2021年6月19日 04:04:31go评论78阅读模式

英文:

AES-256-GCM Encryption from Ruby & Decryption with Golang

问题

我可以帮你翻译这段代码。以下是翻译的结果：

我在Ruby中使用aes-256-gcm进行加密。

require 'openssl'
key = "972ec8dd995743d981417981ac2f30db"
iv = "6a825c25ea74"
auth_data = "73f6828fc5be"
plaintext = "John Doe play foo bar"

cipher = OpenSSL::Cipher.new('aes-256-gcm')
cipher.encrypt
cipher.iv = iv
cipher.key = key
cipher.auth_data = auth_data
cipherText = cipher.update(plaintext) + cipher.final
authTag = cipher.auth_tag
hexString = (cipherText + iv + authTag).unpack('H*').first

hexString的结果如下：

fa03a24cad007ceaadc34c22edff943cb58fe514ed36613832356332356561373425f6bc5724b956daae151c8d78a21263

我想在Go中对其进行解密。

key := "972ec8dd995743d981417981ac2f30db"
iv := "6a825c25ea74"
authData := "73f6828fc5be"
hexString, _ := hex.DecodeString("fa03a24cad007ceaadc34c22edff943cb58fe514ed36613832356332356561373425f6bc5724b956daae151c8d78a21263")

block, err := aes.NewCipher([]byte(key))
if err != nil {
    panic(err.Error())
}

aesgcm, err := cipher.NewGCM(block)
if err != nil {
    panic(err.Error())
}

plaintext, err := aesgcm.Open(nil, []byte(iv), hexString, []byte(authData))
if err != nil {
    panic(err.Error())
}

我得到了cipher: message authentication failed的错误。我也不明白在Go语言中的authData是什么意思，在这个链接https://golang.org/pkg/crypto/cipher/#NewGCM 中找不到相关信息。

英文:

I have an encryption in Ruby with aes-256-gcm

require &#39;openssl&#39;
key = &quot;972ec8dd995743d981417981ac2f30db&quot;
iv = &quot;6a825c25ea74&quot;
auth_data = &quot;73f6828fc5be&quot;
plaintext = &quot;John Doe play foo bar&quot;

cipher = OpenSSL::Cipher.new(&#39;aes-256-gcm&#39;)
cipher.encrypt
cipher.iv = iv
cipher.key = key
cipher.auth_data = auth_data
cipherText = cipher.update(plaintext) + cipher.final
authTag = cipher.auth_tag
hexString = (cipherText + iv + authTag).unpack(&#39;H*&#39;).first

the hextString result looks like

fa03a24cad007ceaadc34c22edff943cb58fe514ed36613832356332356561373425f6bc5724b956daae151c8d78a21263

I want to decrypt it in Go

key := &quot;972ec8dd995743d981417981ac2f30db&quot;
iv := &quot;6a825c25ea74&quot;
authData := &quot;73f6828fc5be&quot;
hexString, _ := hex.DecodeString(&quot;fa03a24cad007ceaadc34c22edff943cb58fe514ed36613832356332356561373425f6bc5724b956daae151c8d78a21263&quot;)

block, err := aes.NewCipher([]byte(key))
if err != nil {
    panic(err.Error())
}

aesgcm, err := cipher.NewGCM(block)
if err != nil {
	panic(err.Error())
}

plaintext, err := aesgcm.Open(nil, []byte(iv), hexString, []byte(authData))
if err != nil {
	panic(err.Error())
}

I got cipher: message authentication failed.
and Also I don't get the point about authData in golang, I can't fine it in here https://golang.org/pkg/crypto/cipher/#NewGCM

答案1

得分: 4

随机数（iv）不应该出现在密文的中间。你想要的十六进制编码输出只是cipherText + authTag。由于随机数必须与密文一起发送，通常在密文前面加上随机数前缀，但在解密消息之前必须将其去掉（还要注意，你的key、iv和auth_data值似乎是十六进制字符串，但它们被用作原始字节，这可能导致一些混淆）。

将消息的字节重新排列以在随机数前面添加前缀，得到以下示例：https://play.golang.org/p/YV5FugSyM5_G

key := []byte("972ec8dd995743d981417981ac2f30db")
authData := []byte("73f6828fc5be")

msg, err := hex.DecodeString("366138323563323565613734fa03a24cad007ceaadc34c22edff943cb58fe514ed25f6bc5724b956daae151c8d78a21263")

block, err := aes.NewCipher([]byte(key))
if err != nil {
    log.Fatal(err)
}

aesgcm, err := cipher.NewGCM(block)
if err != nil {
    log.Fatal(err)
}

sz := aesgcm.NonceSize()
nonce, cipherText := msg[:sz], msg[sz:]

pt, err := aesgcm.Open(nil, nonce, cipherText, authData)
if err != nil {
    log.Fatal(err)
}

fmt.Printf("%q\n", pt)

// 输出: "John Doe play foo bar"

希望对你有所帮助！

英文:

The nonce (iv) does not belong in the middle of the ciphertext. The hex-encoded output you want here from the ruby example is only the cipherText + authTag. Since the nonce must be sent along with the ciphertext, it is common to prefix the ciphertext with the nonce if you so choose, but you must trim that off before deciphering the message. (Also note that your key, iv and auth_data values appear to be hex strings, but they are being used as raw bytes which may be adding to some of the confusion).

