的东西。
C#代码使用Rijndael类加密一点数据。 key值和iv值在这样的字节码中写出
public static byte[] Key = new byte[]{0xx, 0xx, 0xx, 0xx, 0xx,
0xx4, 0xxx, 0xxx, 0xxx, 0xxx, xxx, 0xxx,
0xxx, 0xxx, 0xxx, 0xxx};
public static byte[] IV = new byte[] // save structure as above with 16 in length
然后有一些代码可以做到这一点
Rijndael alg = Rijndael.Create();
alg.Key = Key;
alg.IV = IV;
CryptoStream cs = new CryptoStream(ms,
alg.CreateEncryptor(), CryptoStreamMode.Write);
cs.Write(dataWithoutHeader, 0, dataWithoutHeader.Length);
cs.Close();
该函数将byte[] data作为输出发出
我正在尝试模仿这样的golang
func StartEncryption(message []byte) []byte {
var key = []byte {// same as C# }
var iv = []byte{ // same as C# }
var err error
fmt.Printf("\n length of key %+v \n, \n length of iv \n %+v \n", len(key), len(iv))
// Encrypt
encrypted := make([]byte, len(message))
err = EncryptAESCFB(encrypted, []byte(message), key, iv)
if err != nil {
panic(err)
}
return encrypted
}
加密功能
func EncryptAESCFB(dst, src, key, iv []byte) error {
aesBlockEncrypter, err := aes.NewCipher([]byte(key))
if err != nil {
return err
}
aesEncrypter := cipher.NewCFBEncrypter(aesBlockEncrypter, iv)
aesEncrypter.XORKeyStream(dst, src)
return nil
}
此输出通过需要对其输出进行解密的API发送。我在下面使用这个
func decryptMessage(message []byte)error{
var key = []byte{ // same as C# }
var iv = []byte{ // same as C# }
// Remove the head part of the response (45 bytes)
responseBody := message[45:]
decrypted := make([]byte, len(responseBody))
err := DecryptAESCFB(decrypted, responseBody, key, iv)
if err != nil {
fmt.Printf("\n error : \n %+v \n", err)
}
return nil
}
func DecryptAESCFB(dst, src, key, iv []byte) error {
aesBlockDecrypter, err := aes.NewCipher([]byte(key))
if err != nil {
return nil
}
aesDecrypter := cipher.NewCFBDecrypter(aesBlockDecrypter, iv)
aesDecrypter.XORKeyStream(dst, src)
return nil
}
解密器给我乱码-我在哪里出错了?
我的问题归结为2个问题
使用rijndael类的C#函数和golang函数会产生相同的输出还是我应该做更多/更少的事情
字节数组是存储密钥IV的正确数据吗-即复制到GO时在C#中使用的密钥不相同
答案 0 :(得分:1)
您发布的代码存在一些问题。
这里是一个例子。 Playground Link
package main
import (
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/hex"
"fmt"
"os"
)
var (
key = randBytes(256 / 8)
gcm cipher.AEAD
nonceSize int
)
// Initilze GCM for both encrypting and decrypting on program start.
func init() {
block, err := aes.NewCipher(key)
if err != nil {
fmt.Printf("Error reading key: %s\n", err.Error())
os.Exit(1)
}
fmt.Printf("Key: %s\n", hex.EncodeToString(key))
gcm, err = cipher.NewGCM(block)
if err != nil {
fmt.Printf("Error initializing AEAD: %s\n", err.Error())
os.Exit(1)
}
nonceSize = gcm.NonceSize()
}
func randBytes(length int) []byte {
b := make([]byte, length)
rand.Read(b)
return b
}
func encrypt(plaintext []byte) (ciphertext []byte) {
nonce := randBytes(nonceSize)
c := gcm.Seal(nil, nonce, plaintext, nil)
return append(nonce, c...)
}
func decrypt(ciphertext []byte) (plaintext []byte, err error) {
if len(ciphertext) < nonceSize {
return nil, fmt.Errorf("Ciphertext too short.")
}
nonce := ciphertext[0:nonceSize]
msg := ciphertext[nonceSize:]
return gcm.Open(nil, nonce, msg, nil)
}
func main() {
fmt.Println("Encrypting...")
msg := []byte("The quick brown fox jumped over the lazy dog.")
ciphertext := encrypt(msg)
fmt.Printf("Encrypted message: %v\n", ciphertext)
fmt.Println("Decrypting...")
plaintext, err := decrypt(ciphertext)
if err != nil {
// Don't display this message to the end-user, as it could potentially
// give an attacker useful information. Just tell them something like "Failed to decrypt."
fmt.Printf("Error decryping message: %s\n", err.Error())
os.Exit(1)
}
fmt.Printf("Decrypted message: %s\n", string(plaintext))
}