Blowfish在OpenSSL和Golang之间的结果不同。

huangapple go评论102阅读模式
英文:

Blowfish results are different between OpenSSL and Golang

问题

问题出在Blowfish加密算法的实现上。在Go代码中,使用了golang.org/x/crypto/blowfish包来进行加密,而在C代码中,使用了OpenSSL库的openssl/blowfish.h头文件和BF_encrypt函数来进行加密。

问题可能出在两者之间的差异上。你可以尝试检查以下几个方面来找出问题所在:

  1. 密钥长度:确保Go代码和C代码中使用的密钥长度相同。在Go代码中,密钥长度为32字节,而在C代码中,密钥长度也是32字节。

  2. 数据填充:Blowfish算法要求数据长度必须是8字节的倍数。在Go代码中,使用了make([]byte, 8)来创建长度为8的字节数组,而在C代码中,数据长度也是8字节。确保数据长度满足Blowfish算法的要求。

  3. 字节顺序:Blowfish算法对字节顺序有要求。在C代码中,使用了BF_encrypt函数对数据进行加密,而在Go代码中,使用了cipher.Encrypt方法。这两者可能对字节顺序有不同的处理方式。你可以尝试在Go代码中使用cipher.Encrypt方法的替代方法,例如cipher.EncryptBlock,看看是否能够得到与C代码相同的结果。

希望以上提示对你有帮助!如果还有其他问题,请随时提问。

英文:

I want to read VIM encoded files in Go. This code works good enough for small file so I've decided to convert it to Go. Key generation works fine, but Blowfish encoding does not. I've traced the problem to different outcome from BF_encrypt and cipher.Encrypt(...).

Input

key: c904a7a85bbd975324c5083ed96ff022f25e062da1d575b2462c2c98d8d64d9d
data: 538b7759834d3418

Output

Golang: b5cf33144acbc794
C:      90baa70ec3e44867

Golang code:

package main

import (
	"fmt"
	"golang.org/x/crypto/blowfish"
)

func main() {
	key := []byte{0xc9, 0x04, 0xa7, 0xa8, 0x5b, 0xbd, 0x97, 0x53, 0x24, 0xc5, 0x08, 0x3e, 0xd9, 0x6f, 0xf0, 0x22, 0xf2, 0x5e, 0x06, 0x2d, 0xa1, 0xd5, 0x75, 0xb2, 0x46, 0x2c, 0x2c, 0x98, 0xd8, 0xd6, 0x4d, 0x9d}
	data := []byte{0x53, 0x8b, 0x77, 0x59, 0x83, 0x4d, 0x34, 0x18}

	cipher, err := blowfish.NewCipher(key)
	if err != nil {
		panic(err)
	}

	fmt.Printf("key: %x\n", key)
	fmt.Printf("data: %x\n", data)

	encrypted := make([]byte, 8)
	cipher.Encrypt(encrypted, data)
	fmt.Printf("encrypted: %x\n", encrypted)
}

C code:

#include <stdio.h>
#include <string.h>
#include <openssl/blowfish.h>
#include <openssl/sha.h>

/*
clang test1.c -o test1 \
-I/usr/local/Cellar/openssl/1.0.2k/include \
-L/usr/local/Cellar/openssl/1.0.2k/lib \
-lcrypto
./test1
*/

int main(int argc, char *argv[]) {
    unsigned char key[32] = {0xc9, 0x04, 0xa7, 0xa8, 0x5b, 0xbd, 0x97, 0x53, 0x24, 0xc5, 0x08, 0x3e, 0xd9, 0x6f, 0xf0, 0x22, 0xf2, 0x5e, 0x06, 0x2d, 0xa1, 0xd5, 0x75, 0xb2, 0x46, 0x2c, 0x2c, 0x98, 0xd8, 0xd6, 0x4d, 0x9d};
    unsigned char data[8] = {0x53, 0x8b, 0x77, 0x59, 0x83, 0x4d, 0x34, 0x18};

    BF_KEY bf_key;
    BF_set_key(&bf_key, 32, key);

    printf("key: ");
    for (int j = 0; j < 32; j++) printf("%02x", key[j]);
    printf("\n");
    printf("data: ");
    for (int j = 0; j < 8; j++) printf("%02x", data[j]);
    printf("\n");

    BF_encrypt((unsigned int*)data, &bf_key);

    printf("encrypted: ");
    for (int j = 0; j < 8; j++) printf("%02x", data[j]);
    printf("\n");

    return 0;
}

Can you see where the problem is?

