Bcryptdecrypt 无法正确解密数据

问题描述 投票:0回答:1

我有一些之前使用 cryptdecrypt API 加密过的数据。由于它已被弃用,我应该转向最新的 bcryptdecrypt (CNG)API。但是使用这段代码我无法正确解密数据。我仍然在 pbPlainText 中看到垃圾。API 都成功了,只是解密没有正确发生。 这是代码:

bool decrypt(PBYTE pbCipherText,DWORD cbCipherText)
{
   BCRYPT_KEY_HANDLE hKey = NULL;
   BCRYPT_ALG_HANDLE  m_Context;
   NTSTATUS status = 0;
    DWORD cbBlockLen = 0;
    DWORD cbKeyObject = 0;
    DWORD cbData = 0;
    // Set up the initial vector
    PBYTE pbIV = nullptr;
    PBYTE pbKeyObject = nullptr;

    bool ret = false;

if (BCryptOpenAlgorithmProvider(
        &m_Context,
        BCRYPT_AES_ALGORITHM,
        NULL,
        0))
    {
        Result = FALSE;
        throw exLibCryptoException("Unable to find CryptAcquireContext function");

    } 

    // Generate the key from supplied input key bytes.
    if (!NT_SUCCESS(status = BCryptGenerateSymmetricKey(
        m_Context,
        &hKey,nullptr, 0,
        KeyData,
        KeySize,
        0)))
    {
        wprintf(L"**** Error 0x%x returned by BCryptGenerateSymmetricKey\n", status);

    }

    status = BCryptImportKey(m_Context, nullptr, BCRYPT_OPAQUE_KEY_BLOB, &hKey, pbKeyObject,
        cbKeyObject, pbBlob, cbBlob, 0);



    if (!NT_SUCCESS(status = BCryptGetProperty(
        m_Context,
        BCRYPT_BLOCK_LENGTH,
        (PBYTE)&cbBlockLen,
        sizeof(DWORD),
        &cbData,
        0)))
    {
        //EM_LOG_TRIVIAL_2(L"**** Error 0x%x returned by BCryptGetProperty\n", status);
        ret = false;
    }
    
    pbIV = (PBYTE)HeapAlloc(GetProcessHeap(), 0, cbBlockLen);
    if (NULL == pbIV)
    {
        ///EM_LOG_TRIVIAL_2(L"**** memory allocation failed\n");
        ret = false;
    }

    if (!NT_SUCCESS(status = BCryptGenRandom(BCRYPT_RNG_ALG_HANDLE, pbIV, cbBlockLen, 0)))
    {
        goto Cleanup;
    }


    if (!NT_SUCCESS(status = BCryptSetProperty(
        m_Context,
        BCRYPT_CHAINING_MODE,
        (PBYTE)BCRYPT_CHAIN_MODE_CBC,
        sizeof(BCRYPT_CHAIN_MODE_CBC),
        0)))
    {
        //wprintf(L"**** Error 0x%x returned by BCryptSetProperty\n", status);
    }
    

    if (_Data.size() < cbBlockLen)
        return false;

    
        //check that size is multiple of 16
        if (cbCipherText % 16) {
            return false;
        }

        if (!NT_SUCCESS(status = BCryptDecrypt(
            hKey,
            pbCipherText,
            cbCipherText,
            NULL,
            pbIV,
            cbBlockLen,
            NULL,
            0,
            &cbPlainText,
            0)))
        {
            wprintf(L"**** Error 0x%x returned by BCryptDecrypt\n", status);
        }


        pbPlainText = (PBYTE)HeapAlloc(GetProcessHeap(), 0, cbPlainText);
        if (NULL == pbPlainText)
        {
            wprintf(L"**** memory allocation failed\n");
        }

        if (!NT_SUCCESS(status = BCryptDecrypt(
            hKey,
            pbCipherText,
            cbCipherText,
            NULL,
            pbIV,
            cbBlockLen,
            pbPlainText,
            cbPlainText,
            &cbPlainText,
            0)))
        {
            wprinft(L"decrypt failed");
        }
        

    return true;
}

提前致谢!

c++ windows cryptography msdn cng
1个回答
0
投票

我正在创建一个新的用于解密的 IV,这是错误的。我应该提取 IV 并使用没有 IV 的缓冲区。这样做之后它就可以解密了。 谢谢@273K

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.