2022年8月24日 02:19:02go评论106阅读模式

英文:

How I can decode aes-256-cfb

问题

我可以帮你翻译这段代码。以下是翻译的结果：

package main

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/sha256"
	"log"
	"os"
)

func main() {
	fiencpkg, err := os.ReadFile("encpkg")
	if err != nil {
		log.Println(err)
		os.Exit(1)
	}

	fiencpass, err := os.ReadFile("encpass")
	if err != nil {
		log.Println(err)
		os.Exit(1)
	}

	keyb := sha256.Sum256(fiencpass)
	block, err := aes.NewCipher(keyb[:])
	if err != nil {
		panic(err)
	}

	if len(fiencpkg) < aes.BlockSize {
		panic("data too short")
	}

	iv := fiencpkg[:aes.BlockSize]
	decdata := fiencpkg[aes.BlockSize:]
	stream := cipher.NewCFBDecrypter(block, iv)

	stream.XORKeyStream(decdata, fiencpkg[aes.BlockSize:])
	os.WriteFile("x_go.txz", decdata, 0777)

}

希望对你有帮助！

英文:

How I can decode aes-256-cfb?

I have file encoded by aes-256-cfb, when I use openssl command

openssl enc -d -aes-256-cfb -salt -pbkdf2 -pass file:encpass -out x.txz -in encpkg

this file is decrypted without any problem,but when I try to decrypt this file by golang, I always get incorrect file, I don't know what my problem is and I hope to find help

my code:

package main

import (
	&quot;crypto/aes&quot;
	&quot;crypto/cipher&quot;
	&quot;crypto/sha256&quot;
	&quot;log&quot;
	&quot;os&quot;
)

func main() {
	fiencpkg, err := os.ReadFile(&quot;encpkg&quot;)
	if err != nil {
		log.Println(err)
		os.Exit(1)
	}

	fiencpass, err := os.ReadFile(&quot;encpass&quot;)
	if err != nil {
		log.Println(err)
		os.Exit(1)
	}

	keyb := sha256.Sum256(fiencpass)
	block, err := aes.NewCipher(keyb[:])
	if err != nil {
		panic(err)
	}

	if len(fiencpkg) &lt; aes.BlockSize {
		panic(&quot;data too short&quot;)
	}

	iv := fiencpkg[:aes.BlockSize]
	decdata := fiencpkg[aes.BlockSize:]
	stream := cipher.NewCFBDecrypter(block, iv)

	stream.XORKeyStream(decdata, fiencpkg[aes.BlockSize:])
	os.WriteFile(&quot;x_go.txz&quot;, decdata, 0777)

}

答案1

得分: 1

在OpenSSL语句中，-pbkdf2选项会导致使用PBKDF2密钥派生算法：
在加密过程中，会生成一个随机的8字节盐值，并且使用该密钥派生算法来确定密钥和初始化向量（IV），该过程使用密码和盐值作为输入。
由于解密过程需要盐值，OpenSSL语句会将盐值和密文连接在一起，并在前缀中使用Salted__进行标识。

因此，在解密过程中，首先需要将盐值和密文分开：

salt := fiencpkg[8:16]
ciphertext := fiencpkg[16:]

然后可以使用PBKDF2来派生密钥和初始化向量，例如使用pbkdf2包：

keyIv := pbkdf2.Key(fiencpass, salt, 10000, 48, sha256.New)
key := keyIv[0:32]
iv := keyIv[32:48]

注意，默认的迭代次数和摘要算法是OpenSSL的默认值，即10000次迭代和SHA256摘要算法。由于加密使用的是AES-256-CFB算法，因此需要生成48字节的数据（32字节用于密钥，16字节用于初始化向量）。

确定了密钥和初始化向量之后，可以像通常一样进行解密操作。

完整代码：

package main

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/sha256"
	"log"
	"os"
	
	"golang.org/x/crypto/pbkdf2"
)

func main() {
	fiencpkg, err := os.ReadFile("encpkg")
	if err != nil {
		log.Println(err)
		os.Exit(1)
	}

	salt := fiencpkg[8:16]
	ciphertext := fiencpkg[16:]

	fiencpass, err := os.ReadFile("encpass")
	if err != nil {
		log.Println(err)
		os.Exit(1)
	}

	keyIv := pbkdf2.Key(fiencpass, salt, 10000, 48, sha256.New)
	key := keyIv[0:32]
	iv := keyIv[32:48]

	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}

	stream := cipher.NewCFBDecrypter(block, iv)
	stream.XORKeyStream(ciphertext, ciphertext)
	os.WriteFile("x_go.txz", ciphertext, 0777)
}

英文:

The -pbkdf2 option in the OpenSSL statement causes the PBKDF2 key derivation to be used:<br>
During encryption, a random 8 bytes salt is generated, and together with the password, the key and IV are determined using this key derivation.<br>
Since the salt is needed for decryption, the OpenSSL statement concatenates salt and ciphertext and indicates this with the prefix Salted__.

Thus, during decryption, salt and ciphertext must first be separated:

salt := fiencpkg[8:16]
ciphertext := fiencpkg[16:]

Then key and IV can be derived via PBKDF2 using e.g. the pbkdf2 package:

keyIv := pbkdf2.Key(fiencpass, salt, 10000, 48, sha256.New)
key := keyIv[0:32]
iv := keyIv[32:48]

Note the OpenSSL default values 10000 and SHA256 for iteration count and digest. Since the encryption was done with AES-256-CFB 48 bytes have to be generated (32 bytes for the key, 16 bytes for the IV).

After determining key and IV, decryption can be performed as usual.

Full code:

package main

import (
	&quot;crypto/aes&quot;
	&quot;crypto/cipher&quot;
	&quot;crypto/sha256&quot;
	&quot;log&quot;
	&quot;os&quot;
	
	&quot;golang.org/x/crypto/pbkdf2&quot;
)

func main() {
	fiencpkg, err := os.ReadFile(&quot;encpkg&quot;)
	if err != nil {
		log.Println(err)
		os.Exit(1)
	}

	salt := fiencpkg[8:16]
	ciphertext := fiencpkg[16:]

	fiencpass, err := os.ReadFile(&quot;encpass&quot;)
	if err != nil {
		log.Println(err)
		os.Exit(1)
	}

	keyIv := pbkdf2.Key(fiencpass, salt, 10000, 48, sha256.New)
	key := keyIv[0:32]
	iv := keyIv[32:48]

	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}

	stream := cipher.NewCFBDecrypter(block, iv)
	stream.XORKeyStream(ciphertext, ciphertext)
	os.WriteFile(&quot;x_go.txz&quot;, ciphertext, 0777)
}

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

如何解码 aes-256-cfb？

问题

答案1

为什么在Elasticsearch慢查询中，took_millis和timeout之间的时间成本很大？

如何获取标签的内部HTML或纯文本？

无法将 res.Data（类型为 []twitterstream.rulesResponseValue）转换为类型 []byte。

为什么下面这两段代码会在Golang中引发逃逸？

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论