Encrypt File from browser AES-GCM

huangapple
go评论92阅读模式
英文:

Encrypt File from browser AES-GCM

问题

我使用AES GCM加密和解密文件时遇到了问题,我使用以下代码进行加密/解密:

我尝试了许多库,但它们没有解决我的问题。

  1. var FileSaver = require("file-saver");
  3. export function formatBytes(bytes) {
  4.   // ...
  5. }
  7. export const encryptFile = async (key, iv, file) => {
  8.   // ...
  9. };
  11. // ...

文件可以加密/解密,但它们可以使用任何密码解密,即使与加密时使用的密码不匹配。我在这里漏掉了什么?

英文:

I have a problem with encrypting and decrypting files with AES GCM, I encrypt/decrypt my files with this code:

I tried many some libraries but they didnt solve my problem.

  1. var FileSaver = require("file-saver");
  3. export function formatBytes(bytes) {
  4.   var marker = 1024; // Change to 1000 if required
  5.   var decimal = 3; // Change as required
  6.   var kiloBytes = marker; // One Kilobyte is 1024 bytes
  7.   var megaBytes = marker * marker; // One MB is 1024 KB
  8.   var gigaBytes = marker * marker * marker; // One GB is 1024 MB
  10.   // return bytes if less than a KB
  11.   if (bytes < kiloBytes) return bytes + " Bytes";
  12.   // return KB if less than a MB
  13.   else if (bytes < megaBytes)
  14.     return (bytes / kiloBytes).toFixed(decimal) + " KB";
  15.   // return MB if less than a GB
  16.   else if (bytes < gigaBytes)
  17.     return (bytes / megaBytes).toFixed(decimal) + " MB";
  18.   // return GB if less than a TB
  19.   else return (bytes / gigaBytes).toFixed(decimal) + " GB";
  20. }
  22. export const encryptFile = async (key, iv, file) => {
  23.   return await window.crypto.subtle.encrypt(
  24.     {
  25.       name: "AES-GCM",
  26.       iv: iv
  27.     },
  28.     key,
  29.     file
  30.   );
  31. };
  33. /*
  34.   Get some key material to use as input to the deriveKey method.
  35.   The key material is a password supplied by the user.
  36.   */
  37. export const getKeyMaterial = async (password) => {
  38.   let enc = new TextEncoder();
  39.   return window.crypto.subtle.importKey(
  40.     "raw",
  41.     enc.encode(password),
  42.     { name: "PBKDF2" },
  43.     false,
  44.     ["deriveBits", "deriveKey"]
  45.   );
  46. };
  48. /*
  49. Given some key material and some random salt
  50. derive an AES-GCM key using PBKDF2.
  51. */
  52. export const getKey = async (keyMaterial, salt) => {
  53.   return window.crypto.subtle.deriveKey(
  54.     {
  55.       name: "PBKDF2",
  56.       salt: salt,
  57.       iterations: 100000,
  58.       hash: "SHA-256"
  59.     },
  60.     keyMaterial,
  61.     { name: "AES-GCM", length: 256 },
  62.     true,
  63.     ["encrypt", "decrypt"]
  64.   );
  65. };
  67. // get the iv which is similar the salt value used for encryption
  68. export const getiv = () => {
  69.   return window.crypto.getRandomValues(new Uint8Array(12));
  70. };
  72. // load the file in the memory
  73. export const getFile = async (inputFile) => {
  74.   return await inputFile.arrayBuffer();
  75. };
  77. export const decryptFile = (iv, key, cipherText) => {
  78.   return window.crypto.subtle.decrypt(
  79.     {
  80.       name: "AES-GCM",
  81.       iv: iv
  82.     },
  83.     key,
  84.     cipherText
  85.   );
  86. };
  88. export const getDigest = (uid) => {
  89.   let enc = new TextEncoder();
  91.   return crypto.subtle.digest("SHA-256", enc.encode(uid));
  92. };
  94. export const startEncryption = async (file, password) => {
  95.   console.log(file, password);
  96.   let digest = getDigest(password);
  97.   let rawFile = getFile(file);
  98.   let keyMaterial = getKeyMaterial();
  99.   Promise.all([digest, rawFile, keyMaterial]).then((values) => {
  100.     console.log(values);
  101.     let salt = new Uint8Array(
  102.       "12345678".match(/[\da-f]{2}/gi).map(function (h) {
  103.         return parseInt(h, 16);
  104.       })
  105.     );
  107.     let iv = new Uint8Array(
  108.       "4142434445464748494a4b4c4d4e4f50"
  109.         .match(/[\da-f]{2}/gi)
  110.         .map(function (h) {
  111.           return parseInt(h, 16);
  112.         })
  113.     );
  114.     // generate a crypto key
  115.     getKey(values[2], salt).then((resp) => {
  116.       console.log(resp);
  117.       encryptFile(resp, iv, values[1]).then((cipherText) => {
  118.         let fileBlob = new Blob([cipherText], { type: file.type });
  119.         FileSaver.saveAs(fileBlob, file.name);
  120.       });
  121.     });
  122.   });
  123. };
  125. export const startDecryption = (cipherText, password) => {
  126.   let keyMaterial = getKeyMaterial();
  127.   let digest = getDigest(password);
  128.   let rawFile = getFile(cipherText);
  129.   Promise.all([digest, rawFile, keyMaterial]).then((values) => {
  130.     let salt = new Uint8Array(
  131.       "12345678".match(/[\da-f]{2}/gi).map(function (h) {
  132.         return parseInt(h, 16);
  133.       })
  134.     );
  136.     let iv = new Uint8Array(
  137.       "4142434445464748494a4b4c4d4e4f50"
  138.         .match(/[\da-f]{2}/gi)
  139.         .map(function (h) {
  140.           return parseInt(h, 16);
  141.         })
  142.     );
  144.     // generate a crypto key
  145.     getKey(values[2], salt).then((resp) => {
  146.       decryptFile(iv, resp, values[1]).then((file) => {
  147.         let fileBlob = new Blob(
    下载地址
    , { type: file.type });
  148.         FileSaver.saveAs(fileBlob, file.name);
  149.       });
  150.     });
  151.   });
  152. };

Files can be encrypt/decrypted but they can be decrypted with any password even if it doesnt match the password it encrypted with.
What am i missing here?

答案1

得分: 2

你调用了getKeyMaterial(),但没有提供密码,因此它始终是未定义的。
尝试使用getKeyMaterial(password);

英文:

you call getKeyMaterial() without the password, so its always undefined.
try getKeyMaterial(password);

huangapple
  • 本文由 发表于 2023年2月16日 02:15:32
  • 转载请务必保留本文链接:https://go.coder-hub.com/75463909.html
  • aes-gcm
  • cryptography
  • javascript
  • reactjs
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定