英文:
AES-256-GCM Encryption from Ruby & Decryption with Golang
问题
我可以帮你翻译这段代码。以下是翻译的结果:
我在Ruby中使用aes-256-gcm
进行加密。
require 'openssl'
key = "972ec8dd995743d981417981ac2f30db"
iv = "6a825c25ea74"
auth_data = "73f6828fc5be"
plaintext = "John Doe play foo bar"
cipher = OpenSSL::Cipher.new('aes-256-gcm')
cipher.encrypt
cipher.iv = iv
cipher.key = key
cipher.auth_data = auth_data
cipherText = cipher.update(plaintext) + cipher.final
authTag = cipher.auth_tag
hexString = (cipherText + iv + authTag).unpack('H*').first
hexString的结果如下:
fa03a24cad007ceaadc34c22edff943cb58fe514ed36613832356332356561373425f6bc5724b956daae151c8d78a21263
我想在Go中对其进行解密。
key := "972ec8dd995743d981417981ac2f30db"
iv := "6a825c25ea74"
authData := "73f6828fc5be"
hexString, _ := hex.DecodeString("fa03a24cad007ceaadc34c22edff943cb58fe514ed36613832356332356561373425f6bc5724b956daae151c8d78a21263")
block, err := aes.NewCipher([]byte(key))
if err != nil {
panic(err.Error())
}
aesgcm, err := cipher.NewGCM(block)
if err != nil {
panic(err.Error())
}
plaintext, err := aesgcm.Open(nil, []byte(iv), hexString, []byte(authData))
if err != nil {
panic(err.Error())
}
我得到了cipher: message authentication failed
的错误。我也不明白在Go语言中的authData是什么意思,在这个链接https://golang.org/pkg/crypto/cipher/#NewGCM 中找不到相关信息。
英文:
I have an encryption in Ruby with aes-256-gcm
require 'openssl'
key = "972ec8dd995743d981417981ac2f30db"
iv = "6a825c25ea74"
auth_data = "73f6828fc5be"
plaintext = "John Doe play foo bar"
cipher = OpenSSL::Cipher.new('aes-256-gcm')
cipher.encrypt
cipher.iv = iv
cipher.key = key
cipher.auth_data = auth_data
cipherText = cipher.update(plaintext) + cipher.final
authTag = cipher.auth_tag
hexString = (cipherText + iv + authTag).unpack('H*').first
the hextString result looks like
fa03a24cad007ceaadc34c22edff943cb58fe514ed36613832356332356561373425f6bc5724b956daae151c8d78a21263
I want to decrypt it in Go
key := "972ec8dd995743d981417981ac2f30db"
iv := "6a825c25ea74"
authData := "73f6828fc5be"
hexString, _ := hex.DecodeString("fa03a24cad007ceaadc34c22edff943cb58fe514ed36613832356332356561373425f6bc5724b956daae151c8d78a21263")
block, err := aes.NewCipher([]byte(key))
if err != nil {
panic(err.Error())
}
aesgcm, err := cipher.NewGCM(block)
if err != nil {
panic(err.Error())
}
plaintext, err := aesgcm.Open(nil, []byte(iv), hexString, []byte(authData))
if err != nil {
panic(err.Error())
}
I got cipher: message authentication failed
.
and Also I don't get the point about authData in golang, I can't fine it in here https://golang.org/pkg/crypto/cipher/#NewGCM
答案1
得分: 4
随机数(iv)不应该出现在密文的中间。你想要的十六进制编码输出只是cipherText
+ authTag
。由于随机数必须与密文一起发送,通常在密文前面加上随机数前缀,但在解密消息之前必须将其去掉(还要注意,你的key
、iv
和auth_data
值似乎是十六进制字符串,但它们被用作原始字节,这可能导致一些混淆)。
将消息的字节重新排列以在随机数前面添加前缀,得到以下示例:https://play.golang.org/p/YV5FugSyM5_G
key := []byte("972ec8dd995743d981417981ac2f30db")
authData := []byte("73f6828fc5be")
msg, err := hex.DecodeString("366138323563323565613734fa03a24cad007ceaadc34c22edff943cb58fe514ed25f6bc5724b956daae151c8d78a21263")
block, err := aes.NewCipher([]byte(key))
if err != nil {
log.Fatal(err)
}
aesgcm, err := cipher.NewGCM(block)
if err != nil {
log.Fatal(err)
}
sz := aesgcm.NonceSize()
nonce, cipherText := msg[:sz], msg[sz:]
pt, err := aesgcm.Open(nil, nonce, cipherText, authData)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%q\n", pt)
// 输出: "John Doe play foo bar"
希望对你有所帮助!
