php - php mcrypt 和 Delphi 组件之间的 AES 加密差异

Question

我正在使用来自 chillkat 的 Delphi 组件，它为我进行 AES 加密。它就像一个魅力，服务器接受我的加密请求。所以我尝试使用 mcrypt 创建一个 php 挂件。但是 PHP mcypt 结果与 Delphi Chillcat 结果相比是不同的——即使所有参数都相同。因此服务器拒绝 php 请求。

所有加密设置都相同:

密码名称:AES 128

密码模式:ECB

填充方案:使用 NULL 填充

key 长度:128

key :1234567890ABE1234567890ABE1234DB

要加密的字符串:这是一个非常酷的测试字符串

这是一个小的 php 脚本:

<?php 
    $key = '1234567890ABE1234567890ABE1234DB';
    function string_encrypt($string, $key) {
        $crypted_text = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $string, MCRYPT_MODE_ECB);
        return $crypted_text;
    }

    function string_decrypt($encrypted_string, $key) {
        $decrypted_text = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $encrypted_string, MCRYPT_MODE_ECB);
        return trim($decrypted_text);
    }

    echo $test_str = 'This is a really cool teststring';   echo '<br />';
    $enc_str = string_encrypt($test_str, $key);
    echo bin2hex($enc_str);                                     echo '<br />';
    echo string_decrypt($enc_str, $key);                        echo '<br />';

    ?>

php输出为:
e355fbcd91ada4b835e1b030cc9741759219f59fe441ba62e628eca2e8289eb3

这是德尔福代码:

function encrypt(s:PWideChar;mode,padding:integer;algo,cipher,keylength:string):string;
var
crypt: HCkCrypt2;
success: Boolean;
ivHex: PWideChar;
keyHex: PWideChar;
encStr: PWideChar;
decStr: PWideChar;

begin
crypt := CkCrypt2_Create();

//  AES is also known as Rijndael.
CkCrypt2_putCryptAlgorithm('aes');
// "pki", "aes", "blowfish", "blowfish2", "des", "3des", "rc2", "arc4", "twofish", "pbes1" and "pbes2"

//  CipherMode may be "ecb" or "cbc"
CkCrypt2_putCipherMode(crypt,'ecb');

//  KeyLength may be 128, 192, 256
try
  CkCrypt2_putKeyLength(crypt,128);
Except
  showmessage('The encryption key you have used seems to be invalid');
end;


//  The padding scheme determines the contents of the bytes
//  that are added to pad the result to a multiple of the
//  encryption algorithm's block size.  AES has a block
//  size of 16 bytes, so encrypted output is always
//  a multiple of 16.

{
Possible values are:

0 = RFC 1423 padding scheme: Each padding byte is set to the number of padding bytes.
If the data is already a multiple of algorithm's block size bytes, an extra block is
appended each having a value equal to the block size. (for example, if the algorithm's
block size is 16, then 16 bytes having the value 0x10 are added.). (This is also known as
PKCS5 padding: PKCS #5 padding string consists of a sequence of bytes, each of which
is equal to the total number of padding bytes added. )

1 = FIPS81 (Federal Information Processing Standards 81) where the last byte contains
the number of padding bytes, including itself, and the other padding bytes are set to random values.

2 = Each padding byte is set to a random value. The decryptor must know
how many bytes are in the original unencrypted data.

3 = Pad with NULLs. (If already a multiple of the algorithm's block size,
no padding is added).

4 = Pad with SPACE chars(0x20). (If already a multiple of algorithm's block size, no padding is added).
}
CkCrypt2_putPaddingScheme(crypt,3);

//  EncodingMode specifies the encoding of the output for
//  encryption, and the input for decryption.
//  It may be "hex", "url", "base64", or "quoted-printable".
CkCrypt2_putEncodingMode(crypt,'hex');

//  An initialization vector is required if using CBC mode.
//  ECB mode does not use an IV.
//  The length of the IV is equal to the algorithm's block size.
//  It is NOT equal to the length of the key.
ivHex := '';
CkCrypt2_SetEncodedIV(crypt,ivHex,'hex');

//  The secret key must equal the size of the key.  For
//  256-bit encryption, the binary secret key is 32 bytes.
//  For 128-bit encryption, the binary secret key is 16 bytes.

keyHex := '1234567890ABE1234567890ABE1234DB';
CkCrypt2_SetEncodedKey(crypt,keyHex,'hex');

//  Encrypt a string...
//  The input string is 44 ANSI characters (i.e. 44 bytes), so
//  the output should be 48 bytes (a multiple of 16).
//  Because the output is a hex string, it should
//  be 96 characters long (2 chars per byte).


 //encryption
 if mode = 0 then
 begin
   encStr := CkCrypt2__encryptStringENC(crypt,s);
   result := encStr;
 end
 else
 begin
  result := CkCrypt2__decryptStringENC(crypt,s);
 end;


CkCrypt2_Dispose(crypt);
End;

chillkat Delphi 组件的输出为:
780F849AB30690433409D4FB7B3357735296A6E76D3AA6B6D6C769BE99F32041

我认为两个输出应该产生相同的值，因为所有输入参数都相等，对吧？

Answer 1

MCrypt 期望 key 是一个二进制字符串，但你将一个十六进制编码的字符串传递给它。

采用

$key = hex2bin($key);

或者

$key = pack('H*', $key);

取决于 PHP 支持。这必须在调用 mcrypt_encrypt() 之前完成.

安全:

永远不要使用欧洲央行模式。它在语义上不安全。攻击者可以在不解密密文的情况下获得很多信息。您至少需要使用随机 IV 的 CBC 模式。您还应该有密文的身份验证标签。

This answer为您提供您需要了解的所有信息。剩下的一件事，不要使用 MCrypt。这是一个旧的无人维护的图书馆。

This answer在这方面也非常有帮助，可以通过不同的方式实现相同的目标。