DCPCrypt/Delphi 未正确编码 Rijndael

发布于 2024-12-19 03:33:59 字数 2204 浏览 4 评论 0原文

我有 DCPCrypt 包（最新版本），并尝试在 Delphi2007 中使用来自 NIST 分发的 AES 已知答案测试（KAT）向量的测试值进行 AES/Rijndael CBC 编码（128 位块，256 位密钥）。一个示例测试向量：

KEY = 0000000000000000000000000000000000000000000000000000000000000000  
IV = 00000000000000000000000000000000  
PLAINTEXT = 80000000000000000000000000000000  
CIPHERTEXT = ddc6bf790c15760d8d9aeb6f9a75fd4e

下面的代码返回：

Cyphertext (bytes): 58 215 142 114 108 30 192 43 126 191 233 43 35 217 236 52  
Cyphertext (hex): 3AD78E726C1EC02B7EBFE92B23D9EC34  
Cyphertext (base64): OteOcmwewCt+v+krI9nsNA==

这显然是不正确的。

procedure TFrmKATVectors.TestData(Key,IV,PlainText: String);  
var  
  InBuf,OutBuf: TestBuffer;  
  KeyBuf: KeyBuffer;  
  IVBuf: IVBuffer;  
  l,i: Integer;  
  Bytes,  
  SOut: String;  
begin  
  Memo1.Lines.Add('Key: ' + Key);  
  Memo1.Lines.Add('IV: ' + IV);  
  Memo1.Lines.Add('Plaintext: ' + Plaintext);  
  l := Length(Key) DIV 2;  
  for i := 1 to l do KeyBuf[i] := HexToInt(Copy(Key,2*(i-1)+1,2));  
  l := Length(IV) DIV 2;  
  for i := 1 to l do IVBuf[i] := HexToInt(Copy(IV,2*(i-1)+1,2));  
  l := Length(PlainText) DIV 2;  
  for i := 1 to l do InBuf[i] := HexToInt(Copy(PlainText,2*(i-1)+1,2));  
  DCP_rijndael1.Init(KeyBuf,32,@IVBuf);  
  DCP_rijndael1.EncryptCBC(InBuf,OutBuf,TestBufSize);  
  SOut := '';  
  for i := 1 to Length(OutBuf) do
   begin
     SOut := SOut + Chr(OutBuf[i]);
     Bytes := Bytes + IntToStr(OutBuf[i]) + ' ';
   end;  
  Memo1.Lines.Add('Cyphertext (bytes): ' + Bytes); 
  Memo1.Lines.Add('Cyphertext (hex): ' + StringToHex(SOut));  
  Memo1.Lines.Add('Cyphertext (base64): ' + Base64EncodeStr(SOut));  
  Memo1.Lines.Add('');  
end;

我正在打电话

TestData('0000000000000000000000000000000000000000000000000000000000000000',
         '00000000000000000000000000000000', '80000000000000000000000000000000');

，

const
TestBufSize = 16;

type  
TestBuffer = packed Array[1..TestBufSize] of Byte;  
KeyBuffer = packed Array[1..32] of Byte;  
IVBuffer = packed Array[1..16] of Byte;

鉴于我的测试数据的长度，我正在避免任何填充问题。我做错了什么？有什么建议吗？

（不，您不必重新计算参数字符串的长度 - 我这样做了好几次。）

原文

I have the DCPCrypt package (latest version) and am trying to do AES/Rijndael CBC encoding (128 bit blocks, 256 bit key) in Delphi2007 with test values from the AES Known Answer Test (KAT) Vectors distributed by NIST. One sample test vector:

KEY = 0000000000000000000000000000000000000000000000000000000000000000  
IV = 00000000000000000000000000000000  
PLAINTEXT = 80000000000000000000000000000000  
CIPHERTEXT = ddc6bf790c15760d8d9aeb6f9a75fd4e

The code below returns:

Cyphertext (bytes): 58 215 142 114 108 30 192 43 126 191 233 43 35 217 236 52  
Cyphertext (hex): 3AD78E726C1EC02B7EBFE92B23D9EC34  
Cyphertext (base64): OteOcmwewCt+v+krI9nsNA==

which is obviously not correct.

procedure TFrmKATVectors.TestData(Key,IV,PlainText: String);  
var  
  InBuf,OutBuf: TestBuffer;  
  KeyBuf: KeyBuffer;  
  IVBuf: IVBuffer;  
  l,i: Integer;  
  Bytes,  
  SOut: String;  
begin  
  Memo1.Lines.Add('Key: ' + Key);  
  Memo1.Lines.Add('IV: ' + IV);  
  Memo1.Lines.Add('Plaintext: ' + Plaintext);  
  l := Length(Key) DIV 2;  
  for i := 1 to l do KeyBuf[i] := HexToInt(Copy(Key,2*(i-1)+1,2));  
  l := Length(IV) DIV 2;  
  for i := 1 to l do IVBuf[i] := HexToInt(Copy(IV,2*(i-1)+1,2));  
  l := Length(PlainText) DIV 2;  
  for i := 1 to l do InBuf[i] := HexToInt(Copy(PlainText,2*(i-1)+1,2));  
  DCP_rijndael1.Init(KeyBuf,32,@IVBuf);  
  DCP_rijndael1.EncryptCBC(InBuf,OutBuf,TestBufSize);  
  SOut := '';  
  for i := 1 to Length(OutBuf) do
   begin
     SOut := SOut + Chr(OutBuf[i]);
     Bytes := Bytes + IntToStr(OutBuf[i]) + ' ';
   end;  
  Memo1.Lines.Add('Cyphertext (bytes): ' + Bytes); 
  Memo1.Lines.Add('Cyphertext (hex): ' + StringToHex(SOut));  
  Memo1.Lines.Add('Cyphertext (base64): ' + Base64EncodeStr(SOut));  
  Memo1.Lines.Add('');  
end;

I'm calling

TestData('0000000000000000000000000000000000000000000000000000000000000000',
         '00000000000000000000000000000000', '80000000000000000000000000000000');

with

const
TestBufSize = 16;

type  
TestBuffer = packed Array[1..TestBufSize] of Byte;  
KeyBuffer = packed Array[1..32] of Byte;  
IVBuffer = packed Array[1..16] of Byte;

Given the length of my test data I'm avoiding any padding issues.
What am I doing wrong? Any suggestions?

(No, you don't have to recount the parameter string lengths - I did that several times.)

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

谜泪 2024-12-26 03:33:59

Init 方法中的密钥大小参数以位为单位 - 如方法注释所述：

根据Key中的数据进行密钥设置，大小以位为单位

您正在使用 KeySize = 32 位计算 AES，这是无效的。

因此，您可以计算最低的可用密钥大小，即 128。返回的值对于 128 位而言是正确的 - 请参阅 http://csrc.nist.gov/groups/STM/cavp/documents/aes/AESAVS.pdf 第 20 页。

尝试指定 256 位作为密钥大小：

 DCP_rijndael1.Init(KeyBuf,256,@IVBuf);

Key size parameter in Init method is in bits - as stated by the method comment:

Do key setup based on the data in Key, size is in bits

You are calculating the AES with KeySize = 32 bits, which is invalid.

So you compute for the lowest available Keysize, which is 128. The returned value is correct for 128 bit - see http://csrc.nist.gov/groups/STM/cavp/documents/aes/AESAVS.pdf page 20.

Try to specify 256 bits as key size: