英文:
Ruby Cipher Error on decrypting something encrypted with Java
问题
在Ruby中尝试解密时遇到错误 OpenSSL::Cipher::CipherError ()。 我观察到在Java中,IV接受了16个字节(全是零的数组),而Ruby仅限于12个字节。 我在这里遗漏了一些东西。 非常感谢您提前的帮助。
Java代码片段
SecretKey sessionKey = getSessionKey();
byte[] IV = new byte[16];
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
SecretKeySpec keySpec = new SecretKeySpec(sessionKey.getEncoded(), "AES");
GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(16 * 8, IV);
cipher.init(Cipher.ENCRYPT_MODE, keySpec, gcmParameterSpec);
byte[] encryptedText = cipher.doFinal(plaintext);
responseMap.put("data", Base64.getEncoder().encodeToString(encryptedText));
Ruby代码片段
decrypted_key = "AES KEY"
decode_data = Base64.strict_decode64(params["data"])
cipher_text_with_auth_tag = decode_data.unpack("C*")
auth_tag = cipher_text_with_auth_tag.last(16).pack("C*")
cipher_text = cipher_text_with_auth_tag[0..-17].pack("c*")
decipher = OpenSSL::Cipher.new('AES-256-GCM')
decipher.decrypt
decipher.padding = 0
decipher.key = decrypted_key
decipher.iv = "\x00" * 12
decipher.auth_data = ''
decipher.auth_tag = auth_tag
decrypted_data = decipher.update(cipher_text) + decipher.final
英文:
I have received the encryption request from a different provider, they were using AES GCM No Padding. When I am trying to decrypt it in ruby getting an error OpenSSL::Cipher::CipherError (). I observed in Java the IV is accepting the 16 bytes(Array of Zeros) whereas ruby is limited to 12 bytes only. I am missing something here. Appreciate your help in advance
Code Snippet for Java
SecretKey sessionKey = getSessionKey();
byte[] IV = new byte[16];
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
SecretKeySpec keySpec = new SecretKeySpec(sessionKey.getEncoded(), "AES");
GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(16 * 8, IV);
cipher.init(Cipher.ENCRYPT_MODE, keySpec, gcmParameterSpec);
byte[] encryptedText = cipher.doFinal(plaintext);
responseMap.put("data", Base64.getEncoder().encodeToString(encryptedText));
Code snippet for Ruby
decrypted_key = "AES KEY"
decode_data = Base64.strict_decode64(params["data"])
cipher_text_with_auth_tag = decode_data.unpack("C*")
auth_tag = cipher_text_with_auth_tag.last(16).pack("C*")
cipher_text = cipher_text_with_auth_tag[0..-17].pack("c*")
decipher = OpenSSL::Cipher.new('AES-256-GCM')
decipher. decrypt
decipher.padding = 0
decipher.key = decrypted_key
decipher.iv = "\x00" * 12
decipher.auth_data = ''
decipher.auth_tag = auth_tag
decrypted_data = decipher.update(cipher_text) + decipher.final
答案1
得分: 2
你可以在 OpenSSL 中使用不同的 IV/nonce 长度,但你需要先调用 iv_len=。
类似这样应该可以工作:
decipher = OpenSSL::Cipher.new('AES-256-GCM')
decipher.decrypt
decipher.key = key
# 在设置 iv= 之前调用 iv_len=
decipher.iv_len = iv_len # 例如,在你的情况下是 16
decipher.iv = iv
decipher.auth_data = ''
decipher.auth_tag = auth_tag
decrypted_data = decipher.update(encrypted_data) + decipher.final()
英文:
You can use a different IV/nonce length in OpenSSL, but you need to call iv_len= first.
something like this should work:
decipher = OpenSSL::Cipher.new('AES-256-GCM')
decipher.decrypt
decipher.key = key
# Call iv_len= before iv=
decipher.iv_len = iv_len # e.g. 16 in your case
decipher.iv = iv
decipher.auth_data = ''
decipher.auth_tag = auth_tag
decrypted_data = decipher.update(encrypted_data) + decipher.final()
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论