暗号化された情報を Progress 4GL 10.2B アプリケーションに送信しようとしている VB.NET アプリケーションがあります。Iteration Count、Salt、Private Key、および Initialization Vector を一致させました。異なるキーを生成する理由がわかりません。私は .NET で Silverlight を使用しており、rfc2898derivebytes クラスは HMACSHA-1 ハッシュ アルゴリズムを使用し、進行状況は SHA-1 ハッシュ アルゴリズムを使用しています。2 つのシステムをマップして単純な文字列を転送する方法を確認しようとしています。
以下はVB.NETコードです
enter codePublic Class OASISCryptography
Const _privateKey As String = "MEXMUELLER"
Public Shared Function GetSalt() As Byte()
Dim salt() As Byte = New Byte(7) {}
Dim s As New RNGCryptoServiceProvider
s.GetBytes(salt)
Return salt
End Function
Public Shared Function EncryptValue(ByVal data As String, ByVal salt() As Byte) As Byte()
Using myAes As New AesManaged()
Dim salt2() As Byte = System.Text.Encoding.UTF8.GetBytes("JosephsT")
Dim Key As System.Security.Cryptography.Rfc2898DeriveBytes = New Rfc2898DeriveBytes(_privateKey, salt, 2000)
myAes.Key = Key.GetBytes(128 / 8)
myAes.IV = System.Text.Encoding.UTF8.GetBytes("HR$2pIjHR$2pIj12")
Dim encrypted As Byte() = EncryptStringFunction(data, myAes.Key, myAes.IV)
Return encrypted
End Using
End Function
Public Shared Function DecryptValue(ByVal data() As Byte, ByVal salt() As Byte) As String
Using myAes As New AesManaged()
Dim salt2() As Byte = System.Text.Encoding.UTF8.GetBytes("JosephsT")
Dim Key As System.Security.Cryptography.Rfc2898DeriveBytes = New Rfc2898DeriveBytes(_privateKey, salt2, 2000)
myAes.Key = Key.GetBytes(128 / 8)
Dim genKey As String = Nothing
For Each g In myAes.Key
genKey = genKey & g
Next
myAes.IV = System.Text.Encoding.UTF8.GetBytes("HR$2pIjHR$2pIj12")
Dim decrypted As String = DecryptStringFunction(data, myAes.Key, myAes.IV)
Return decrypted
End Using
End Function
Public Shared Function EncryptStringFunction(ByVal data As String, ByVal Key() As Byte, ByVal IV() As Byte) As Byte()
'check arguments
If data Is Nothing OrElse data.Length <= 0 Then
Throw New ArgumentNullException("data")
End If
If Key Is Nothing Or Key.Length <= 0 Then
Throw New ArgumentNullException("Key")
End If
If IV Is Nothing Or IV.Length <= 0 Then
Throw New ArgumentNullException("IV")
End If
Dim encrypted() As Byte
Using aesALG As New AesManaged()
aesALG.Key = Key
aesALG.IV = IV
' Create a encryptor to perform the stream transform.
Dim encryptor As ICryptoTransform = aesALG.CreateEncryptor(aesALG.Key, aesALG.IV)
' Create the streams used for encryption.
Using msEncrypt As New MemoryStream
Using csEncrypt As New CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)
Using swEncrypt As New StreamWriter(csEncrypt)
'Write all data to the stream.
swEncrypt.Write(data)
End Using
End Using
encrypted = msEncrypt.ToArray
End Using
End Using
Return encrypted
End Function
Public Shared Function DecryptStringFunction(ByVal encrytedData() As Byte, ByVal Key() As Byte, ByVal IV() As Byte) As String
If encrytedData Is Nothing Or encrytedData.Length <= 0 Then
Throw New ArgumentNullException("EncryptedData")
End If
If Key Is Nothing Or Key.Length <= 0 Then
Throw New ArgumentNullException("Key")
End If
If IV Is Nothing Or IV.Length <= 0 Then
Throw New ArgumentNullException("IV")
End If
Dim plainText As String = Nothing
Using aesALG As New AesManaged()
aesALG.Key = Key
aesALG.IV = IV
Dim decryptor As ICryptoTransform = aesALG.CreateDecryptor(aesALG.Key, aesALG.IV)
Using msDecrypt As New MemoryStream(encrytedData)
Using csDecrypt As New CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)
Using srDecrypt As New StreamReader(csDecrypt, True)
plainText = srDecrypt.ReadToEnd
End Using
End Using
End Using
End Using
Return plainText
End Function
End Class
そして、ここに進行状況の実装があります
SECURITY-POLICY:SYMMETRIC-ENCRYPTION-ALGORITHM = "AES_CBC_128".
SECURITY-POLICY:PBE-KEY-ROUNDS = 2000.
SECURITY-POLICY:PBE-HASH-ALGORITHM = "SHA-1".
/*SECURITY-POLICY:SYMMETRIC-ENCRYPTION-IV = ? /*mymemptr*/ /*IV*/. */
/* first, decrypt username */
SECURITY-POLICY:ENCRYPTION-SALT = ip-value3.
SECURITY-POLICY:SYMMETRIC-ENCRYPTION-KEY = GENERATE-PBE-KEY (password,ip-value3).
qadusername = get-string(DECRYPT (ip-value1),1).
qadpasswd = get-string(DECRYPT (ip-value2),1).
output to /tmp/decrypt.tst append.
put unformatted qadusername "-" qadpasswd skip .
output close.
qadusername = replace(qadusername,"SPD/","").
for first usr_mstr no-lock where
usr_mstr.usr_active and
usr_userid = qadusername and
usr_passwd = encode(qadpasswd) :
op-value1= true.
END.
/* second, encrypt a value and send back*/
/*
SECURITY-POLICY:ENCRYPTION-SALT = GENERATE-PBE-SALT.*/
salt-value = SECURITY-POLICY:ENCRYPTION-SALT.
/*
SECURITY-POLICY:SYMMETRIC-ENCRYPTION-KEY = GENERATE-PBE-KEY (password,ip-value3).
*/
op-value2 = ENCRYPT ("joe wears a tootoo and a dress!").
op-value3 = salt-value.
op-value4 = IV.
op-value5 = GENERATE-PBE-KEY (password).