在节点js中使用密钥和iv / AES / GCM / NoPadding算法IV加密有效负载,并在Java中解密 [英] Encrypt payload using a key and iv by AES/GCM/NoPadding algorithm in node js and decrypt in java
问题描述
我已经使用node.js加密了文件,并在JAVA中解密了。解密是使用 AES / GCM / Nopadding算法在JAVA中完成的,它是第三方应用,因此我看不到JAVA代码。
我正在使用 aes-128-gcm算法对node.js中的有效负载进行加密。
为此,我尝试模仿一个有效的java加密代码
I have encrypt the file using node.js and decrypt in JAVA. Decryption is done in JAVA using "AES/GCM/Nopadding" algorithm and it is third party app hence I cannot see the JAVA code. I am encrypting the payload in node.js using "aes-128-gcm" algorithm. for this, I am try mimicking a working java encryption code
我尝试使用crypto和node-forge。
iam获取输出,但是在提交有效负载时遇到错误的加密-有效负载未正确加密错误。
I have tried with crypto and node-forge. iam getting the output but am getting an error "Bad encryption - payload is not encrypted properly" when submitting payload.
请帮我找到我所做的事情
pleas help me to find what I did wrong in this code.
java中的工作代码
working code in java
public void encrypt(@NonNull final byte[] payload, @NonNull final byte[] key) throws GeneralSecurityException
{
SecretKeySpec codingKey = new SecretKeySpec(key, AES);
Cipher cipher = AEC_GCM_THREAD_CIPHER.get();
byte[] iv = new byte[cipher.getBlockSize()];
RANDOM.nextBytes(iv);
cipher.init(Cipher.ENCRYPT_MODE, codingKey, new IvParameterSpec(iv));
final byte[] encryptedPayload = cipher.doFinal(payload);
byte[] encryptMerchantKey = encryptMerchantKey(key);
String payloadFinal = encodeToUrlString(encryptedPayload); // final payload
String ivFinal = encodeToUrlString(iv); // final iv
String keyFinal = encodeToUrlString(encryptMerchantKey); // final key
System.out.println("Payload");
System.out.println(payloadFinal);
System.out.println("iv");
System.out.println(ivFinal);
System.out.println("key");
System.out.println(keyFinal);
}
在节点js中尝试过的代码iam
code iam tried in node js
function encrypt(payload) {
let key = forge.random.getBytesSync(16);
let iv = forge.random.getBytesSync(16);
let cipher = forge.cipher.createCipher("AES-GCM", key);
cipher.start({ iv: iv});
cipher.update(forge.util.createBuffer(payload));
cipher.finish();
let encrypted = forge.util.encode64(cipher.output.getBytes());
let tag = forge.util.encode64(cipher.mode.tag.getBytes());
let iv64 = forge.util.encode64(iv);
let encryptedPayload = encrypted+tag;
//RSA Encryption
encryptedkey = RSAencrypt(forge.util.encode64(key));
return {
"payload" : base64url.fromBase64(encryptedPayload) ,
"iv" : base64url.fromBase64(iv64).length,
"key" : base64url.fromBase64(encryptedkey)
};
}
Rsa描述工作正常,能够解密密钥。
AES加密存在一些问题。如代码所示,我将auth标记和加密的数据加在一起,但是没有用。
Rsa description is working fine abling to decrypt the key. some problem with aes encryption. as see the code, I added auth tag and encrypted data together but no use.
推荐答案
问题出在它需要的伪造缓冲区上要转换为节点缓冲区
,此代码现在可以正常工作。谢谢,@ Maarten Bodewes。
The problem was with forge buffer it need to convert to node buffer this code is working now. thanks, @Maarten Bodewes for the advice.
function encrypt(payload) {
//initialize forge random buffer
var key = forge.random.getBytesSync(16);
var iv = forge.random.getBytesSync(16);
let cipher = forge.cipher.createCipher("AES-GCM", key);
cipher.start({iv : iv});
cipher.update(forge.util.createBuffer(payload));
cipher.finish();
let encrypted = cipher.output.data;
let tag = cipher.mode.tag.data;
let encryptedLoad = encrypted+tag;
// node buffer and forge buffer differ, so the forge buffer must be converted to node Buffer
iv = Buffer.from(iv, "binary");
encryptedLoad = Buffer.from(encryptedLoad, "binary");
//Calling RSA Encryption
encryptedKey = RSAencrypt(key);
return {
"payload" : base64url(encryptedLoad) ,
"iv" : base64url(iv),
"key" : base64url.fromBase64(encryptedKey)
};
}
这篇关于在节点js中使用密钥和iv / AES / GCM / NoPadding算法IV加密有效负载,并在Java中解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!