从加密项目向量中解密任意选定的元素会导致无效的PKCS#7块错误

问题描述 投票:0回答:1

我正在尝试使用Crypto ++中的AES加密一些顺序数据。但是,我注意到随机选择一个加密项目并对其进行解密会导致StreamTransformationFilter:无效的PKCS#7块填充

导致相同问题的简单代码如下:

AESUtil aes;
std::vector<std::string> t = std::vector<std::string>();

for (int i = 0; i < 100; ++i) {
    std::string p = "a";
    auto c = aes.encrypt(p);
    t.push_back(c);
}

auto d = aes.decrypt(t[78]);

其中AESUtil如下:

AESUtil::AESUtil() {
    this->key = CryptoPP::SecByteBlock(0x00, CryptoPP::AES::DEFAULT_KEYLENGTH);
    rnd.GenerateBlock(key, key.size());

    // Generate a random IV
    this->iv = CryptoPP::SecByteBlock(CryptoPP::AES::BLOCKSIZE);
    rnd.GenerateBlock(iv, iv.size());

    this->aesEncryption = CryptoPP::AES::Encryption(key, CryptoPP::AES::DEFAULT_KEYLENGTH);
    this->cbcEncryption = CryptoPP::CBC_Mode_ExternalCipher::Encryption(aesEncryption, iv);

    this->aesDecryption = CryptoPP::AES::Decryption(key, CryptoPP::AES::DEFAULT_KEYLENGTH);
    this->cbcDecryption = CryptoPP::CBC_Mode_ExternalCipher::Decryption(aesDecryption, iv);
}

void AESUtil::encrypt(std::string &ciphertext, std::string &plaintext) {
    CryptoPP::StreamTransformationFilter stfEncryptor(this->cbcEncryption, new CryptoPP::StringSink(ciphertext));
    stfEncryptor.Put(reinterpret_cast<const unsigned char *>( plaintext.c_str()), plaintext.size());
    stfEncryptor.MessageEnd();
}

void AESUtil::decrypt(std::string &plaintext, std::string &ciphertext) {
    CryptoPP::StreamTransformationFilter stfDecryptor(this->cbcDecryption, new CryptoPP::StringSink(plaintext));
    stfDecryptor.Put(reinterpret_cast<const unsigned char *>( ciphertext.c_str()), ciphertext.size());
    stfDecryptor.MessageEnd();
}

std::string AESUtil::encrypt(std::string plaintext) {
    std::string ciphertext;
    //ciphertext.reserve(plaintext.size()+16);
    encrypt(ciphertext, plaintext);
    return ciphertext;
}

std::string AESUtil::decrypt(std::string ciphertext) {
    std::string plaintext;
    //plaintext.reserve(ciphertext.size()+16);
    decrypt(plaintext, ciphertext);
    return plaintext;
}

我以为问题与字符串中的\ 0空终止符有关,所以我将代码更改为使用十六进制(不确定它是否正确)。但是,问题仍然存在。

void AESUtil::encrypt(std::string &ciphertext, std::string &plaintext) {
    CryptoPP::ByteQueue encrypted;
    CryptoPP::StreamTransformationFilter f1(this->cbcEncryption, new CryptoPP::Redirector(encrypted));

    //f1.PutWord32((uint32_t)v1.size(), BIG_ENDIAN_ORDER);
    f1.Put((const unsigned char *) plaintext.c_str(), plaintext.size());
    f1.MessageEnd();
    CryptoPP::HexEncoder encoder(new CryptoPP::StringSink(ciphertext));
    encrypted.CopyTo(encoder);
    encoder.MessageEnd();
}

void AESUtil::decrypt(std::string &plaintext, std::string &ciphertext) {
    CryptoPP::ByteQueue decrypted;
    CryptoPP::HexDecoder decoder(new CryptoPP::Redirector(decrypted));
    decoder.Put(reinterpret_cast<const unsigned char *>( ciphertext.data()), ciphertext.size());
    decoder.MessageEnd();

    CryptoPP::StreamTransformationFilter f2(this->cbcDecryption, new CryptoPP::StringSink(plaintext));
    decrypted.CopyTo(f2);
    f2.MessageEnd();
}

使用以下代码,两个AESUtil版本都可以正常工作:

for (int i = 0; i < 100; ++i) {
        std::string p = "a";
        auto c = aes.encrypt(p);
        auto d = aes.decrypt(c);
    }

任何想法是什么问题,如何解决?任何帮助将非常感谢

c++ encryption aes crypto++
1个回答
0
投票

我发现了问题。

即使调用了MessageEnd,IV也在改变,保持对状态的引用 AESUtil。

我通过在加密过程中随机生成IV并将其与密文一起存储解决了这个问题。

如果有人感兴趣,这里是新代码:

void AESUtil::encrypt(std::string &ciphertext, std::string &plaintext) {
    // Generate a random IV
    CryptoPP::SecByteBlock iv(CryptoPP::AES::BLOCKSIZE);
    this->rnd.GenerateBlock(iv, iv.size());
    //memset( iv, 0x00, CryptoPP::AES::BLOCKSIZE );

    CryptoPP::StringSink stringSink(ciphertext);

    CryptoPP::ArraySource as(iv, iv.size(), true,
                             new CryptoPP::Redirector(stringSink));

    CryptoPP::CBC_Mode_ExternalCipher::Encryption cbcEncryption(this->aesEncryption, iv);

    CryptoPP::ByteQueue encrypted;
    CryptoPP::StreamTransformationFilter f1(cbcEncryption, new CryptoPP::Redirector(encrypted));

    f1.Put(reinterpret_cast<const unsigned char *>(plaintext.c_str()), plaintext.size());
    f1.MessageEnd();

    CryptoPP::HexEncoder encoder(new CryptoPP::Redirector(stringSink));
    encrypted.CopyTo(encoder);
    encoder.MessageEnd();

    std::string recovered;
    CryptoPP::StringSink sink(recovered);
    encrypted.CopyTo(sink);
}

void AESUtil::decrypt(std::string &plaintext, std::string &ciphertext) {
    CryptoPP::SecByteBlock iv(CryptoPP::AES::BLOCKSIZE);
    CryptoPP::StringSource ss(ciphertext, false /* DO NOT Pump All */);

    // Attach new filter
    CryptoPP::ArraySink as(iv, iv.size());
    ss.Attach(new CryptoPP::Redirector(as));
    ss.Pump(CryptoPP::AES::BLOCKSIZE);  // Pump first 16 bytes

    CryptoPP::StringSink stringSink(plaintext);
    CryptoPP::ByteQueue decrypted;
    CryptoPP::HexDecoder decoder(new CryptoPP::Redirector(decrypted));

    ss.Detach(new CryptoPP::Redirector(decoder));
    ss.PumpAll();

    CryptoPP::CBC_Mode_ExternalCipher::Decryption cbcDecryption(this->aesDecryption, iv);
    CryptoPP::StreamTransformationFilter f2(cbcDecryption, new CryptoPP::Redirector(stringSink));
    decrypted.CopyTo(f2);
    f2.MessageEnd();
}
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.