AES中的AES是相同的PyCrypto& Node.JS加密 [英] Is AES the same in libraries PyCrypto & Node.JS Crypto
问题描述
目前我有一个使用PyCrypto加密的明文
我试图使用Node.js的加密库解密密文。
基本上与PyCrypto ..
im使用AES-128-CBC与随机生成IV。 (在PyCrypto中完美解密)
但是...
在Node.js上这样做
var buf = new Buffer(ciphertext)
var decipher = crypto.createDecipher('aes-128-cbc',aeskey)
buf =解密。更新(buf,'binary','binary')
buf + = decipher.final('binary')
其中吐出一堆垃圾....(将二进制更改为十六进制/ utf8不帮助)
因为我正在使用CBC密码块链接)...
i我在密文开始前加上IV(16个块)..
在PyCrypto中,这与PGP,CFB使用规范类似。有没有人知道这是不行的原因吗?
我期望Node.js的标准库太多了吗?
p>文档没有提到这一点,但是 aeskey 你传递给 crypto.createDecipher 不是 键,但是密码被处理到OpenSSL的 EVP_BytesToKey 函数。
传递应该使用的实际原始密钥数据(目前未记录的) crypto.createDecipheriv (cipher,key,iv)函数。这也适用于ECB模式,即使ECB中没有IV。
如果这样做失败,我认为调试的第一步是尝试使用 AES KATs 来查看解密代码是否正确。
我在这里遇到了类似的问题: https://github.com/joyent / node / issues / 1318
I am beginnging to wonder if the implementation of AES is different across libraries..
Currently i have a plaintext encrypted with PyCrypto.
Im trying to decrypt the ciphertext with Node.js's Crypto Library..
Basically with PyCrypto..
im using AES-128-CBC with a random generated IV. (which decrypts perfectly in PyCrypto)
However..
On Node.js im doing this
var buf = new Buffer(ciphertext)
var decipher = crypto.createDecipher('aes-128-cbc',aeskey)
buf = decipher.update(buf,'binary', 'binary')
buf += decipher.final('binary')
Which spits out a bunch of Garbage.... ( changing 'binary' to hex/utf8 doesnt help)
As i am using CBC (Cipher Block Chaining)...
i am prepending the IV to the beginning of the ciphertext (16 blocks)..
In PyCrypto this works perfectly, similarly to the specification of PGP, CFB usage..
Does anyone know for what reason this is not working???
Am i expecting too much of Node.js's standard libraries?
Documentation does not mention this, but aeskey you're passing to crypto.createDecipher is not the key, but a password, handled to OpenSSL's EVP_BytesToKey function.
To pass the actual raw key data one should use (presently undocumented) crypto.createDecipheriv(cipher, key, iv) function. This applies to ECB mode too, even though there's no IV in ECB.
If this fails, I think, the first step in debugging would be to try with AES KATs to see whenever the decryption code is correct.
I've tripped on a similar issue here: https://github.com/joyent/node/issues/1318
这篇关于AES中的AES是相同的PyCrypto& Node.JS加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
