AES - 使用Crypto（node-js）进行加密/使用Pycrypto（python）进行解密 [英] AES - Encryption with Crypto (node-js) / decryption with Pycrypto (python)

问题描述

我写这个问题+答案，因为我很困难（可能是因为缺乏经验），迷失在许多不同的方式加密/解密节点或python的东西。

我想我的情况可能会帮助未来的人。

我需要做什么：

• 从表单获取数据，使用Crypto（node-js）加密它们


• 在Python中传递加密数据并使用PyCrypto解密。

我选择使用AES加密。

开始（我不会经历我试过的一切）：

• 我按照此页

  
  
  

  其中在我的case：

  
  
  

  （这可能是一个非常糟糕的混合javascript和coffeescript）

    crypto = requirecrypto
   [...] 
   key =mykeywhatever
   cipher = crypto.createCipher（'aes192'，key）
   
   encoding_string = cipher.final（'hex'）
   [...] 
    




• 然后，我使用 PyCrypto的github的页面上的自述编写了我的python脚本来解密此字符串：

   来自Crypto.Cipher import AES 
   [...] 
   my_string = data_coming_from_rabbitmq 
   obj = AES.new（'mykeywhatever'， AES.MODE_CBC）
   obj.decrypt（密文）
   [...] 
    

  这显然没有工作：在readme有一个IV，但是因为我没有在节点脚本中给一个，为什么我会给一个在python一个？

经过更多的搜索，我了解到节点的Crypto使用OpenSSL，而PyCrypto显然不是。所以我查看并找到了这些页面：

• 
  
li> AES在库PyCrypto& Node.JS Crypto

• 还有更多...

事情变得复杂，没有人在做同样的事情来解密数据，我迷路了，并要求帮助。

答案是我的同事和我想出了（我大多是我的工作人员）。

解决方案

所以我们从如何解密... OpenSSL

• 我们需要修改加密脚本：

    crypto = requirecrypto
   [...] 
   var iv = new Buffer（'asdfasdfasdfasdf'）
   var key = new Buffer 'asdfasdfasdfasdfasdfasdfasdfasdf'）
   var cipher = crypto.createCipheriv（'aes-256-cbc'，key，iv）; 
   cipher.update（new Buffer（mystring））; 
   var enc = cipher.final（'base64'）; 
   [...] 
    

  iv 长，键为32bytes。我们将 createCipher 更改为 createCipheriv 。




• 返回到python解密脚本：

  
  
  

  Process只是阅读PyCrypto的文档，并比较我们从开始的代码。

  
  
  

  然后我们决定只是坚持API ，并从头开始。它提供了：

   来自base64 import b64decode 
  来自Crypto.Cipher import AES 
   [... ] 
   iv ='asdfasdfasdfasdf'
   key ='asdfasdfasdfasdfasdfasdfasdfasdf'
   encoded = b64decode（'my_encrypted_string'）
   
   dec = AES.new = AES.MODE_CBC，IV = iv）
   value = dec.decrypt（encoded）
    

它是那么简单...
希望它会帮助一些人！

更新：

正如Perseids在他的回答的意见中写道，IV必须是随机的，并且对于每个消息都是不同的

I'm writing this question + answer because I struggled a lot (maybe because of a lack of experience), got lost in many different ways of encrypting/decrypting things with node or python.

I thought maybe my case could help people in the future.

What I needed to do:

• Get data from a form, encrypt them using Crypto (node-js)
• Pass the encrypted data in Python and decrypt it using PyCrypto.

I chose to use the AES encryption.

Here is how I started (I'm not gonna go through everything I tried):

• I followed the example at the end of this page

  Which gave in my case:

  (this might be a very bad mix between javascript and coffeescript)

  crypto = require "crypto"
  [...]
  key = "mykeywhatever"
  cipher = crypto.createCipher('aes192', key)
  cipher.update('string i want to encode', 'binary', 'hex')
  encoded_string = cipher.final('hex')
  [...]
  

  This worked pretty fine to encode my string.

• Then I wrote my python script to decrypt this string, using the readme on PyCrypto's github's page:

  from Crypto.Cipher import AES
  [...]
  my_string = data_coming_from_rabbitmq
  obj = AES.new('mykeywhatever', AES.MODE_CBC)
  obj.decrypt(ciphertext)
  [...]
  

  This obviously didn't work: in the readme there is an IV but since I didn't gave one in the node script, why would I give one in the python one?

After more googling, I learnt that node's Crypto uses OpenSSL, while PyCrypto apparently doesn't. So I looked into that and found those pages:

• How can I decrypt something with PyCrypto that was encrypted using OpenSSL?
• Is AES the same in libraries PyCrypto & Node.JS Crypto
• and a lot more...

So things got complicated, no one is doing the same thing to decrypt data, I got lost, and asked for help.

The answer is what my coworker and I came up with (well, mostly my corworker).

解决方案

So we started from the "How can i decrypt... OpenSSL" 's answer.

• We needed to modify the encryption script which gave:

  crypto = require "crypto"
  [...]
  var iv = new Buffer('asdfasdfasdfasdf')
  var key = new Buffer('asdfasdfasdfasdfasdfasdfasdfasdf')
  var cipher = crypto.createCipheriv('aes-256-cbc', key, iv);
  cipher.update(new Buffer("mystring"));
  var enc = cipher.final('base64');
  [...]
  

  iv needs to be 16bytes long, key is 32bytes. And we changed createCipher to createCipheriv.

• Back to the python decryption script:

  Process was simply reading PyCrypto's documentation, and compare with the code we started from.

  Then we decided to just stick to the API, and start from scratch. And it gave:

  from base64 import b64decode
  from Crypto.Cipher import AES
  [...]
  iv = 'asdfasdfasdfasdf'
  key = 'asdfasdfasdfasdfasdfasdfasdfasdf'
  encoded = b64decode('my_encrypted_string')
  
  dec = AES.new(key=key, mode=AES.MODE_CBC, IV=iv)
  value = dec.decrypt(encoded)
  

And it was as simple as that... Hope it'll help some of you!

Update:

As Perseids wrote in the comments of his answer, the IV has to be random and different for every message

这篇关于AES - 使用Crypto（node-js）进行加密/使用Pycrypto（python）进行解密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！