使用CryptoJS解密Golang AES-CBC 256。

huangapple go评论93阅读模式
英文:

Golang AES-CBC 256 to decrypt using CryptoJS

问题

多天来一直在努力让Golang的AES-CBC和CryptoJS配合工作(或者反过来),我修复了大部分错误,但是无法解密,尽管我已经确认了密钥、初始向量和密文在两端是相同的。

肯定有人知道,网络上没有任何可行的示例...

// Golang代码
如果 a == "test64bytes" {
output = "AAAAAAAABBBBBBBBCCCCCCCCDDDDDDDDAAAAAAAABBBBBBBBCCCCCCCCDDDDDDDD"
}
// 加密ajax响应
iv := decodeBase64("AAAAAAAAAAAAAAAAAAAAAA==")
ciphertext := []byte(output)
ckey := decodeBase64(string(PLAINkey[0:32]))

c, err := aes.NewCipher(ckey)
cfbdec := cipher.NewCBCDecrypter(c, iv)
plaintext := make([]byte, len(ciphertext))
cfbdec.CryptBlocks(plaintext, ciphertext)
crypt := string(encodeBase64(plaintext))
fmt.Fprintf(res, "%v", crypt)

fmt.Println(encodeBase64(ckey))
fmt.Println(encodeBase64(iv))
fmt.Println(crypt)

// JavaScript代码
if (xmlhttp.readyState==4 && xmlhttp.status==200) {
var enc = {};
enc["key"] = CryptoJS.enc.Base64.parse(keyseed.substring(0,32));
enc["iv"] = CryptoJS.enc.Base64.parse("AAAAAAAAAAAAAAAAAAAAAA==");
enc["ciphertext"] = CryptoJS.enc.Base64.parse(xmlhttp.responseText);
enc["salt"] = "";
console.log("RESPONSE:", xmlhttp.responseText, atob(xmlhttp.responseText));
// 检查是否使用相同的数据
console.log(CryptoJS.enc.Base64.stringify(enc["key"]));
console.log(CryptoJS.enc.Base64.stringify(enc["iv"]));
console.log(CryptoJS.enc.Base64.stringify(enc["ciphertext"]));
var options = { keySize: 256 / 8, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, iv: enc["iv"] };
de = CryptoJS.AES.decrypt(enc, enc["key"], options);
document.getElementById(target).innerHTML = de.toString();
console.log(de.toString(CryptoJS.enc.Utf8));
console.log("DECRYPTION FINISHED");
}

英文:

Been working for days trying to get Golang AES-CBC to CryptoJS working (or vice-versa), I fixed most of the errors but not getting decryption even though i have confirmed the key, iv, ciphertext is the same on both ends.

There must be someone who knows, there is no working example anywhere on the net for this...

//golang

    if a == "test64bytes" {
    	output = "AAAAAAAABBBBBBBBCCCCCCCCDDDDDDDDAAAAAAAABBBBBBBBCCCCCCCCDDDDDDDD"
    }
    // encrypt ajax response
    iv := decodeBase64("AAAAAAAAAAAAAAAAAAAAAA==")
    ciphertext := []byte(output)
    ckey := decodeBase64(string(PLAINkey[0:32]))
    
    c, err := aes.NewCipher(ckey)
    cfbdec := cipher.NewCBCDecrypter(c, iv)
    plaintext := make([]byte, len(ciphertext))
    cfbdec.CryptBlocks(plaintext, ciphertext)
    crypt := string(encodeBase64(plaintext))
    fmt.Fprintf(res, "%v", crypt)
    
    fmt.Println(encodeBase64(ckey))
    fmt.Println(encodeBase64(iv))
    fmt.Println(crypt)

