4

WinRT Metro アプリケーションで復号化する必要がある C# の AesManaged によって暗号化されたテキストがあります。コードには変更できない他の依存関係があるため、暗号化コードを変更できません。

暗号化関数は次のようになります。

// Note: Edited out possibly real password and salt:
Guid password = Guid.Parse("AAAAAAAAA-AAAA-AAAA-AAAA-AAAAAAAAAAAA");
Guid salt = Guid.Parse("AAAAAAAAA-BBBB-BBBB-BBBB-AAAAAAAAAAAA");

string EncryptedValue(string data)
{   
byte[] passwordBytes = password.ToByteArray();
byte[] saltBytes = salt.ToByteArray();

byte[] bKey = new byte[16];
for(int i = 0; i < 16; i++)
{
    bKey[i] = passwordBytes[i];
}

string encryptedData = String.Empty;
using (System.Security.Cryptography.AesManaged aesAlg = new System.Security.Cryptography.AesManaged())
{
    aesAlg.Key = bKey;
    aesAlg.IV = saltBytes;

    // Create a decrytor to perform the stream transform.
    System.Security.Cryptography.ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);

    // Create the streams used for encryption.
    using (MemoryStream msEncrypt = new MemoryStream())
    {
        using (System.Security.Cryptography.CryptoStream csEncrypt = new System.Security.Cryptography.CryptoStream(msEncrypt, encryptor, System.Security.Cryptography.CryptoStreamMode.Write))
        {
            using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
            {

                //Write all data to the stream.
                swEncrypt.Write(data);
            }

            encryptedData = Convert.ToBase64String(msEncrypt.ToArray());
        }
    }
}

return encryptedData;
}

サンプルデータ:

   // Decrypted value is: 2029
   var _id = EncryptedSettingsBase.Decrypt("ROSNJ1XnAozF7LC0wW8AOg==");

次の投稿を読みました: http://social.msdn.microsoft.com/Forums/en-US/winappswithcsharp/thread/7cfcc576-1c2c-4a50-a546-09a45d3ff41f 同じ問題のように見えますが、行ったことはありません「データエラー(巡回冗長検査)」という例外が発生するため、彼らの提案を機能させることができます。(HRESULT からの例外: 0x80070017)」。

internal class EncryptedSettingsBase
{
    public static string Decrypt(string cipherText)
    {
        var passwordBytes = (new Guid("AAAAAAAAA-AAAA-AAAA-AAAA-AAAAAAAAAAAA")).ToByteArray();
        var salt = (new Guid("AAAAAAAAA-BBBB-AAAA-AAAA-AAAAAAAAAAAA")).ToString();

        byte[] bKey = new byte[16];
        for (int i = 0; i < 16; i++)
        {
            bKey[i] = passwordBytes[i];
        }

        IBuffer pwBuffer = CryptographicBuffer.CreateFromByteArray(bKey);
        IBuffer saltBuffer = CryptographicBuffer.ConvertStringToBinary(salt, BinaryStringEncoding.Utf16LE);
        IBuffer cipherBuffer = CryptographicBuffer.DecodeFromBase64String(cipherText);

        // Derive key material for password size 32 bytes for AES256 algorithm
        KeyDerivationAlgorithmProvider keyDerivationProvider = KeyDerivationAlgorithmProvider.OpenAlgorithm("PBKDF2_SHA1");
        // using salt and 1000 iterations
        KeyDerivationParameters pbkdf2Parms = KeyDerivationParameters.BuildForPbkdf2(saltBuffer, 1000);

        // create a key based on original key and derivation parmaters
        CryptographicKey keyOriginal = keyDerivationProvider.CreateKey(pwBuffer);
        IBuffer keyMaterial = CryptographicEngine.DeriveKeyMaterial(keyOriginal, pbkdf2Parms, 32);
        CryptographicKey derivedPwKey = keyDerivationProvider.CreateKey(pwBuffer);

        // derive buffer to be used for encryption salt from derived password key 
        IBuffer saltMaterial = CryptographicEngine.DeriveKeyMaterial(derivedPwKey, pbkdf2Parms, 16);

        // display the keys - because KeyDerivationProvider always gets cleared after each use, they are very similar unforunately
        string keyMaterialString = CryptographicBuffer.EncodeToBase64String(keyMaterial);
        string saltMaterialString = CryptographicBuffer.EncodeToBase64String(saltMaterial);

        SymmetricKeyAlgorithmProvider symProvider = SymmetricKeyAlgorithmProvider.OpenAlgorithm("AES_CBC_PKCS7");
        // create symmetric key from derived password material
        CryptographicKey symmKey = symProvider.CreateSymmetricKey(keyMaterial);

        // encrypt data buffer using symmetric key and derived salt material
        IBuffer resultBuffer = CryptographicEngine.Decrypt(symmKey, cipherBuffer, saltMaterial);
        string result = CryptographicBuffer.ConvertBinaryToString(BinaryStringEncoding.Utf16LE, resultBuffer);
        return result;
    }
}

私はおそらくばかげたことをしていますが、私はこのことを完全には理解していません。私がどこで間違っているか知っている人はいますか?

