如何在 OFB 模式下在 C# 中使用 3DES 解密?
我需要解密在 OFB 模式下使用 3DES 加密的消息。
我有一条加密消息。我有一把钥匙。我有静脉注射。
我在 .Net 平台上
加密消息的 Base64 长度为 24 个字符。 密钥的长度为 24 个字符(采用 Base64 编码)。 IV为64位二进制数。
由于缺乏示例,我尝试使用 ECB 模式示例,如下所示:
public static string DecryptTextFromMemory(byte[] Data, byte[] Key, byte[] IV)
{
try
{
// Create a new MemoryStream using the passed
// array of encrypted data.
MemoryStream msDecrypt = new MemoryStream(Data);
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream csDecrypt = new CryptoStream(msDecrypt,
new TripleDESCryptoServiceProvider().CreateDecryptor(Key, IV),
CryptoStreamMode.Read);
// Create buffer to hold the decrypted data.
byte[] fromEncrypt = new byte[Data.Length];
// Read the decrypted data out of the crypto stream
// and place it into the temporary buffer.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the buffer into a string and return it.
return new ASCIIEncoding().GetString(fromEncrypt);
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
这是我得到的错误:
发生加密错误:指定的密钥不是该算法的有效大小。
我尝试过其他代码示例,其中我将算法更改为 OFB,但它表示不支持。
有人可以帮我吗?显然我对这些东西不太了解,所以如果我搞砸了一些明显的事情,请耐心等待。
有大量 ECB 模式下 3DES 解密的示例,但我几乎找不到关于 OFB 模式的信息。
I need to decrypt a message that was encrypted using 3DES in OFB mode.
I have an encrypted message. I have a key. I have an IV.
I'm on a .Net platform
The encrypted message is 24 chars long in base64.
The key is 24 chars long in base64.
and the IV is a 64-bit binary number.
Because of the lack of examples I tried using an ECB mode example, as follows:
public static string DecryptTextFromMemory(byte[] Data, byte[] Key, byte[] IV)
{
try
{
// Create a new MemoryStream using the passed
// array of encrypted data.
MemoryStream msDecrypt = new MemoryStream(Data);
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream csDecrypt = new CryptoStream(msDecrypt,
new TripleDESCryptoServiceProvider().CreateDecryptor(Key, IV),
CryptoStreamMode.Read);
// Create buffer to hold the decrypted data.
byte[] fromEncrypt = new byte[Data.Length];
// Read the decrypted data out of the crypto stream
// and place it into the temporary buffer.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the buffer into a string and return it.
return new ASCIIEncoding().GetString(fromEncrypt);
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
This is the error I get:
A Cryptographic error occurred: Specified key is not a valid size for this algorithm.
I've tried other code examples where I've changed the algorithm to OFB and it says it's not supported.
Can anyone please help me? I'm obviously out of my depth with this stuff so please be patient if I'm messing up somthing obvious.
There are loads of examples of 3DES decryption in ECB mode but little or nothing I can find about OFB mode.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
第三方 CryptoSys API 表示,它特别支持 OFB 模式下的 Triple-DES。不知道为什么 .NET 实现不会,尽管一个很好的理由可能是阻止其在新开发中使用,转而采用更快的 Rijndael 和 AES 密码。
编辑:只是为了解释一下,算法的“模式”是利用基本 Triple-DES 加密算法来生成加密文本的定义方式。这些已经成为大多数对称密钥算法的标准化。 OFB 模式是两种标准“流密码”模式之一,它使用基本算法根据已加密的文本创建“移位寄存器”,允许第一个“块”之后的文本一次加密一个字节在更大的“块”中。
无论如何,“密钥大小”错误指向特定类型的问题。 Triple-DES 算法(所有这些算法;这不是特定于实现的)需要正好 128 或 192 位长的密钥。您获取的是字节数组形式的密钥,因此您需要一个正好有 16 或 24 个元素长的数组。这应该是您的首要检查之一;如果键的大小不正确,则抛出 ArgumentException。沿着调用堆栈追踪问题,直到找到密钥的生成位置并从源头上解决问题。
接下来,如果您将 TripleDesCryptoServiceProvider 的 Mode 属性设置为 OFB,并且它会立即或在您开始解密时给出一个
CryptoException,表明该模式不受支持,那么这就是 .NET 的限制; .NET 开发团队没有费心在提供程序中实现该算法的模式。尝试自己动手会带来更多麻烦,而不是其价值;您必须寻找可由 .NET 代码使用的第三方实现。几乎任何为 COM 互操作注册的库都可以实现这一目的,而不必使用 .NET 语言编写。有几十个;我会搜索 CryptoSys,因为正如我所说,文档说它通过名称支持 TripleDES OFB。The third-party CryptoSys API says it specifically supports Triple-DES in OFB mode. Dunno why the .NET implementation wouldn't, though a good reason may be to discourage its use in new development in favor of the much-faster Rijndael and AES ciphers.
EDIT: Just to explain, a "mode" of the algorithm is a defined way that the basic Triple-DES ciphering algorithm is leveraged to produce encrypted text. These have become standardized over most symmetric-key algorithms. OFB mode is one of two standard "stream cipher" modes, which use the base algorithm to create a "shift register" based on text it has already encrypted, allowing text after the first "block" to be encrypted one byte at a time instead of in larger "blocks".
Anyway, the "key size" error points to a specific type of problem. Triple-DES algorithms (ALL of them; this isn't implementation-specific) require a key that is exactly either 128 or 192 bits long. You're getting the key as a byte array, so you need an array that is exactly 16 or 24 elements long. This should be one of your first checks; throw an ArgumentException if the key isn't the right size. Trace the problem down the call stack until you find where the key is generated and fix the problem at its source.
Next, if you set the Mode property of the
TripleDesCryptoServiceProviderto OFB, and it gives you aCryptoExceptioneither right then or when you start decrypting that the mode isn't supported, then that's a .NET limitation; the .NET developer team didn't bother to implement that mode of that algorithm in the provider. It'll be more trouble than its worth to try to roll your own; you'll have to look for a third-party implementation that can be used by .NET code. Pretty much any library registered for COM interop will do the trick, doesn't have to be written in a .NET language. There are dozens; I'd do a search for CryptoSys as, like I said, the documentation says it supports TripleDES OFB by name.错误消息准确地告诉您问题所在:“指定的密钥不是该算法的有效大小。”
你说“密钥在base64中是24个字符长”。 Base64 对每个字符进行 6 位编码,因此总共 144 位。但 3DES 密钥应该是 64 位 (==DES)、128 位或 196 位。您必须使用适当长度的密钥,或者弄清楚另一端的库正在做什么以将密钥转换为适当的长度。
The error message tells you precisely what the problem is: "Specified key is not a valid size for this algorithm."
You say that "The key is 24 chars long in base64". Base64 encodes 6 bits per char, so that's 144 bits in total. But a 3DES key should be 64 bits (==DES), 128 bits, or 196 bits. You have to either use a key of the appropriate length or work out what the library on the other end is doing to convert the key to an appropriate length.