这个简单的NodeJS加密函数有什么问题？ [英] Whats wrong with this simple NodeJS crypto function?

问题描述

我正在尝试以一个url查询字符串的零填充来执行AES CBC加密。我正在使用NodeJS的核心加密模块。它适用于 http://www.blackoutrugby.com/game/help .documentation.php＃category = 35

I'm trying to perform AES CBC encryption with zero padding of a url query string. I'm using NodeJS's core crypto module. It's for use with http://www.blackoutrugby.com/game/help.documentation.php#category=35

我有一个键和IV。当测试以下函数时，我没有收到完整的字符串。我相信这与填充有关，但不确定如何应用它。

I have a key and IV. When testing the following function I'm not getting the string returned in full. I believe this has to do with padding but am unsure how to apply it correct.

如果是填充，有人可以告诉我应该如何应用它？如果不是我在哪里错了？还有这个usercase中的cipher.final（）有意义吗？

If it is the padding, can anyone show me how I should apply it? If not where am I going wrong? Also is cipher.final() of significance in this usercase?

更新：
我现在已经包含了cipher.final ）和事情工作正常与二进制格式，但base64给我截断的结果。 https://github.com/denishoctor/BlackoutRugbyNode/blob/master/crypto2.js 是我的完整示例代码。以下是加密函数：

Update: I've now included cipher.final() and things work fine with binary format but base64 gives me the truncated result. https://github.com/denishoctor/BlackoutRugbyNode/blob/master/crypto2.js is my full example code. Below is the crypto function:

function cryptoTest(data, key, iv, format) {
   var cipher = crypto.createCipheriv('aes-128-cbc', key, iv);
   var cipherChunks = [];
   cipherChunks.push(cipher.update(data, 'utf8', format));
   cipherChunks.push(cipher.final());

   var decipher = crypto.createDecipheriv('aes-128-cbc', key, iv);
   var plainChunks = [];
   for (var i = 0;i < cipherChunks.length;i++) {
        plainChunks.push(decipher.update(cipherChunks[i], format, 'utf8'));
   }
   plainChunks.push(decipher.final());

   return {
       "encrypted": cipherChunks.join(''),
       "decrypted": plainChunks.join('')
   };
}

谢谢，

丹尼斯

Thanks,
Denis

推荐答案

您没有将cipher.final返回的密文放入解密。这是一个简化的例子。您需要从每次调用cipher.update以及cipher.final收集返回值，并确保这些对象中的每一个都被放入decipher.update。

You are not putting the ciphertext returned by cipher.final into the decipher. Here's a simplified example. You need to collect the return values from every call to cipher.update as well as cipher.final and make sure each of those objects gets put into decipher.update.

更新：这里是一个可以用 binary 或 hex 作为密码编码的版本文本，但失败与 base64 。我不知道为什么会这样，但是如果你可以使用十六进制，应该可以正常工作。

UPDATE: here's a version that works fine with binary or hex as the encoding for the cipher text, but fails with base64. I have no idea why this is, but if you are OK with hex that should work fine.

更新2 ：看起来像 base64 是节点本身的一个错误。请参阅这个答案类似的问题。

UPDATE 2: Looks like base64 is a bug in node itself. See this answer to a similar question.

    var crypto = require('crypto');

    var data = "I am the clear text data";
    console.log('Original cleartext: ' + data);
    var algorithm = 'aes-128-cbc';
    var key = 'mysecretkey';
    var clearEncoding = 'utf8';
    var cipherEncoding = 'hex';
    //If the next line is uncommented, the final cleartext is wrong.
    //cipherEncoding = 'base64';
    var cipher = crypto.createCipher(algorithm, key);
    var cipherChunks = [];
    cipherChunks.push(cipher.update(data, clearEncoding, cipherEncoding));
    cipherChunks.push(cipher.final(cipherEncoding));
    console.log(cipherEncoding + ' ciphertext: ' + cipherChunks.join(''));
    var decipher = crypto.createDecipher(algorithm, key);
    var plainChunks = [];
    for (var i = 0;i < cipherChunks.length;i++) {
      plainChunks.push(decipher.update(cipherChunks[i], cipherEncoding, clearEncoding));

    }
    plainChunks.push(decipher.final(clearEncoding));
    console.log("UTF8 plaintext deciphered: " + plainChunks.join(''));

这篇关于这个简单的NodeJS加密函数有什么问题？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！