英文:
Ruby Cipher Error on decrypting something encrypted with Java
问题
在Ruby中尝试解密时遇到错误 OpenSSL::Cipher::CipherError ()。 我观察到在Java中,IV接受了16个字节(全是零的数组),而Ruby仅限于12个字节。 我在这里遗漏了一些东西。 非常感谢您提前的帮助。
Java代码片段
SecretKey sessionKey = getSessionKey();byte[] IV = new byte[16];Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");SecretKeySpec keySpec = new SecretKeySpec(sessionKey.getEncoded(), "AES");GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(16 * 8, IV);cipher.init(Cipher.ENCRYPT_MODE, keySpec, gcmParameterSpec);byte[] encryptedText = cipher.doFinal(plaintext);responseMap.put("data", Base64.getEncoder().encodeToString(encryptedText));
Ruby代码片段
decrypted_key = "AES KEY"decode_data = Base64.strict_decode64(params["data"])cipher_text_with_auth_tag = decode_data.unpack("C*")auth_tag = cipher_text_with_auth_tag.last(16).pack("C*")cipher_text = cipher_text_with_auth_tag[0..-17].pack("c*")decipher = OpenSSL::Cipher.new('AES-256-GCM')decipher.decryptdecipher.padding = 0decipher.key = decrypted_keydecipher.iv = "\x00" * 12decipher.auth_data = ''decipher.auth_tag = auth_tagdecrypted_data = decipher.update(cipher_text) + decipher.final
英文:
I have received the encryption request from a different provider, they were using AES GCM No Padding. When I am trying to decrypt it in ruby getting an error OpenSSL::Cipher::CipherError (). I observed in Java the IV is accepting the 16 bytes(Array of Zeros) whereas ruby is limited to 12 bytes only. I am missing something here. Appreciate your help in advance
Code Snippet for Java
SecretKey sessionKey = getSessionKey();byte[] IV = new byte[16];Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");SecretKeySpec keySpec = new SecretKeySpec(sessionKey.getEncoded(), "AES");GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(16 * 8, IV);cipher.init(Cipher.ENCRYPT_MODE, keySpec, gcmParameterSpec);byte[] encryptedText = cipher.doFinal(plaintext);responseMap.put("data", Base64.getEncoder().encodeToString(encryptedText));
Code snippet for Ruby
decrypted_key = "AES KEY"decode_data = Base64.strict_decode64(params["data"])cipher_text_with_auth_tag = decode_data.unpack("C*")auth_tag = cipher_text_with_auth_tag.last(16).pack("C*")cipher_text = cipher_text_with_auth_tag[0..-17].pack("c*")decipher = OpenSSL::Cipher.new('AES-256-GCM')decipher. decryptdecipher.padding = 0decipher.key = decrypted_keydecipher.iv = "\x00" * 12decipher.auth_data = ''decipher.auth_tag = auth_tagdecrypted_data = decipher.update(cipher_text) + decipher.final
答案1
得分: 2
你可以在 OpenSSL 中使用不同的 IV/nonce 长度,但你需要先调用 iv_len=。
类似这样应该可以工作:
decipher = OpenSSL::Cipher.new('AES-256-GCM')decipher.decryptdecipher.key = key# 在设置 iv= 之前调用 iv_len=decipher.iv_len = iv_len # 例如,在你的情况下是 16decipher.iv = ivdecipher.auth_data = ''decipher.auth_tag = auth_tagdecrypted_data = decipher.update(encrypted_data) + decipher.final()
英文:
You can use a different IV/nonce length in OpenSSL, but you need to call iv_len= first.
something like this should work:
decipher = OpenSSL::Cipher.new('AES-256-GCM')decipher.decryptdecipher.key = key# Call iv_len= before iv=decipher.iv_len = iv_len # e.g. 16 in your casedecipher.iv = ivdecipher.auth_data = ''decipher.auth_tag = auth_tagdecrypted_data = decipher.update(encrypted_data) + decipher.final()
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论