CryptoJS和密钥/ IV长度 [英] CryptoJS and key/IV length

问题描述

我对AES密钥和IV长度有疑问。

I have question about AES key and IV length.

首先，例如，如果我使用的是药物 OpenSSL 扩展名和 openssl_encrypt（）方法，我可以清楚地看到 256位AES的关键应该是 32 字节，如果它与 16 字节不同，则IV会发出警告。我能理解，一切都很好。

First of all, if, for example, I'm using drugs OpenSSL extension and openssl_encrypt() method, I can clearly see that key for 256-bit AES should be 32 bytes, and IV throws warning if it's different than 16 bytes. I can understand that, and everything is fine.

然而，在 CryptoJS 库中，密钥和IV长度令人沮丧。这是一些例子：

However, in CryptoJS library the key and IV length is frustrating. This is some example:

var text = "test",
    key  = "us5N0PxHAWuIgb0/Qc2sh5OdWBbXGady",
    iv   = "zAvR2NI87bBx746n";

key = CryptoJS.enc.Base64.parse(key);
iv  = CryptoJS.enc.Base64.parse(iv);

crypted = CryptoJS.AES.encrypt(text, key, { iv: iv });

其中key为 32 字节，IV 16 。 CryptoJS需要解析它，并且在 CryptoJS.enc.Base64.parse（）之后我得到48和24字节。我希望这些值会被截断为所需的 256位AES 长度，并且进一步扩展到n个字节将无关紧要，因此产生的密文将是相同的。

where key is 32 bytes, IV is 16. CryptoJS requires to parse it, and after CryptoJS.enc.Base64.parse() I get 48 and 24 bytes accordingly. I expect that those values will get truncated to required 256-bit AES length, and further expansion to n bytes will be irrelevant, and so resulting ciphertext will be the same.

但实际上并没有发生。当我传递给CryptoJS.AES.encrypt（）更大的键和甚至 IV时，它产生不同的输出。所以我的问题是，为什么？在这种情况下， CryptoJS 库和 OpenSSL 有什么区别？

But that's not actually happening. When I pass to CryptoJS.AES.encrypt() larger size key and even IV, it's producing different output. So my question is, why? What is the difference between CryptoJS library and OpenSSL in this case?

推荐答案

<看起来我已经知道了。

Looks like I've got it.

如果您倾向于传递自定义键和 IV 在使用 CryptoJS 时，请确保（假设 CryptoJS.enc.Base64.parse（）给出 HEX 字符串，用于 CryptoJS.AES.encrypt（））。

If you tend to pass custom key and IV in using CryptoJS, make sure that (assuming that CryptoJS.enc.Base64.parse() gives HEX string, which is used in CryptoJS.AES.encrypt()).

以此示例为例， Base64 键和iv（长度= 22）， CryptoJS 加密为 AES-256 ：

Taking this example, with Base64 key and iv (length=22), which CryptoJS encrypts as AES-256:

var message = "some_secret_message";

var key = "6Le0DgMTAAAAANokdEEial"; //length=22
var iv  = "mHGFxENnZLbienLyANoi.e"; //length=22

key = CryptoJS.enc.Base64.parse(key);
//key is now e8b7b40e031300000000da247441226a, length=32
iv = CryptoJS.enc.Base64.parse(iv);
//iv is now 987185c4436764b6e27a72f2fffffffd, length=32

var cipherData = CryptoJS.AES.encrypt(message, key, { iv: iv });

var data = CryptoJS.AES.decrypt(cipherData, key, { iv: iv });
//data contains "some_secret_message"

键的长度对于 AES-256 是32字节。 （如果你想获得 AES-128 ，则为16个字节。如果更多，CryptoJS将切换到更高的密钥长度）。在解密的其他情况下，您将收到一条空消息。示例：

Length of the key is 32 bytes for AES-256. (16 bytes if you want to get AES-128. If more, CryptoJS will switch to higher key length). In other case on decrypt you will get an empty message. Example:

var message = "some_secret_message";

var key = "6Le0DgMTAAAAANokdEEial1"; //length=23
var iv  = "mHGFxENnZLbienLyANoi.e"; //length=22

key = CryptoJS.enc.Base64.parse(key); // length = 17 bytes
//key is now e8b7b40e031300000000da247441226a5d, length=34 (hex encoded)
iv = CryptoJS.enc.Base64.parse(iv); // length = 16 bytes
//iv is now 987185c4436764b6e27a72f2fffffffd, length=32 (hex encoded)

var cipherData = CryptoJS.AES.encrypt(message, key, { iv: iv });

var data = CryptoJS.AES.decrypt(cipherData, key, { iv: iv });
//data contains "" - an empty string

另外，从我看到的内容，只有 x％8 == 0 这种用例的字节给出了有效的结果。

Also, from what I can see, only x % 8 == 0 bytes of such use case gives valid result.

长度 IV 应为22个字节（当Base64编码时），并且在使用 CryptoJS.enc.Base64.parse（）进行转换时，您将获得16字节（32位十六进制编码）， AES-256 块大小的最大值。除此之外的所有内容都将被截断。

Length of IV should be 22 bytes (when Base64 encoded), and while transforming with CryptoJS.enc.Base64.parse() you will get 16 bytes (32 hex encoded), which is max for AES-256 block size. Everything more than that will get truncated.

var message = "some_secret_message";

var key = "6Le0DgMTAAAAANokdEEial"; //length=22
var iv  = "mHGFxENnZLbienLyANoi.e"; //length=22

key = CryptoJS.enc.Base64.parse(key); // length=16 bytes
//key is now e8b7b40e031300000000da247441226a5d, length=32 (hex encoded)
iv = CryptoJS.enc.Base64.parse(iv); // length=16 bytes
//iv is now 987185c4436764b6e27a72f2fffffffd, length=32 (hex encoded)

var cipherData = CryptoJS.AES.encrypt(message, key, { iv: iv });

var key = "6Le0DgMTAAAAANokdEEial"; //length=22
var iv  = "mHGFxENnZLbienLyANoi.e123"; //length=25

key = CryptoJS.enc.Base64.parse(key); // length = 16 bytes
//key is now e8b7b40e031300000000da247441226a5d, length=32 (hex encoded)
iv = CryptoJS.enc.Base64.parse(iv); // length = 18 bytes
//iv is now 987185c4436764b6e27a72f2fffffffded76, length=36 (hex encoded)

var data = CryptoJS.AES.decrypt(cipherData, key, { iv: iv }); //data contains "some_secret_message", so additional "123" in IV is irrelevant.

这篇关于CryptoJS和密钥/ IV长度的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！