AES-CTR在Go中加密,在CryptoJS中解密

axkjgtzd  于 2023-02-01  发布在  Go
关注(0)|答案(3)|浏览(186)

我有一个问题解密文本,这是在Go语言加密,与CryptoJS.
下面是Go语言的代码:https://play.golang.org/p/xCbl48T_iN

package main

import (
    "crypto/aes"
    "crypto/cipher"
    "encoding/base64"
    "fmt"
)

func main() {
    key := []byte("1234567890123456")
    plaintext := []byte("text can be a random lenght")

    block, err := aes.NewCipher(key)
    if err != nil {
        panic(err)
    }

    // The IV needs to be unique, but not secure. Therefore it's common to
    // include it at the beginning of the ciphertext.
    // BTW (only for test purpose) I don't include it

    ciphertext := make([]byte, len(plaintext))

    iv := []byte{'\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f'}

    stream := cipher.NewCTR(block, iv)
    stream.XORKeyStream(ciphertext, plaintext) 

    // CTR mode is the same for both encryption and decryption, so we can
    // also decrypt that ciphertext with NewCTR.
        base := base64.StdEncoding.EncodeToString(ciphertext)
    fmt.Printf("encodedHEX: %x\n", ciphertext)
    fmt.Printf("encodedBASE: %s\n", base)

    plaintext2 := make([]byte, len(plaintext))
    stream = cipher.NewCTR(block, iv)
    stream.XORKeyStream(plaintext2, ciphertext)

    fmt.Printf("decoded: %s\n", plaintext2)
}

下面是JS代码:http://jsfiddle.net/Ltkxm64n/

var key = CryptoJS.enc.Hex.parse('31323334353637383930313233343536');
var iv = CryptoJS.enc.Hex.parse('0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f');
var encrypted = CryptoJS.AES.encrypt("text can be a random lenght", key, {
  mode: CryptoJS.mode.CTR,
  iv: iv
});

console.log(encrypted.ciphertext.toString());
console.log(encrypted.toString());

var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
  mode: CryptoJS.mode.CTR,
  iv: iv
});
console.log(decrypted.toString(CryptoJS.enc.Utf8)); 
// text can be a random lenght

这两种方法都可以很好地进行加密和解密,但是当我把base64密文从Go复制到JS(反之亦然)时,它就不起作用了。我还注意到js输出的第一部分和Go输出的第一部分是一样的,但是js输出的字节数比Go输出的多。
我的目的是在GO中加密一些文本,然后将Base64密文发送给JS,由JS来解密。
谢谢

but5z9lq

but5z9lq1#

好吧,你可以这样做来解决这个问题:
1.将无填充js添加到源代码列表中:http://crypto-js.googlecode.com/svn/tags/3.1/build/components/pad-nopadding.js
1.加密/解密时指定参数:padding: CryptoJS.pad.NoPadding
CTR模式不需要在加密前填充纯文本。
从多个AES块生成的密钥流在异或运算之前被修整以匹配纯文本长度。
看起来CryptoJS用纯文本生成密钥流到xor,但不修剪它,因为没有padding: CryptoJS.pad.NoPadding的CryptoJS生成的密文长度总是16字节的倍数(正好是AES块大小)。

var key = CryptoJS.enc.Hex.parse('31323334353637383930313233343536');
var iv = CryptoJS.enc.Hex.parse('0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f');
var encrypted = CryptoJS.AES.encrypt("text can be a random lenght", key, {
  mode: CryptoJS.mode.CTR,
  iv: iv,
  padding: CryptoJS.pad.NoPadding
});

document.getElementById("id").innerHTML = encrypted.ciphertext.toString();
document.getElementById("id2").innerHTML = encrypted.toString();

var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
  mode: CryptoJS.mode.CTR,
  iv: iv,
  padding: CryptoJS.pad.NoPadding
});
document.getElementById("decrypt").innerHTML = decrypted.toString(CryptoJS.enc.Utf8); // text can be a random lenght
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/mode-ctr.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1/build/components/pad-nopadding.js"></script>
<p> Ciphertext in HEX: </p>
<p id="id"> </p>
<p> Ciphertext in BASE64: </p>
<p id="id2"> </p>
<p> PlainText: </p>
<p id="decrypt"></p>
ygya80vv

ygya80vv2#

你必须在编码前给明文加上填充
例如:

func addPadding(data []byte, blocksize int) []byte {

    padSize := len(data) % blocksize
    if padSize == 0 {
        return data
    }
    padSize = blocksize - padSize
    return append(data, bytes.Repeat([]byte{byte(padSize)}, padSize)...)
}
//in main
    plaintext := []byte("text can be a random lenght")
    plaintext = addPadding(plaintext, aes.BlockSize)
v6ylcynt

v6ylcynt3#

    • 更新日期:2023年**
// CryotoJS CDN
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js" integrity="sha512-E8QSvWZ0eCLGk4km3hxSsNmGWbLtSCSUcewDQPQWZF6pEU8GlT8a5fF32wOl1i8ftdMhssTrF/OhyGWwonTcXA==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>

let config = {
    mode: CryptoJS.mode.CTR,
    iv: CryptoJS.enc.Utf8.parse('YourInitialVector'),
    padding: CryptoJS.pad.NoPadding
};

let dataObjString = JSON.stringify(YourDataObj);

let ciphertext = CryptoJS.AES.encrypt(dataObjString, CryptoJS.enc.Utf8.parse('YourEncryptionKey'), config).toString();

console.log("Encrypted ", ciphertext);

let bytes = CryptoJS.AES.decrypt(ciphertext, CryptoJS.enc.Utf8.parse('YourEncryptionKey'), config);
                
console.log("Decrypted ", JSON.parse(bytes.toString(CryptoJS.enc.Utf8)));

希望这对你有帮助。干杯:)

相关问题