如何在golang中解密使用nodejs加密的AES256位密码?

huangapple go评论81阅读模式
英文:

How do I decrypt an AES256 bit cipher in golang that was encrypted in nodejs?

问题

我使用Node.js对字符串进行了加密,代码如下:

var cipher = crypto.createCipheriv(
    "aes256",
    "<A Buffer of length 32>",
    "79b67e539e7fcaefa7abf167de5c06ed"
);

我注意到在Node.js中,缓冲区(Buffer)的表示方式类似于十六进制,但是每两个连续的字符是一对。因此,缓冲区的长度是将其转换为十六进制后长度的一半。

例如:

缓冲区:

<Buffer c3 80 36 f6 51 57 cb 6d b0 e8 fd 85 5a a2 8a da 07 4b e7 19 17 d1 c8 ee dc 2a e4 d8 5e 3c 9d a6>

十六进制:

c38036f65157cb6db0e8fd855aa28ada074be71917d1c8eedc2ae4d85e3c9da6

现在,我使用aes256的密钥长度不能为64。在这里,缓冲区的长度是32,而十六进制的长度是64。

我想在Golang中解密这个密文,我需要使用这个密钥和初始化向量(IV)来解密它。

在Golang中,aes的长度取决于密钥的大小,当它看到长度为64的密钥时,会抛出一个错误,提示“无效的密钥长度”。

如何在Golang中解密它?这是我目前在Golang中的程序:链接

package main

import (
	"crypto/aes"
	"crypto/cipher"
	"fmt"
	"log"
)

func main() {

	encKey := "c38036f65157cb6db0e8fd855aa28ada074be71917d1c8eedc2ae4d85e3c9da6"
	iv := "79b67e539e7fcaefa7abf167de5c06ed"
	cipherText := "c02eccfc514a0b7fae830586dd56e0fcebb81fc49f41fa6dedf099c3645793bef7ec7075eca30063f9c0ef395d5ee2d44e4f3490114280abb7cf86d6eb525e2ec9bd2b781388986480f8b3df95f7b10e"

	block, err := aes.NewCipher([]byte(encKey))
	if err != nil {
		log.Fatalf("%s", err)
	}

	decrypter := cipher.NewCFBDecrypter(block, []byte(iv))

	decrypted := make([]byte, 1000)
	decrypter.XORKeyStream(decrypted, []byte(cipherText))

	fmt.Printf("%s\n", string(decrypted))

}

希望对你有所帮助!

英文:

I encrypted a string in Node.js like this.

var cipher = crypto.createCipheriv(
&quot;aes256&quot;,
&quot;&lt;A Buffer of length 32&gt;&quot;,
&quot;79b67e539e7fcaefa7abf167de5c06ed&quot;  
);

I noticed that a buffer in nodejs is like hex but every 2 consecutive characters are paired. So, It's length is half of whatever will come out if I convert it to a hex.

Example:

Buffer:

&lt;Buffer c3 80 36 f6 51 57 cb 6d b0 e8 fd 85 5a a2 8a da 07 4b e7 19 17 d1 c8 ee dc 2a e4 d8 5e 3c 9d a6&gt;

Hex:

c38036f65157cb6db0e8fd855aa28ada074be71917d1c8eedc2ae4d85e3c9da6

Now, The key I use in aes256 can not be of length 64. Here, Buffer's length is 32 and hex's length is 64.

I want to decrypt this cipher in golang and I'll have to use this key and iv to decrypt it.

aes in golang takes a length depending upon the size of key and when it sees a key of length 64 it throws an error that says, Invalid key length.

How do I decrypt it in golang? There is my current program in go: https://play.golang.org/p/SoXOz3XIPK

package main

import (
	&quot;crypto/aes&quot;
	&quot;crypto/cipher&quot;
	&quot;fmt&quot;
	&quot;log&quot;
)

func main() {

	encKey := &quot;c38036f65157cb6db0e8fd855aa28ada074be71917d1c8eedc2ae4d85e3c9da6&quot;
	iv := &quot;79b67e539e7fcaefa7abf167de5c06ed&quot;
	cipherText := &quot;c02eccfc514a0b7fae830586dd56e0fcebb81fc49f41fa6dedf099c3645793bef7ec7075eca30063f9c0ef395d5ee2d44e4f3490114280abb7cf86d6eb525e2ec9bd2b781388986480f8b3df95f7b10e&quot;

	block, err := aes.NewCipher([]byte(encKey))
	if err != nil {
		log.Fatalf(&quot;%s&quot;, err)
	}

	decrypter := cipher.NewCFBDecrypter(block, []byte(iv))

	decrypted := make([]byte, 1000)
	decrypter.XORKeyStream(decrypted, []byte(cipherText))

	fmt.Printf(&quot;%s\n&quot;, string(decrypted))

