How to implement “AES/CFB/NoPadding” Encryption/De

2019-09-07 11:25发布

问题:

We are porting the existing code to Windows 8 now, the data file downloaded from the server is encrypted in "AES/CFB/NoPadding", and we cannot change the data encryption mode because the data file is used by a lot of existing clients.

In WinRT , the [SymmetricAlgorithmNames][1] doesn't contains a name to match "AES/CFB/NoPadding". And from the [SymmetricKeyAlgorithmProvider][2] document, the NoPadding algorithms don't contain "CFB"

  • No padding:
  • DES_CBC
  • DES_ECB
  • 3DES_CBC
  • 3DES_ECB
  • RC2_CBC
  • RC2_ECB
  • AES_CBC
  • AES_ECB
So how can we get a [SymmetricKeyAlgorithmProvider][2] to support AES/CFB/NoPadding ? Is there 3rd party Encryption package for Metro App ?

回答1:

One option is to use BouncyCastle library, they do support Aes/Ofb/NoPadding.

Another option is to use System.Security.Cryptography.Aes from c# framework and encrypt using PaddingMode.Zeros, then truncate encrypted data to the same length as input data (discard padded data at the end of encrypted text). When decrypting, append padding (any garbage or zeros) to cipertext to align to the block length, set PaddingMode.None, decrypt, throw away padded bytes at the end (they will be bogus). Something like this:

        var aes2 = Aes.Create();
        aes2.KeySize = 128;
        aes2.BlockSize = 128;
        aes2.Mode = CipherMode.CFB;
        aes2.Padding = PaddingMode.Zeros;
        var aes2Data = new byte[buff.Length];
        // strip padded data
        Buffer.BlockCopy(aes2.CreateEncryptor().TransformFinalBlock(buff, 0, buff.Length), 0,
            aes2Data, 0, buff.Length);
        Console.WriteLine("Aes2 size: {0}", aes2Data.Length);


        // validate aes2
        var size = aes2Data.Length;
        var pad = aes2Data.Length % 16;
        if (pad != 0)
        {
            var tmp = new byte[aes2Data.Length + 16 - pad];
            Buffer.BlockCopy(aes2Data, 0, tmp, 0, aes2Data.Length);
            aes2Data = tmp;
        }

        var aes2Decr = Aes.Create();
        aes2Decr.Padding = PaddingMode.None;
        aes2Decr.Key = aes2.Key;
        aes2Decr.Mode = aes2.Mode;
        aes2Decr.IV = aes2.IV;
        var data2 = aes2Decr.CreateDecryptor().TransformFinalBlock(aes2Data, 0, aes2Data.Length);
        valid = data2.Take(size).SequenceEqual(buff);
        if (!valid)
            throw new ApplicationException("Invalid data");