问题
I have an application written in Classic ASP that encrypts data via CAPICOM and stores it in a database. The encryption code looks something like this (Classic ASP, VB. Simplified a bit for brevity):
set encryptObject = Server.CreateObject("CAPICOM.EncryptedData")
encryptObject.Algorithm.Name = 4 ' 4 is AES
encryptObject.Algorithm.KeyLength = ' 0 is MAX
encryptObject.SetSecret(sharedSecret) ' sharedSecret was set earlier
encryptObject.Content = stringToEncrypt
encryptedString = encryptObject.Encrypt()
Now, I have a .NET application that needs to read this data and decrypt it. I've done AES-compatible encryption/decryption in .NET before using the RijndaelManaged class, and I'm hoping I can use that same method to decrypt this data. However, I can't figure out how to get this to work with CAPICOM's encrypted data, because RijndaelManaged requires that you pass a key AND an intialization vector when calling RijndaelManaged.CreateEncryptor, and CAPICOM doesn't take an initialization vector. I assume CAPICOM must be using an initialization vector, but not exposing it. How can I find that vector?
回答1:
Start by passing an all-zeros IV to the .NET decryption routine.
If the whole message decrypts fine, then the original encryption also used a null IV.
It is more likely that you will get a mangled first block (16 bytes) and readable second and subsequent blocks.
If the second block looks as if it is the actual start of the message then the original IV was passed as the first block of the encrypted message. That is a pretty common technique.
If not then you are going to have to ask whoever encrypted the message what IV they used. Or else live without the first 16 bytes of the message.
来源:https://stackoverflow.com/questions/8670499/how-can-i-find-the-initialization-vector-capicom-used-to-aes-encrypt-my-data