どんな助けでも大歓迎です。

乾杯、ジョン

4

2 に答える 2

3

次のコードは、すべての依存関係を適切に暗号化するように変更できれば、うまくいきます。

ここのコードが役立ちました: http://visualstudio.uservoice.com/forums/121579-visual-studio/suggestions/2966549-make-equal-aesmanaged-snippet-as-in-silverlight-an

暗号化コード、C# 4.0 側:

string salt = "AAAAAAAAA-AAAA-AAAA-AAAA-AAAAAAAAAAAA";
string password = "AAAAAAAAA-BBBB-AAAA-AAAA-AAAAAAAAAAAA";

string EncryptedValue(string data)
{   
byte[] saltBytes = System.Text.Encoding.UTF8.GetBytes(salt);

string encryptedData = String.Empty;
using (System.Security.Cryptography.AesManaged aes = new System.Security.Cryptography.AesManaged())
{
    var rfc = new System.Security.Cryptography.Rfc2898DeriveBytes(password, saltBytes);

    aes.BlockSize = aes.LegalBlockSizes[0].MaxSize; 
    aes.KeySize = aes.LegalKeySizes[0].MaxSize; 
    aes.Key = rfc.GetBytes(32); 
    rfc.Reset(); 
    aes.IV = rfc.GetBytes(16);

    // Create a decrytor to perform the stream transform.
    System.Security.Cryptography.ICryptoTransform encryptor = aes.CreateEncryptor(aes.Key, aes.IV);

    // Create the streams used for encryption.
    using (MemoryStream msEncrypt = new MemoryStream())
    {
        using (System.Security.Cryptography.CryptoStream csEncrypt = new System.Security.Cryptography.CryptoStream(msEncrypt, encryptor, System.Security.Cryptography.CryptoStreamMode.Write))
        {
            using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
            {
                // Write all data to the stream.
                swEncrypt.Write(data);
            }

            encryptedData = Convert.ToBase64String(msEncrypt.ToArray());
        }
    }
}

return encryptedData;
}

復号化コード WinRT 側:

protected string Decrypt(string encryptedData)
    {
        const string password = "AAAAAAAAA-AAAA-AAAA-AAAA-AAAAAAAAAAAA";
        const string salt = "AAAAAAAAA-BBBB-AAAA-AAAA-AAAAAAAAAAAA";

        IBuffer pwBuffer = CryptographicBuffer.ConvertStringToBinary(password, BinaryStringEncoding.Utf8);
        IBuffer saltBuffer = CryptographicBuffer.ConvertStringToBinary(salt, BinaryStringEncoding.Utf8);
        IBuffer cipherBuffer = CryptographicBuffer.DecodeFromBase64String(encryptedData);

        KeyDerivationAlgorithmProvider keyDerivationProvider = KeyDerivationAlgorithmProvider.OpenAlgorithm("PBKDF2_SHA1");

        KeyDerivationParameters pbkdf2Parms = KeyDerivationParameters.BuildForPbkdf2(saltBuffer, 1000);

        CryptographicKey keyOriginal = keyDerivationProvider.CreateKey(pwBuffer);
        IBuffer keyMaterial = CryptographicEngine.DeriveKeyMaterial(keyOriginal, pbkdf2Parms, 32);

        CryptographicKey derivedPwKey = keyDerivationProvider.CreateKey(pwBuffer);

        IBuffer saltMaterial = CryptographicEngine.DeriveKeyMaterial(derivedPwKey, pbkdf2Parms, 16);

        SymmetricKeyAlgorithmProvider symProvider = SymmetricKeyAlgorithmProvider.OpenAlgorithm("AES_CBC_PKCS7");

        CryptographicKey symmKey = symProvider.CreateSymmetricKey(keyMaterial);

        IBuffer resultBuffer = CryptographicEngine.Decrypt(symmKey, cipherBuffer, saltMaterial);

        byte[] asd;
        CryptographicBuffer.CopyToByteArray(resultBuffer, out asd);
        string result = CryptographicBuffer.ConvertBinaryToString(BinaryStringEncoding.Utf8, resultBuffer);
        return result;
    }
于 2012-08-02T08:39:34.787 に答える
3

片側で PBKDF2 を使用しており、.net 部分では PBKDF2 を使用していません。残念ながら、変更できない部分はキーを正しく使用していません。UID を直接使用するだけです。

于 2012-08-01T18:49:35.970 に答える