使用AES 256(MS CryptoAPI)时加密解密时出现错误数据 我试图用C++中的微软CryptoAPI解密——在PHP中使用McCuthTyrnEclipse加密的短消息。php行是: mcrypt_encrypt(mcrypt_RIJNDAEL_256,$key,$msg,mcrypt_MODE_CBC)
其中$key和$msg是字符串 在C++中,我有密钥,解密函数看起来是这样的:使用AES 256(MS CryptoAPI)时加密解密时出现错误数据 我试图用C++中的微软CryptoAPI解密——在PHP中使用McCuthTyrnEclipse加密的短消息。php行是: mcrypt_encrypt(mcrypt_RIJNDAEL_256,$key,$msg,mcrypt_MODE_CBC),c++,cryptography,cryptoapi,C++,Cryptography,Cryptoapi,其中$key和$msg是字符串 在C++中,我有密钥,解密函数看起来是这样的: bool decrypt( const unsigned char* input_buffer, const size_t& input_size, const unsigned char* key, const size_t& key_size, unsigned
bool decrypt( const unsigned char* input_buffer,
const size_t& input_size,
const unsigned char* key,
const size_t& key_size,
unsigned char* output_buffer,
DWORD* out_size)
{
Log(L"START init_crypto");
bool ret = false;
HCRYPTKEY hKey = NULL;
HCRYPTPROV hCryptProv = NULL;
DWORD dwDataLen = 0;
// Attempt to acquire a handle to the crypto provider for AES
if(0 == CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT) ){//PROV_RSA_AES
Log(L"CryptAcquireContext failed with code %ld", GetLastError());
goto end;
}
// key creation based on
// http://mirror.leaseweb.com/NetBSD/NetBSD-release-5-0/src/dist/wpa/src/crypto/crypto_cryptoapi.c
struct {
BLOBHEADER hdr;
DWORD len;
BYTE key[32];
} key_blob;
key_blob.hdr.bType = PLAINTEXTKEYBLOB;
key_blob.hdr.bVersion = CUR_BLOB_VERSION;
key_blob.hdr.reserved = 0;
key_blob.hdr.aiKeyAlg = CALG_AES_256;
key_blob.len = 32;//key_size;
memset(key_blob.key, '\0', sizeof(key_blob.key));
assert(key_size <= sizeof(key_blob.key));
CopyMemory(key_blob.key, key, min(key_size, sizeof(key_blob.key)));
if (!CryptImportKey( hCryptProv,
(BYTE *)&key_blob,
sizeof(key_blob),
0,
CRYPT_EXPORTABLE,
&hKey)){
Log(L"Error in CryptImportKey 0x%08x \n", GetLastError());
goto free_context;
}
else{
//---------------------------
// Set Mode
DWORD dwMode = CRYPT_MODE_CBC;
if(!CryptSetKeyParam( hKey, KP_MODE, (BYTE*)&dwMode, 0 )){
// Handle error
Log(L"Cannot set the cbc mode for decryption 0x%08x \n", GetLastError());
goto free_key;
}
//----------------------------
// Set IV
DWORD dwBlockLen = 0;
DWORD dwDataLen = sizeof(dwBlockLen);
if (!CryptGetKeyParam(hKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwDataLen, 0)){
// Handle error
Log(_USTR("Cannot get the block length 0x%08x \n"), GetLastError());
goto free_key;
}
dwBlockLen /= 8;
BYTE *pbTemp = NULL;
if (!(pbTemp = (BYTE *)LocalAlloc(LMEM_FIXED, dwBlockLen))){
// Handle error
Log(L"Cannot allcoate the IV block 0x%08x \n", GetLastError());
goto free_key;
}
memset(pbTemp, '\0', dwBlockLen);
if (!CryptSetKeyParam(hKey, KP_IV, pbTemp, 0)){
// Handle error
Log(L"Cannot set the IV block 0x%08x \n", GetLastError());
LocalFree(pbTemp);
goto free_key;
}
LocalFree(pbTemp);
}
CopyMemory(output_buffer, input_buffer, min(*out_size, input_size));
*out_size = input_size;
if (!CryptDecrypt(hKey, NULL, TRUE, 0, output_buffer, out_size)){
Log(L"CryptDecrypt failed with code %ld", GetLastError());
goto free_key;
}
else{
Log(L"Decryption...");
ret = true;
}
free_key:
if (hKey)
CryptDestroyKey( hKey );
free_context:
if (hCryptProv)
CryptReleaseContext(hCryptProv, 0);
end:
return ret;
}
。。。
密码解密正在运行——这让我相信问题是从PHP到C++的密钥/消息传输。如果你同意,你能告诉我如何确保我在PHP中使用的字符串与C++(字节级)中的字符串相同吗?
编辑2--
在我在php中更改了二进制流中的字符串(使用pack)之后,在我从这里实现了AES vs Rijndael的变通方法(?)之后:我终于让CryptoDecrypt解密了我的php消息。。。问题是,即使输出包含解密文本,它仍然会失败。你知道为什么会发生这种情况吗?在获取上下文时,尝试传递
NULL
而不是CRYPT\u VERIFYCONTEXT
。在获取上下文时,尝试传递NULL
而不是CRYPT\u VERIFYCONTEXT
。确保通道两端使用相同的填充模式。确保正确在通道两端使用相同的填充模式。
strcpy((char*)output_buffer, "stuff");
DWORD plain_txt_len = strlen((char*)output_buffer);
if (!CryptEncrypt(hKey, NULL, TRUE, 0, output_buffer, &plain_txt_len, *out_size)){
Log(L"CryptEncrypt failed with code 0x%08x", GetLastError());
goto free_key;
}