无法使用加密解密cryptocurrencyValue [英] Not able to decrypt the encryptedValue using crypto

问题描述

我正在尝试解密来自VB的值(在des中加密).当我尝试使用Javascript中的crypto解密cryptocurrencyValue时，输出给出了一个空值.我已经附上了VB中加密的完成方式.

I am trying to decrypt a value (encrypted in des) coming from VB. When I try to decrypt the encryptedValue using crypto in Javascript the output gives me an empty value. I have attached how the encryption was done in VB.

我如何尝试使用JAVASCRIPT进行加密

var CryptoJS       = require("crypto-js");
var key            = "peekaboo";
var encryptedValue = "50AznWWn4fJI19T392wIv/ZysP/Ke3mB";
encryptedValue     = CryptoJS.enc.Base64.parse(encryptedValue);

var data           = CryptoJS.DES.decrypt(encryptedValue, key, { iv: "cbauthiv" });

const email  = data.toString(CryptoJS.enc.Utf8);

console.log(email, "ORIGINAL TEXT");

VB中的加密方式

Imports System.Security.Cryptography
Imports System.Text
Imports System.IO

Module Module1

    Private Const ENCRYPTIONKEY As String = "peekaboo"

    Sub Main()

       
        Dim s As String = Encrypt("ditzymoose@outlook.com")

        Dim r As String = Decrypt(s)
        Console.ReadLine()


    End Sub


    Private Function Encrypt(stringToEncrypt As String) As String
        Dim rng As New RNGCryptoServiceProvider
        Dim byteArray() As Byte = New Byte(8) {}
        Dim iv_value As String = "cbauthiv"
        Dim key() As Byte = {}
        Dim IV() As Byte = System.Text.Encoding.UTF8.GetBytes(Left(iv_value, 8))

        key = System.Text.Encoding.UTF8.GetBytes(Left(ENCRYPTIONKEY, 8))
        Dim des As New DESCryptoServiceProvider
        rng.GetBytes(byteArray)
        Dim Salt As String = BitConverter.ToString(byteArray)
        Dim SaltedInput As String = Salt & "~" & stringToEncrypt
        Dim inputByteArray() As Byte = Encoding.UTF8.GetBytes(stringToEncrypt)
        Dim ms As New MemoryStream
        Dim cs As New CryptoStream(ms, des.CreateEncryptor(key, IV), CryptoStreamMode.Write)
        cs.Write(inputByteArray, 0, inputByteArray.Length)
        cs.FlushFinalBlock()
        Return Convert.ToBase64String(ms.ToArray())

    End Function
End Module

推荐答案

密钥和IV必须作为 WordArray 传递.要进行转换，必须使用Utf8编码器，请此处.

The key and IV must be passed as WordArray. For the conversion the Utf8-Encoder has to be used, here.

此外，密文必须作为 CipherParams 对象或Base64编码(然后隐式转换为 CipherParams 对象)进行传递，

Also, the ciphertext must be passed as a CipherParams object or alternatively Base64 encoded (which is then implicitly converted to a CipherParams object), here.

通过这些更改，可以使用CryptoJS代码成功解密VB代码的密文:

With these changes the ciphertext of the VB code can be successfully decrypted using the CryptoJS code:

var key            = CryptoJS.enc.Utf8.parse("peekaboo");
var iv             = CryptoJS.enc.Utf8.parse("cbauthiv");
var encryptedValue = "50AznWWn4fJI19T392wIv/ZysP/Ke3mB";

var data           = CryptoJS.DES.decrypt(encryptedValue, key, {iv: iv});
var email          = data.toString(CryptoJS.enc.Utf8);

console.log(email, "ORIGINAL TEXT");

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>

请注意，DES是不安全的(此处)，并且在大约20年前被AES取代.静态IV也是不安全的.相反，应该为每种加密生成一个随机IV.
此外，不应将密码用作密钥.如果要使用密码，则应该使用可靠的密钥派生功能(例如PBKDF2)从密码中派生密钥.

Please note that DES is insecure (here) and was replaced by AES almost 20 years ago. Also insecure is a static IV. Instead, a random IV should be generated for each encryption.
Furthermore a password should not be used as key. If a password is to be used, the key should be derived from the password using a reliable key derivation function such as PBKDF2.

这篇关于无法使用加密解密cryptocurrencyValue的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！