// javascript

    if (xmlhttp.readyState==4 && xmlhttp.status==200)
    				{
    					var enc = {};
    					enc["key"] = CryptoJS.enc.Base64.parse(keyseed.substring(0,32));
    					enc["iv"] = CryptoJS.enc.Base64.parse("AAAAAAAAAAAAAAAAAAAAAA==");
    					enc["ciphertext"] = CryptoJS.enc.Base64.parse(xmlhttp.responseText);
    					enc["salt"] = "";
    					console.log("RESPONSE:", xmlhttp.responseText, atob(xmlhttp.responseText));
                                      // check i'm using same data
    					console.log(CryptoJS.enc.Base64.stringify(enc["key"]));
    					console.log(CryptoJS.enc.Base64.stringify(enc["iv"]));
    					console.log(CryptoJS.enc.Base64.stringify(enc["ciphertext"]));
    					var options = { keySize: 256 / 8, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, iv: enc["iv"] };
    					de = CryptoJS.AES.decrypt(enc, enc["key"], options);
    					document.getElementById(target).innerHTML = de.toString();
    					console.log(de.toString(CryptoJS.enc.Utf8));
    					console.log("DECRYPTION FINISHED");
    				}

答案1

得分: 6

经过系统地尝试所有可能的AES配置,我现在可以解密我的文本...

...在这个示例中,我使用一个空的iv("AAAAAAAAAAAAAAAAAAAAAA==")。
如果你使用不同的iv,在加密时它将成为明文的第一个块...

Go > CryptoJS

// Go

plaintext := []byte("THIS NEEDS TO BE MULTIPLE OF BLOCK LENGTH (16) I THINK")
// encrypt ajax response
iv := decodeBase64("AAAAAAAAAAAAAAAAAAAAAA==")
ckey := decodeBase64(string(PLAINkey[0:32]))

c, err := aes.NewCipher(ckey)
cfbdec := cipher.NewCBCEncrypter(c, iv)
ciphertext := make([]byte, len(plaintext))
cfbdec.CryptBlocks(ciphertext, plaintext)
crypt := string(encodeBase64(ciphertext))
fmt.Fprintf(res, "%v", crypt)

// JavaScript Ajax

if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
    var symkey = keyseed.substring(0,32);
    var cipherParams = CryptoJS.lib.CipherParams.create({ ciphertext: CryptoJS.enc.Base64.parse(xmlhttp.responseText) });
    var options = { mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.NoPadding, iv: CryptoJS.enc.Base64.parse("AAAAAAAAAAAAAAAAAAAAAA==") };
    de = CryptoJS.AES.decrypt(cipherParams, CryptoJS.enc.Base64.parse(symkey), options);
    document.getElementById(target).innerHTML = de.toString(CryptoJS.enc.Utf8);
    console.log("DECRYPTION FINISHED");
}
英文:

After methodically trying all possible AES configurations I can now decrypt my text..

...using a blank iv ("AAAAAAAAAAAAAAAAAAAAAA==") for this example. If you use a different one it will become the first block of plaintext when encrypting...

Go > CryptoJS

// Go

plaintext := []byte("THIS NEEDS TO BE MULTIPLE OF BLOCK LENGTH (16) I THINK")
// encrypt ajax response
iv := decodeBase64("AAAAAAAAAAAAAAAAAAAAAA==")
ckey := decodeBase64(string(PLAINkey[0:32]))

c, err := aes.NewCipher(ckey)
cfbdec := cipher.NewCBCEncrypter(c, iv)
ciphertext := make([]byte, len(plaintext))
cfbdec.CryptBlocks(ciphertext, plaintext)
crypt := string(encodeBase64(ciphertext))
fmt.Fprintf(res, "%v", crypt)

// JavaScript Ajax

if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
	var symkey = keyseed.substring(0,32);
	var cipherParams = CryptoJS.lib.CipherParams.create({ ciphertext: CryptoJS.enc.Base64.parse(xmlhttp.responseText) });
    var options = { mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.NoPadding, iv: CryptoJS.enc.Base64.parse("AAAAAAAAAAAAAAAAAAAAAA==") };
    de = CryptoJS.AES.decrypt(cipherParams, CryptoJS.enc.Base64.parse(symkey), options);
    document.getElementById(target).innerHTML = de.toString(CryptoJS.enc.Utf8);
    console.log("DECRYPTION FINISHED");
}

huangapple
  • 本文由 发表于 2014年4月30日 03:34:07
  • 转载请务必保留本文链接:https://go.coder-hub.com/23373696.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定