英文:
The nonce (iv) does not belong in the middle of the ciphertext. The hex-encoded output you want here from the ruby example is only the cipherText
+ authTag
. Since the nonce must be sent along with the ciphertext, it is common to prefix the ciphertext with the nonce if you so choose, but you must trim that off before deciphering the message. (Also note that your key
, iv
and auth_data
values appear to be hex strings, but they are being used as raw bytes which may be adding to some of the confusion).
Re-arranging the bytes of the message to prepend the nonce, gives us this example: https://play.golang.org/p/YV5FugSyM5_G
key := []byte("972ec8dd995743d981417981ac2f30db")
authData := []byte("73f6828fc5be")
msg, err := hex.DecodeString("366138323563323565613734fa03a24cad007ceaadc34c22edff943cb58fe514ed25f6bc5724b956daae151c8d78a21263")
block, err := aes.NewCipher([]byte(key))
if err != nil {
log.Fatal(err)
}
aesgcm, err := cipher.NewGCM(block)
if err != nil {
log.Fatal(err)
}
sz := aesgcm.NonceSize()
nonce, cipherText := msg[:sz], msg[sz:]
pt, err := aesgcm.Open(nil, nonce, cipherText, authData)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%q\n", pt)
> "John Doe play foo bar"
答案2
得分: 0
这是对我有效的方法。我最初使用attr_encrypted gem来加密信息。
package main
import (
"crypto/aes"
"crypto/cipher"
"encoding/base64"
"fmt"
"log"
)
func main() {
// data: "7621276423"
// encrypted_data: "Hz1HXFTfSyucPvy3iDoY1F4O5YmAx2skRa4="
// encrypted_data_iv: "Ezk8f3+944gs4x5E"
// license_key: "iUPGMBmppYA92kbciS5fIUe7gRcx6G025haOeAmEjU4="
cipherText, err := base64.StdEncoding.DecodeString("Hz1HXFTfSyucPvy3iDoY1F4O5YmAx2skRa4=")
nonce, err := base64.StdEncoding.DecodeString("Ezk8f3+944gs4x5E")
key, err := base64.StdEncoding.DecodeString("iUPGMBmppYA92kbciS5fIUe7gRcx6G025haOeAmEjU4=")
block, err := aes.NewCipher([]byte(key))
if err != nil {
log.Fatal(err)
}
aesgcm, err := cipher.NewGCM(block)
if err != nil {
log.Fatal(err)
}
pt, err := aesgcm.Open(nil, nonce, cipherText, nil)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%q\n", pt)
}
// "123456789";
英文:
This is what worked for me. I originally used the attr_encrypted gem to encrypt the information.
package main
import (
"crypto/aes"
"crypto/cipher"
"encoding/base64"
"fmt"
"log"
)
func main() {
// data: "7621276423"
// encrypted_data: "Hz1HXFTfSyucPvy3iDoY1F4O5YmAx2skRa4="
// encrypted_data_iv: "Ezk8f3+944gs4x5E"
// license_key: "iUPGMBmppYA92kbciS5fIUe7gRcx6G025haOeAmEjU4="
cipherText, err := base64.StdEncoding.DecodeString("Hz1HXFTfSyucPvy3iDoY1F4O5YmAx2skRa4=")
nonce, err := base64.StdEncoding.DecodeString("Ezk8f3+944gs4x5E")
key, err := base64.StdEncoding.DecodeString("iUPGMBmppYA92kbciS5fIUe7gRcx6G025haOeAmEjU4=")
block, err := aes.NewCipher([]byte(key))
if err != nil {
log.Fatal(err)
}
aesgcm, err := cipher.NewGCM(block)
if err != nil {
log.Fatal(err)
}
pt, err := aesgcm.Open(nil, nonce, cipherText, nil)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%q\n", pt)
}
// "123456789"
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论