使用CryptoJS使用密码进行AES解密会返回空值 [英] AES decryption with password using CryptoJS returns a blank value
问题描述
我有以下代码:
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<div id="decrypted">Please wait...</div>
Insert new note:<input type="text" id="new_note"><input type="button" id="enc_button" value="Save">
<script>
var password = "testpassword";
var encrypted_text = localStorage.getItem("encrypted");
var rawData = atob(encrypted_text);
var iv = rawData.substring(0,16);
var crypttext = rawData.substring(16);
var plaintextArray = CryptoJS.AES.decrypt(
{ ciphertext: CryptoJS.enc.Latin1.parse(crypttext) },
CryptoJS.enc.Hex.parse(password),
{ iv: CryptoJS.enc.Latin1.parse(iv) }
);
var decrypted = CryptoJS.enc.Latin1.stringify(plaintextArray);
document.getElementById("decrypted").innerHTML = decrypted;
document.getElementById("enc_button").onclick = function(){
var text = document.getElementById("new_note").value;
var encrypted = CryptoJS.AES.encrypt(text, password);
localStorage.setItem("encrypted",encrypted);
}
</script>
使用CryptoJS使用AES加密字符串;解密保存在本地存储中的加密文本并在div中显示结果
Encrypt a string with AES using CryptoJS; decrypt encrypted text saved in local storage and show the result in a div
字符串似乎加密,变量 decrypt 为空。在chrome控制台中没有触发错误。
While the string seems to get encrypted, the variable decrypt is empty. No errors are triggered in the chrome console.
如何成功加密和解密我的文本?
How can I successfully encrypt and decrypt my text?
推荐答案
CryptoJS有两种略有不同的加密/解密类型。
CryptoJS has two slightly different types of encryption/decryption.
当你使用
var encrypted = CryptoJS.AES.encrypt(text, password);
然后您使用的是基于密码的加密,这与基于纯密钥/ IV的加密不同加密。这意味着密码和随机生成的盐通过一次MD5调用运行,以生成实际加密的密钥和IV。这是一种OpenSSL兼容的加密方式。 加密的对象存储用于生成密钥和IV的随机盐。
then you're using password-based encryption which is not the same as pure key/IV-based encryption. This means that the password and a randomly generated salt are run through one MD5 invocation to produce the key and IV for the actual encryption. This is an OpenSSL compatible way to encrypt something. The encrypted object stores the random salt which was used to generate the key and IV.
当您强制 encrypted 要转换为字符串(如将其添加到localStorage),然后将其转换为包含salt的OpenSSL兼容字符串编码。为了再次解密它,你不需要自己处理密钥,IV或盐,因为CryptoJS会自动为你做这件事:
When you force encrypted to be converted to string (like adding it to localStorage), then it is converted into an OpenSSL compatible string encoding which includes the salt. In order to decrypt it again, you don't need to mess around with the key, IV or salt yourself, because CryptoJS automatically does that for you:
var decrypted = CryptoJS.AES.decrypt(encrypted, password);
请记住,解密是 WordArray 对象,当你强制它转换为字符串时,它会默认将内容编码为Hex。如果您不想这样,那么您需要自己指定编码,例如UTF-8。
Keep in mind that decrypted is a WordArray object and when you force it to be converted to string it will encode the contents into Hex by default. If you don't want that then you need to specify the encoding such as UTF-8 yourself.
当解密因某些原因失败时,通常会返回空白值作为错误的密钥,错误的密文或错误的编码。 CryptoJS不会抛出自定义错误消息,但会尝试继续,因为你应该知道你在做什么。
A blank value is usually returned when the decryption failed for some reason such as wrong key, wrong ciphertext or wrong encoding. CryptoJS won't throw custom error messages, but will try to continue, because you should know what you're doing.
完整代码:
var password = "testpassword";
document.getElementById("enc_button").onclick = function(){
var text = document.getElementById("new_note").value;
var encrypted = CryptoJS.AES.encrypt(text, password);
encrypted = encrypted.toString();
var decrypted = CryptoJS.AES.decrypt(encrypted, password);
decrypted = decrypted.toString(CryptoJS.enc.Utf8)
document.getElementById("decrypted").innerHTML = decrypted;
}
<script src="https://cdn.rawgit.com/CryptoStore/crypto-js/3.1.2/build/rollups/aes.js"></script>
<div id="decrypted">Please wait...</div>
Insert new note:<input type="text" id="new_note"><input type="button" id="enc_button" value="Encrypt & Decrypt">
这篇关于使用CryptoJS使用密码进行AES解密会返回空值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
