强制使用错误密钥解密文件 - C# +充气城堡
我正在编写一个简单的应用程序,用户可以使用 Rijndael 等块算法之一来加密/解密文件。我还必须使用相同的算法对会话密钥进行加密,并将其与密文一起存储在 xml 文件中。用于会话密钥加密的密钥是用户密码的 SHA256 哈希值。结果类似于:
<File>
<EncryptedKey>session key encrypted with user's password hash</EncryptedKey>
<Data>Data encrypted with session key</Data>
</File>
解密时,要求用户输入密码,然后生成哈希值并用作从 xml 文件中解密 EncryptedKey 的密钥,然后可以使用会话密钥来解密数据。
当用户输入正确的密码时它可以工作,但我希望应用程序即使密码错误也能解密文件。我正在使用 Bouncy Castle,现在当密码错误(因此会话密钥也错误)时,它会抛出异常“Pad 块已损坏”。我不想显示任何消息框来通知发生错误。相反,我无论如何都想解密该文件,从而节省垃圾。这可能吗?我的解密代码:
IBufferedCipher cipher = CipherUtilities.GetCipher("Rijndael/ECB/PKCS7Padding");
KeyParameter par = new KeyParameter(generateHash(password));
cipher.Init(false, par);
byte[] output = cipher.DoFinal(data); // Exception here when password is wrong
我还尝试首先使用 ProcessBytes() 方法,最后使用 DoFinal() 方法,但它也不起作用。
I'm writing a simple application where users can encrypt/decrypt files using one of the block algorithms like Rijndael. I have to encrypt the session key as well with the same algorithm and store it together with the cipher text in an xml file. The key used for session key encryption is a SHA256 hash of the user's password. The result is something like:
<File>
<EncryptedKey>session key encrypted with user's password hash</EncryptedKey>
<Data>Data encrypted with session key</Data>
</File>
While decrypting, user is asked to type the password, then the hash is generated and used as a key to decrypt EncryptedKey from xml file and then the session key can be used to decrypt the data.
It works when user types correct password, but I want the application to decrypt file even if the password is wrong. I'm using Bouncy Castle and now when password is wrong (so the session key is wrong either), it throws an Exception "Pad block corrupted". I don't want to display any message boxes informing that an error occurs. Instead, I want to decrypt the file anyway and just save garbage as a result. Is that possible? My code for decrypting:
IBufferedCipher cipher = CipherUtilities.GetCipher("Rijndael/ECB/PKCS7Padding");
KeyParameter par = new KeyParameter(generateHash(password));
cipher.Init(false, par);
byte[] output = cipher.DoFinal(data); // Exception here when password is wrong
I also tried to use ProcessBytes() method first and DoFinal() at the end, but it didn't work either.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这从一开始就违背了加密的初衷。想必您可以捕获异常,并在您的 catch 块中将垃圾数据(可能是异常堆栈的十六进制转储?)写入文件 - 但为什么呢?正如 Ramhound 所指出的,这将为恶意用户提供可用于暴力攻击的数据,以便与他们成功解密文件时进行比较。
我会回到这个假设/设计阶段:为什么你想避免显示一条消息,其中指出“提供的密码与预期的密码不匹配。请重新输入。剩余 3 次尝试。” (或其他什么)?输出“垃圾”文件能得到什么?
That pretty well defies the point of encryption in the first place. Presumably you could catch the exception and, in your catch block, write junk data (maybe a Hex dump of the exception stack?) to a file- but why? As noted by Ramhound, that would give a malicious user data which could be used in a brute-force attack to compare with when they have successfully decrypted the file.
I would go back to the assumptions/design phase of this: why do you want to avoid showing a message which states "The password provided did not match the expected password. Please re-enter. 3 Tries Remain." (or whatever)? What is gained by outputting a "junk" file?