NodeJS TweetNaCl.js加密和解密无法正常工作

kfgdxczn  于 2023-03-22  发布在  Node.js
关注(0)|答案(1)|浏览(156)

我需要用用户的公钥加密一条消息。用户将收到该消息,并将不得不用私钥解密它。我尝试了各种方法,但我不能找出我做错了什么。我做了一个节点脚本,它只安装两个必要的依赖项即可独立工作(tweetnacl和tweetnacl-utils)。显然消息被正确加密了,但是当我试图解密它时,我得到了“null”的decrypted_message常量。
我已经使用这两个库来签名消息,签名部分工作正常,所以我不打算切换库。你能告诉我我做错了什么吗?这是你可以用node js运行的代码

const nacl = require('tweetnacl');
const naclUtil = require('tweetnacl-util');

// Getting keypair from a key
const x25519_from_key = (key) => {
    console.log(key.length)
    const boxKeyPair = nacl.box.keyPair.fromSecretKey(key);
    const secretKey = boxKeyPair.secretKey;
    const publicKey = boxKeyPair.publicKey;

    const result = {
        publicKey:
        {
            uint: publicKey,
            base64: naclUtil.encodeBase64(publicKey)
        },
        secretKey: {
            uint: secretKey,
            base64: naclUtil.encodeBase64(secretKey)
        }
    }

    return result;
};

// Encrypt a message using the public key
const encryptMessage = (message, x25519_public_uint) => {

    const nonce = nacl.randomBytes(nacl.box.nonceLength);
    const message_decoded = naclUtil.decodeUTF8(message);

    const encrypted_message = nacl.box.after(
        message_decoded,
        nonce,
        x25519_public_uint
    );

    return {
        nonce_base64: naclUtil.encodeBase64(nonce),
        encrypted_message_encoded: naclUtil.encodeBase64(encrypted_message),
    };
};

// Decrypt message using the secret key
const decryptMessage = (encrypted_message, nonce_base64, x25519_secret_key) => {

  
    const nonce = naclUtil.decodeBase64(nonce_base64);
    const encrypted_message_decoded = naclUtil.decodeBase64(encrypted_message);
  
    const decrypted_message = nacl.box.open.after(
      encrypted_message_decoded,
      nonce,
      x25519_secret_key
    );

    return naclUtil.encodeUTF8(decrypted_message);
  };
  

// Generating keypair x25519
const keyPair = x25519_from_key(nacl.randomBytes(nacl.box.secretKeyLength));

// Encrypt with publicKey
const message = 'This is a plain message';
const encrypted = encryptMessage(message, keyPair.publicKey.uint);

console.log('Original message:', message);

// Show encrypted message
console.log('Encrypted message:', encrypted.encrypted_message_encoded);
console.log('Nonce:', encrypted.nonce_base64);

// Show decrypted message
const decrypted = decryptMessage(encrypted.encrypted_message_encoded, encrypted.nonce_base64, keyPair.secretKey.uint);
console.log('Decrypted message:', decrypted);
aurhwmvo

aurhwmvo1#

在加密或解密时,必须应用自己的秘密密钥和另一方的公钥。这在以下工作代码中显示,这基本上是基于您的代码:

var naclUtil = nacl.util

// Getting keypair from a key
const x25519_from_key = (key) => {
    console.log(key.length)
    const boxKeyPair = nacl.box.keyPair.fromSecretKey(key);
    const secretKey = boxKeyPair.secretKey;
    const publicKey = boxKeyPair.publicKey;

    const result = {
        publicKey:
        {
            uint: publicKey,
            base64: naclUtil.encodeBase64(publicKey)
        },
        secretKey: {
            uint: secretKey,
            base64: naclUtil.encodeBase64(secretKey)
        }
    }

    return result;
};

// Encrypt message using the own secret key and the public key of the other side
const encryptMessage = (message, x25519_public_uint, x25519_secret_key) => {

    const nonce = nacl.randomBytes(nacl.box.nonceLength);
    const message_decoded = naclUtil.decodeUTF8(message);

    const encrypted_message = nacl.box(
        message_decoded,
        nonce,
        x25519_public_uint,
        x25519_secret_key
    );

    return {
        nonce_base64: naclUtil.encodeBase64(nonce),
        encrypted_message_encoded: naclUtil.encodeBase64(encrypted_message),
    };
};

// Decrypt message using the own secret key and the public key of the other side
const decryptMessage = (encrypted_message, nonce_base64, x25519_public_uint, x25519_secret_key) => {
  
    const nonce = naclUtil.decodeBase64(nonce_base64);
    const encrypted_message_decoded = naclUtil.decodeBase64(encrypted_message);
    const decrypted_message = nacl.box.open(
      encrypted_message_decoded,
      nonce,
      x25519_public_uint,
      x25519_secret_key
    );

    return naclUtil.encodeUTF8(decrypted_message);
  };
  

// Generating keypair x25519 for A and B side
const keyPairA = x25519_from_key(nacl.randomBytes(nacl.box.secretKeyLength));
const keyPairB = x25519_from_key(nacl.randomBytes(nacl.box.secretKeyLength));

// A side: Encrypt message using the own secret key (A side) and the public key of the other side (B side)
const message = 'This is a plain message';
const encrypted = encryptMessage(message, keyPairB.publicKey.uint, keyPairA.secretKey.uint);

console.log('Original message:', message);

// Show encrypted message
console.log('Encrypted message:', encrypted.encrypted_message_encoded);
console.log('Nonce:', encrypted.nonce_base64);

// B side: Decrypt message using the own secret key (B side) and the public key of the other side (A side)
const decrypted = decryptMessage(encrypted.encrypted_message_encoded, encrypted.nonce_base64, keyPairA.publicKey.uint, keyPairB.secretKey.uint);
console.log('Decrypted message:', decrypted);
<script src="https://cdn.jsdelivr.net/npm/tweetnacl-util@0.15.1/nacl-util.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/tweetnacl@1.0.3/nacl-fast.min.js"></script>

与您的代码的主要区别在于,这里发布的代码使用nacl.box()(而不是nacl.box.after())进行加密,使用nacl.box.open()(而不是nacl.box.open.after())进行解密。
NaCl/Libsodium允许确定共享密钥(before()方法)和加密/解密(after()方法),以 * 单独 * 执行,请参见Tweet NaCl文档或Libsodium文档中的更多详细信息。
在您的代码中,after()方法应用不正确(after()需要共享密钥,而共享密钥又必须由before()方法确定)。

相关问题