MySQL AES-CBC 解密密钥填充 - 如果字符串太小怎么办? (不是16的倍数)
我使用 AES-128-CBC 算法成功加密了 MySQL 中的字符串。官方文档和教程很有帮助。根据我的理解,MySQL 使用键填充 PKCS#7 来填充 16 字节大小的块中的二进制数据。
问题:尽管使用在线解密工具成功解密了这些数据,但我无法使用 MySQL 解密数据?!
数据:
0x568aed71e43af834900bec738e08c4fa2637b8915fb401fd6296f19c3aeeceebc3164b967cd5445 e6aafe90f416314191cb1839210b7cd2efe168911fd465dab56ccda9c82862b90f29353ab57532b49
这是我从烟雾探测器收到的电报。我可以通过在线工具轻松解密它,例如“online-domain-tools.com”:
AES密钥: 0xDDCCFA1971D96B759B6A20400E00A535 四: 2515485001000C1A2323232323232323
在线 AES 解密器网页结果: 0x2f2f0bfd0f070101046d3209972702fd17000082206c9225426c90278440ff2c000f13ff8250fd6 1000082506c01018260fd6105008360fd31e87a0082606c9b258270fd61070082706c97272f2f2f2f
由于前缀 (2f2f) 和后缀 (2f2f2f2f),我可以确认结果正确。
我在MySQL中使用aes-128-CBC算法尝试了相同的解密,但结果是NULL?!?!
设置@@SESSION.block_encryption_mode = 'aes-128-cbc';
设置@iv = 0x2515485001000C1A2323232323232323;
设置@pass = 0xDDCCFA1971D96B759B6A20400E00A535;
设置@原始= 0x568aed71e43af834900bec738e08c4fa2637b8915fb401fd6296f19c3aeeceebc3164b967cd5445 e6aafe90f416314191cb1839210b7cd2efe168911fd465dab56ccda9c82862b90f29353ab57532b49;
选择十六进制(AES_DECRYPT(@raw,@pass,@iv));
经过一个周末的沮丧之后,我唯一的理解是,如果我在同一过程中加密上述数据,结果如下:
加密: 0x568aed71e43af834900bec738e08c4fa2637b8915fb401fd6296f19c3aeeceebc3164b967cd5445e6aafe90f416314191cb1839 210b7cd2efe168911fd465dab56ccda9c82862b90f29353ab57532b49ac0e75a2663f9a22b1036d03e2f9b9a6
嘿尤里卡!结果与我预期的结果不同(添加了 16 个字节,粗体格式)。我的建议是,MySQL 由于密钥填充而无法解密我的初始数据?如果我解密上面较长的数据,唯一的区别是原始数据末尾的密钥填充字节:
解密:
0x2f2f0bfd0f070101046d3209972702fd17000082206c9225426c90278440ff2c000f13ff8250fd61000082506c0101826 0fd6105008360fd31e87a0082606c9b258270fd61070082706c97272f2f2f2f10101010101010101010
根据我的理解,末尾的粗体字节是关键填充数据。
MySQL 中的其他解密结果(无密钥填充?!):
SET @@SESSION.block_encryption_mode = 'aes-128-cbc';
设置@iv = 0x2515485001000C1A2323232323232323;
设置@pass = 0xDDCCFA1971D96B759B6A20400E00A535;
设置@原始= 0x568aed71e43af834900bec738e08c4fa2637b8915fb401fd6296f19c3aeeceebc3164b967cd5445e6aafe90f4163141 91cb1839210b7cd2efe168911fd465dab56ccda9c82862b90f29353ab57532b49ac0e75a2663f9a22b1036d03e2f9b9a6;
选择十六进制(AES_DECRYPT(@raw,@pass,@iv));
有没有办法将缺失字节添加到加密数据中,以便MySQL能够解密它?
非常感谢!
I successfully encrypted Strings in MySQL using AES-128-CBC algorithm. The official documentation and tutorials helped a lot. From my understanding, MySQL uses key padding PKCS#7 in order to fill the binary data in chunks of 16 Byte-size.
Problem: I am not able to decrypt Data using MySQL, although these Data is successfully decrypted using online decryption tools?!
Data:
0x568aed71e43af834900bec738e08c4fa2637b8915fb401fd6296f19c3aeeceebc3164b967cd5445e6aafe90f416314191cb1839210b7cd2efe168911fd465dab56ccda9c82862b90f29353ab57532b49
This is a telegram that I received from a smoke detector. I can easyly decrypt it via online tools, e.g. 'online-domain-tools.com':
AES Key:
0xDDCCFA1971D96B759B6A20400E00A535
iv:
2515485001000C1A2323232323232323
Result in online-AES-decryptor-webpage: 0x2f2f0bfd0f070101046d3209972702fd17000082206c9225426c90278440ff2c000f13ff8250fd61000082506c01018260fd6105008360fd31e87a0082606c9b258270fd61070082706c97272f2f2f2f
I can confirm the result beeing correct, due to the prefix (2f2f) and suffix (2f2f2f2f).
I tried the same decryption in MySQL using aes-128-CBC algorithm, but the result is NULL?!?!
SET @@SESSION.block_encryption_mode = 'aes-128-cbc';
SET @iv = 0x2515485001000C1A2323232323232323;
SET @pass = 0xDDCCFA1971D96B759B6A20400E00A535;
SET @raw = 0x568aed71e43af834900bec738e08c4fa2637b8915fb401fd6296f19c3aeeceebc3164b967cd5445e6aafe90f416314191cb1839210b7cd2efe168911fd465dab56ccda9c82862b90f29353ab57532b49;
SELECT HEX(AES_DECRYPT(@raw,@pass, @iv));
After a weekend of frustration my only understanding was, that if I encrypt the above data within the same procedure, the Result is as follows:
Encryption:
0x568aed71e43af834900bec738e08c4fa2637b8915fb401fd6296f19c3aeeceebc3164b967cd5445e6aafe90f416314191cb1839210b7cd2efe168911fd465dab56ccda9c82862b90f29353ab57532b49ac0e75a2663f9a22b1036d03e2f9b9a6
Heureka! The Result is different to the Result that I expected (addition of 16 Bytes, bold formatting). My suggestion is, that MySQL was unable to decrypt my initial data due to key padding? If i decrypt the longer data above, the only difference is key padding bytes at the end of the original data:
Decrypted:
0x2f2f0bfd0f070101046d3209972702fd17000082206c9225426c90278440ff2c000f13ff8250fd61000082506c01018260fd6105008360fd31e87a0082606c9b258270fd61070082706c97272f2f2f2f10101010101010101010
The bold bytes at the end is key padding data, from my understanding.
Other decryption result in MySQL (no key padding?!):
SET @@SESSION.block_encryption_mode = 'aes-128-cbc';
SET @iv = 0x2515485001000C1A2323232323232323;
SET @pass = 0xDDCCFA1971D96B759B6A20400E00A535;
SET @raw = 0x568aed71e43af834900bec738e08c4fa2637b8915fb401fd6296f19c3aeeceebc3164b967cd5445e6aafe90f416314191cb1839210b7cd2efe168911fd465dab56ccda9c82862b90f29353ab57532b49ac0e75a2663f9a22b1036d03e2f9b9a6;
SELECT HEX(AES_DECRYPT(@raw,@pass, @iv));
Is there a way to 'add' the missing bytes to encrypted data, in order to enable MySQL to decrypt it?
Thanks a lot!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论