}

答案1

得分: 4

我用@osgx的帮助解决了这个问题。

以下是我需要更改以正确解密的内容:

  1. 解码我使用的所有十六进制字符串。

  2. 我查看了Node.js文档,并且密码方法/算法使用与openssl类似的命名方案。所以,我运行了这个命令openssl list-cipher-algorithms | grep "AES256",得到了这样的输出:AES256 => AES-256-CBC,这意味着,如果我在Node.js中使用aes256,实际上会执行aes-256-cbc。然后我检查了我的Golang代码,发现我使用的是aes-256-cfb,这是错误的。所以,我进行了更改,并使用了一个cbc解密器。

更改这两个地方会得到正确的结果。

非常感谢@osgx的帮助。

我的更新代码如下:

package main

import (
	"crypto/aes"
	"crypto/cipher"
	"encoding/hex"
	"fmt"
)

func main() {

	encKey := "c38036f65157cb6db0e8fd855aa28ada074be71917d1c8eedc2ae4d85e3c9da6"
	iv := "79b67e539e7fcaefa7abf167de5c06ed"
	cipherText := "c02eccfc514a0b7fae830586dd56e0fcebb81fc49f41fa6dedf099c3645793bef7ec7075eca30063f9c0ef395d5ee2d44e4f3490114280abb7cf86d6eb525e2ec9bd2b781388986480f8b3df95f7b10e"

	encKeyDecoded, err := hex.DecodeString(encKey)
	if err != nil {
		panic(err)
	}
	cipherTextDecoded, err := hex.DecodeString(cipherText)
	if err != nil {
		panic(err)
	}
	ivDecoded, err := hex.DecodeString(iv)
	if err != nil {
		panic(err)
	}
	block, err := aes.NewCipher([]byte(encKeyDecoded))
	if err != nil {
		panic(err)
	}

	mode := cipher.NewCBCDecrypter(block, []byte(ivDecoded))

	mode.CryptBlocks([]byte(cipherTextDecoded), []byte(cipherTextDecoded))

	fmt.Println(string(cipherTextDecoded))
}

链接:https://play.golang.org/p/Zv24WoKtBY

英文:

I solved this problem with help from @osgx

These are the things that I needed to change to decrypt correctly.

  1. Decode all hex strings that I was using.

  2. I checked nodejs documentation and the cipher methods/algorithms use similar naming scheme as openssl. So, I ran this command openssl list-cipher-algorithms | grep &quot;AES256&quot;and I got an output like this, AES256 =&gt; AES-256-CBC which means that, if I am using aes256 in nodejs, It'll really be doing aes-256-cbc. Then I checked my golang code and I was using aes-256-cfb which is wrong. So, I changed that and used a cbc decrypter.

Changing these two things gives proper results.

Thank you so much for the help @osgx.

My updated code is:

package main

import (
	&quot;crypto/aes&quot;
	&quot;crypto/cipher&quot;
	&quot;encoding/hex&quot;
	&quot;fmt&quot;

)

func main() {

	encKey := &quot;c38036f65157cb6db0e8fd855aa28ada074be71917d1c8eedc2ae4d85e3c9da6&quot;
	iv := &quot;79b67e539e7fcaefa7abf167de5c06ed&quot;
	cipherText := &quot;c02eccfc514a0b7fae830586dd56e0fcebb81fc49f41fa6dedf099c3645793bef7ec7075eca30063f9c0ef395d5ee2d44e4f3490114280abb7cf86d6eb525e2ec9bd2b781388986480f8b3df95f7b10e&quot;

	encKeyDecoded, err := hex.DecodeString(encKey)
	if err != nil {
		panic(err)
	}
	cipherTextDecoded, err := hex.DecodeString(cipherText)
	if err != nil {
		panic(err)
	}
	ivDecoded, err := hex.DecodeString(iv)
	if err != nil {
		panic(err)
	}
	block, err := aes.NewCipher([]byte(encKeyDecoded))
	if err != nil {
		panic(err)
	}

	mode := cipher.NewCBCDecrypter(block, []byte(ivDecoded))

	mode.CryptBlocks([]byte(cipherTextDecoded), []byte(cipherTextDecoded))

	fmt.Println(string(cipherTextDecoded))
}

https://play.golang.org/p/Zv24WoKtBY

huangapple
  • 本文由 发表于 2017年6月12日 19:50:21
  • 转载请务必保留本文链接:https://go.coder-hub.com/44498745.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定