Re-arranging the bytes of the message to prepend the nonce, gives us this example: https://play.golang.org/p/YV5FugSyM5_G

key := []byte(&quot;972ec8dd995743d981417981ac2f30db&quot;)
authData := []byte(&quot;73f6828fc5be&quot;)

msg, err := hex.DecodeString(&quot;366138323563323565613734fa03a24cad007ceaadc34c22edff943cb58fe514ed25f6bc5724b956daae151c8d78a21263&quot;)

block, err := aes.NewCipher([]byte(key))
if err != nil {
	log.Fatal(err)
}

aesgcm, err := cipher.NewGCM(block)
if err != nil {
	log.Fatal(err)
}

sz := aesgcm.NonceSize()
nonce, cipherText := msg[:sz], msg[sz:]

pt, err := aesgcm.Open(nil, nonce, cipherText, authData)
if err != nil {
	log.Fatal(err)
}

fmt.Printf(&quot;%q\n&quot;, pt)

> "John Doe play foo bar"

答案2

得分: 0

这是对我有效的方法。我最初使用attr_encrypted gem来加密信息。

package main

import (
	"crypto/aes"
	"crypto/cipher"
	"encoding/base64"
	"fmt"
	"log"
)

func main() {
  // data: "7621276423"
  // encrypted_data: "Hz1HXFTfSyucPvy3iDoY1F4O5YmAx2skRa4="
  // encrypted_data_iv: "Ezk8f3+944gs4x5E"
  // license_key: "iUPGMBmppYA92kbciS5fIUe7gRcx6G025haOeAmEjU4="

  cipherText, err := base64.StdEncoding.DecodeString("Hz1HXFTfSyucPvy3iDoY1F4O5YmAx2skRa4=")
  nonce, err := base64.StdEncoding.DecodeString("Ezk8f3+944gs4x5E")
  key, err := base64.StdEncoding.DecodeString("iUPGMBmppYA92kbciS5fIUe7gRcx6G025haOeAmEjU4=")

	block, err := aes.NewCipher([]byte(key))
	if err != nil {
		log.Fatal(err)
	}

	aesgcm, err := cipher.NewGCM(block)
	if err != nil {
		log.Fatal(err)
	}

	pt, err := aesgcm.Open(nil, nonce, cipherText, nil)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Printf("%q\n", pt)
}

// "123456789";

英文:

This is what worked for me. I originally used the attr_encrypted gem to encrypt the information.

package main

import (
	&quot;crypto/aes&quot;
	&quot;crypto/cipher&quot;
    &quot;encoding/base64&quot;
	&quot;fmt&quot;
	&quot;log&quot;
)

func main() {
  // data: &quot;7621276423&quot;
  // encrypted_data: &quot;Hz1HXFTfSyucPvy3iDoY1F4O5YmAx2skRa4=&quot;
  // encrypted_data_iv: &quot;Ezk8f3+944gs4x5E&quot;
  // license_key: &quot;iUPGMBmppYA92kbciS5fIUe7gRcx6G025haOeAmEjU4=&quot;

  cipherText, err := base64.StdEncoding.DecodeString(&quot;Hz1HXFTfSyucPvy3iDoY1F4O5YmAx2skRa4=&quot;)
  nonce, err := base64.StdEncoding.DecodeString(&quot;Ezk8f3+944gs4x5E&quot;)
  key, err := base64.StdEncoding.DecodeString(&quot;iUPGMBmppYA92kbciS5fIUe7gRcx6G025haOeAmEjU4=&quot;)

	block, err := aes.NewCipher([]byte(key))
	if err != nil {
		log.Fatal(err)
	}

	aesgcm, err := cipher.NewGCM(block)
	if err != nil {
		log.Fatal(err)
	}

	pt, err := aesgcm.Open(nil, nonce, cipherText, nil)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Printf(&quot;%q\n&quot;, pt)
}

// &quot;123456789&quot;

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

从Ruby进行AES-256-GCM加密，使用Golang进行解密

问题

答案1

答案2

How can I get the top path of glob path?

在GoLang中使用viper更改配置项的值。

包不在 GOROOT 中。

Further clarification required regarding difference between unbuffered channel (i.e. capacity 0) vs buffered channel of capacity 1 in Golang

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论