加密错误的AES-256-ecb加密 [英] crypto wrong AES-256-ecb encrypt

问题描述

我尝试在aes-256-ecb中加密 aaaaaaaaaaa

I tried to encrypt "aaaaaaaaaaa" in aes-256-ecb

var encrypt = function(cryptkey, cleardata) {
     var encipher = crypto.createCipher('aes-256-ecb', cryptkey);
     return Buffer.concat([
          encipher.update(cleardata),
          encipher.final()
        ]);
 }       
var hex_key = [0x2A,0x46,0x29,0x4A,0x40,0x4E,0x63,0x52,0x66,0x55,0x6A,0x58,0x6E,0x32,0x72,
    0x35,0x75,0x38,0x78,0x2F,0x41,0x3F,0x44,0x28,0x47,0x2B,0x4B,0x61,0x50,0x64,0x53,0x67]
var _text =  new Buffer([0x61,0x61,0x61,0x61,0x61,0x61,0x61,0x61,0x61,0x61,0x61])
console.log(encrypt(hex_key,_text));

//prints
<Buffer 2c 2d 90 b3 0f ef 3d 6f 73 68 db da 72 34 9c 80>

我注意到它与此加密工具的结果不匹配
http://aes.online-domain-tools.com/link/10a8ee2gzyiHxWlCJr/

I noticed it doesn't match the result of this encryption tool http://aes.online-domain-tools.com/link/10a8ee2gzyiHxWlCJr/

编辑：最终，我阅读了文档并遇到了签名错误（正如Maarten Bodewes所建议的那样），现在我对输出感到怀疑：

Edit: Eventually I read the doc and get that signature mistake (as Maarten Bodewes suggests) now I'm in doubt about the output:

使用createCipheriv（）的节点加密 AND pyCrypto（python）输出：

node crypto using createCipheriv() AND pyCrypto (python) output:

8f c9 89 36 ba 7b 16 2a a8 bc 11 a4 b4 cd e3 08

在线工具 AND 一个c ++库：

online tool AND a c++ library:

ad 5f 91 18 2c ed d1 d1 db 0d ab 34 8c 1c 8b

谁是对的？

解决方案：：最终，我得到了它， c ++库，该在线工具使用0填充方法填充了块。不确定在节点crypto和pyCrypto中处理填充的默认方式是什么，反正这就是为什么我从4种AES实现中获得2种不同的密文。

SOLUTION: Eventually I got it, the c++ library and that online tool uses 0-padding method to fill the block. Not sure what's the default way to handle padding in node crypto and pyCrypto, anyway that's why I got 2 different cipher text from 4 aes implementations.

推荐答案

ECB模式不使用IV。但是，如果不加以考虑，您将为此方法签名进行匹配 createCipher 方法使用密码而不是密钥。因此，即使随后该对象被忽略，您也需要一些表示IV的对象来选择采用密钥而不是密码的方法。

ECB mode doesn't take an IV. However, if you leave it out you will match the method signature for this createCipher method that takes a password instead of a key. So you'll need some object representing an IV to choose the method that takes a key instead of a password, even if that object is subsequently ignored.

不要测试针对一些糟糕的在线工具的代码，请改用NIST测试向量。不要使用ECB。而且，请确保糖类放在最上面，请务必仔细阅读API文档，尤其是在遇到问题之后。

Don't test your code against some crappy online tool, use the NIST test vectors instead. Don't use ECB. And please, with sugar on top, make sure you read the API documentation carefully, especially after you've run into problems.

这篇关于加密错误的AES-256-ecb加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！