How can I find the initialization vector CAPICOM used to AES-encrypt my data?

强颜欢笑 提交于 2021-01-29 04:20:53

问题


I have an application written in Classic ASP that encrypts data via CAPICOM and stores it in a database. The encryption code looks something like this (Classic ASP, VB. Simplified a bit for brevity):

set encryptObject = Server.CreateObject("CAPICOM.EncryptedData")

encryptObject.Algorithm.Name = 4 ' 4 is AES
encryptObject.Algorithm.KeyLength = ' 0 is MAX
encryptObject.SetSecret(sharedSecret) ' sharedSecret was set earlier
encryptObject.Content = stringToEncrypt

encryptedString = encryptObject.Encrypt()

Now, I have a .NET application that needs to read this data and decrypt it. I've done AES-compatible encryption/decryption in .NET before using the RijndaelManaged class, and I'm hoping I can use that same method to decrypt this data. However, I can't figure out how to get this to work with CAPICOM's encrypted data, because RijndaelManaged requires that you pass a key AND an intialization vector when calling RijndaelManaged.CreateEncryptor, and CAPICOM doesn't take an initialization vector. I assume CAPICOM must be using an initialization vector, but not exposing it. How can I find that vector?


回答1:


Start by passing an all-zeros IV to the .NET decryption routine.

If the whole message decrypts fine, then the original encryption also used a null IV.

It is more likely that you will get a mangled first block (16 bytes) and readable second and subsequent blocks.

If the second block looks as if it is the actual start of the message then the original IV was passed as the first block of the encrypted message. That is a pretty common technique.

If not then you are going to have to ask whoever encrypted the message what IV they used. Or else live without the first 16 bytes of the message.



来源:https://stackoverflow.com/questions/8670499/how-can-i-find-the-initialization-vector-capicom-used-to-aes-encrypt-my-data

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!