Webcrypto AES-CBC解密:操作错误-由于特定于操作的原因，操作失败 [英] Webcrypto AES-CBC Decrypt: Operation Error - The operation failed for an operation-specific reason

问题描述

我具有以下代码，可使用Javascript Webcrypto-API解密AES加密的数据，但会导致"OperationError"，并显示消息由于特定于操作的原因操作失败":

I have the following code to decrypt AES encrypted data with the Javascript Webcrypto-API, but it results in an "OperationError" with the message "The operation failed for an operation-specific reason":

function loadHexToArrybuffer(hex)
{
	return new Uint8Array(hex.match(/[\da-f]{2}/gi).map(h => parseInt(h, 16)));
}

var iv = loadHexToArrybuffer("47b79d24e3ec47c528abdaed8f3fafde");
var rawKey = loadHexToArrybuffer("8af4d72873e4016cd73a1d5b851e9cb2");
var encryptedData = loadHexToArrybuffer("2bb7a12a7e59f9fa3c3d4ff0eb502cde3187338cc3137af785995b364fc5b3fe9c208f225c7472bb3de55de18a665863f63030d652b870c4610a70bc771e8bc584df7c3bd2ce3fc1940115e556178e740891f7cac450204a4959916ac9c9cd5aedd92cc7e74a7a581a6d47a6c29fb46eee13ffd3f70616844f8e2bb929c60ad9")

async function test()
{
	var algorithm = {name: "AES-CBC", iv: iv};
	var key = await window.crypto.subtle.importKey("raw", rawKey, algorithm, false, ["decrypt"]);

	try
	{
		var decrypted = await window.crypto.subtle.decrypt(algorithm, key, encryptedData);
	}
	catch (e)
	{
		console.log(e); // OperationError: The operation failed for an operation-specific reason
	}
}

test();

有人可以在这里帮助我吗?谢谢你！

Can anybody help me out here? Thanks ahead!

推荐答案

您未说明要使用的浏览器和版本，每个版本都支持一组不同的算法.

You do not state what browser and version you are using, each version supports a different set of algorithms.

如果要快速测试每种支持的内容，请参见: https://peculiarventures.github.io/pv-webcrypto-tests/

If you want a quick test on what each supports see: https://peculiarventures.github.io/pv-webcrypto-tests/

话虽如此，我首先想到的是，除非有必要与仅使用CBC的现有系统实现互操作性，否则我不会使用CBC.您应该改用AES-GCM，它是一种经过身份验证的加密模式，可以防止普通CBC不会进行的某些攻击，并且使用时不易出错.

With that said, my first thought is I would not use CBC unless interoperability with an existing system that only uses CBC is necessary. You should look at AES-GCM instead, it is an authenticated mode of encryption which protects from certain attacks that plain CBC will not and is less error prone on usage.

以下是GCM的加密示例:

Here is an encrypt example of GCM:

window.crypto.subtle.encrypt(
    {
        name: "AES-GCM",

        //Don't re-use initialization vectors!
        //Always generate a new iv every time your encrypt!
        //Recommended to use 12 bytes length
        iv: window.crypto.getRandomValues(new Uint8Array(12)),

        //Additional authentication data (optional)
        additionalData: ArrayBuffer,

        //Tag length (optional)
        tagLength: 128, //can be 32, 64, 96, 104, 112, 120 or 128 (default)
    },
    key, //from generateKey or importKey above
    data //ArrayBuffer of data you want to encrypt
)
.then(function(encrypted){
    //returns an ArrayBuffer containing the encrypted data
    console.log(new Uint8Array(encrypted));
})
.catch(function(err){
    console.error(err);
});

如果您需要使用CBC，以下是一些用法示例: https://github.com/diafygi/webcrypto-examples#aes-cbc

If you need to use CBC here are some good examples on usage: https://github.com/diafygi/webcrypto-examples#aes-cbc

这篇关于Webcrypto AES-CBC解密:操作错误-由于特定于操作的原因，操作失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！