答案1

得分: 3

问题出在变量dataencrypted的字节顺序上。在C代码中,data(8字节)从字节数组转换为unsigned int(32位小端序),然后在原地进行加密。这会影响输入和加密结果的字节顺序。为了在Golang中获得相同的结果,你必须执行字节顺序转换,例如:

package main

import (
    "bytes"
    "fmt"
    "encoding/binary"
    "golang.org/x/crypto/blowfish"
)

func convertEndian(in []byte) ([]byte, error) {
    // 将字节数组按照小端序读取为uint32
    var v1, v2 uint32
    buf := bytes.NewReader(in)
    if err := binary.Read(buf, binary.LittleEndian, &v1); err != nil {
        return nil, err
    }
    if err := binary.Read(buf, binary.LittleEndian, &v2); err != nil {
        return nil, err
    }

    // 将uint32转换为字节数组
    out := make([]byte, 8)
    binary.BigEndian.PutUint32(out, v1)
    binary.BigEndian.PutUint32(out[4:], v2)

    return out, nil
}

func main() {
    key := []byte{0xc9, 0x04, 0xa7, 0xa8, 0x5b, 0xbd, 0x97, 0x53, 0x24, 0xc5, 0x08, 0x3e, 0xd9, 0x6f, 0xf0, 0x22, 0xf2, 0x5e, 0x06, 0x2d, 0xa1, 0xd5, 0x75, 0xb2, 0x46, 0x2c, 0x2c, 0x98, 0xd8, 0xd6, 0x4d, 0x9d}
    data := []byte{0x53, 0x8b, 0x77, 0x59, 0x83, 0x4d, 0x34, 0x18}

    // 添加:这相当于C中的(unsigned int *)data
    cdata, _ := convertEndian(data)

    cipher, err := blowfish.NewCipher(key)
    if err != nil {
        panic(err)
    }

    fmt.Printf("key: %x\n", key)
    fmt.Printf("data: %x\n", cdata)

    encrypted := make([]byte, 8)
    cipher.Encrypt(encrypted, cdata)
    fmt.Printf("encrypted-1: %x\n", encrypted)

    // 添加:这相当于{uint32, uint32} --> 字节数组
    ce, _ := convertEndian(encrypted)
    fmt.Printf("encrypted-2: %02x\n", ce)
}

以上是Golang代码,用于在Golang中执行相同的操作。

英文:

The problem is in the endianness of variable data and encrypted. In the C code, data (8-bytes) is converted from byte array to unsigned int(32-bit little-endian), then being encrypted in place. It affects the endianness of both input and encrypted result. To get same result in Golang, you must perform endian conversion, e.g.

package main
import (
"bytes"
"fmt"
"encoding/binary"
"golang.org/x/crypto/blowfish"
)
func convertEndian(in []byte) ([]byte, error) {
//Read byte array as uint32 (little-endian)
var v1, v2 uint32
buf := bytes.NewReader(in)
if err := binary.Read(buf, binary.LittleEndian, &v1); err != nil {
return nil, err
}
if err := binary.Read(buf, binary.LittleEndian, &v2); err != nil {
return nil, err
}
//convert uint32 to byte array
out := make([]byte, 8)
binary.BigEndian.PutUint32(out, v1)
binary.BigEndian.PutUint32(out[4:], v2)
return out, nil
}
func main() {
key := []byte{0xc9, 0x04, 0xa7, 0xa8, 0x5b, 0xbd, 0x97, 0x53, 0x24, 0xc5, 0x08, 0x3e, 0xd9, 0x6f, 0xf0, 0x22, 0xf2, 0x5e, 0x06, 0x2d, 0xa1, 0xd5, 0x75, 0xb2, 0x46, 0x2c, 0x2c, 0x98, 0xd8, 0xd6, 0x4d, 0x9d}
data := []byte{0x53, 0x8b, 0x77, 0x59, 0x83, 0x4d, 0x34, 0x18}
//Add: This is equal to: (unsigned int *)data in C
cdata, _ := convertEndian(data)
cipher, err := blowfish.NewCipher(key)
if err != nil {
panic(err)
}
fmt.Printf("key: %x\n", key)
fmt.Printf("data: %x\n", cdata)
encrypted := make([]byte, 8)
cipher.Encrypt(encrypted, cdata)
fmt.Printf("encrypted-1: %x\n", encrypted)
//Add: This is equal to {uint32, uint32} --> byte array
ce, _ := convertEndian(encrypted)
fmt.Printf("encrypted-2: %02x\n", ce)
}

huangapple
  • 本文由 发表于 2017年5月31日 09:24:36
  • 转载请务必保留本文链接:https://go.coder-hub.com/44274221.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定