4

我正在尝试解密(使用 DES 算法)来自 C# 代码中第三方的数据。这里和其他地方有很多例子帮助了我。问题是我不知道将什么用于“初始化向量”。

第三方提供了一个在命令行上使用的工具(DES.EXE,我相信它是 libdes 库 v4.01 的开箱即用构建),它只需要您提供加密密钥。所以,我可以用这个工具很好地解密。但是,我宁愿不生成一个进程来从我的代码中运行该工具。

我的问题是如何生成/找到该初始化向量。我有 99.9% 的把握可以通过查看其他帖子来完成,但我无法弄清楚。我和第三方谈过,他们说他们不支持这种方法。任何帮助将不胜感激。

4

2 回答 2

2

I spent some time (~2 days) to sort out the same issue. "Rewriting" des.exe into C#. In the end, I got the libdes sources and reverse-engineered the logic.

The initialization vector is all (8) zeros. I.e. new byte[8] should do.

However, the trick may be how to convert a string password into 8 bytes long key. If you're using simple DES (not Triple DES), this code may do the trick for you:

public class LibDesPasswordConvertor
{
    public byte[] PasswordToKey(string password)
    {
        if (password == null)
            throw new ArgumentNullException("password");
        if (password == "")
            throw new ArgumentException("password");

        var key = new byte[8];

        for (int i = 0; i < password.Length; i++)
        {
            var c = (int)password[i];
            if ((i % 16) < 8)
            {
                key[i % 8] ^= (byte)(c << 1);
            }
            else
            {
                // reverse bits e.g. 11010010 -> 01001011
                c = (((c << 4) & 0xf0) | ((c >> 4) & 0x0f));
                c = (((c << 2) & 0xcc) | ((c >> 2) & 0x33));
                c = (((c << 1) & 0xaa) | ((c >> 1) & 0x55));
                key[7 - (i % 8)] ^= (byte)c;
            }
        }

        AddOddParity(key);

        var target = new byte[8];
        var passwordBuffer =
            Encoding.ASCII.GetBytes(password).Concat(new byte[8]).Take(password.Length + (8 - (password.Length % 8)) % 8).ToArray();

        var des = DES.Create();
        var encryptor = des.CreateEncryptor(key, key);
        for (int x = 0; x < passwordBuffer.Length / 8; ++x)
        {
            encryptor.TransformBlock(passwordBuffer, 8 * x, 8, target, 0);
        }

        AddOddParity(target);

        return target;
    }


    private void AddOddParity(byte[] buffer)
    {
        for (int i = 0; i < buffer.Length; ++i)
        {
            buffer[i] = _oddParityTable[buffer[i]];
        }
    }

    private static byte[] _oddParityTable = {
          1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
         16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
         32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
         49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
         64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
         81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
         97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
        112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
        128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
        145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
        161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
        176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
        193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
        208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
        224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
        241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
}

(Some pieces of libdes code reused, though I had to figure out the DES "checksum" part myself).

The last pitfall is, that libdes uses non-standard padding mechanism. It's almost like the ISO one, but the last byte is not the number of added bytes but 8 - this number. I set the Padding property to None and handled the padding myself.

于 2013-11-26T15:19:30.610 回答
0

有关分组密码中使用的不同操作模式的描述,请参见http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation。如果您使用的是 ECB 模式,它只是逐块加密消息,则不需要初始化向量 (IV)。也许您必须检查您的 DES 库以设置 ECB 模式/禁用其他库。

如果他们不使用 ECB 模式,您需要 IV,您无法“猜测”它。在大多数情况下,IV 不必保密,因此移动它不是问题。

于 2009-10-23T18:59:27.697 回答