AES - 使用Crypto(node-js)进行加密/使用Pycrypto(python)进行解密 [英] AES - Encryption with Crypto (node-js) / decryption with Pycrypto (python)
问题描述
我写这个问题+答案,因为我很困难(可能是因为缺乏经验),迷失在许多不同的方式加密/解密节点或python的东西。
我想我的情况可能会帮助未来的人。
我需要做什么:
- 从表单获取数据,使用Crypto(node-js)加密它们
- 在Python中传递加密数据并使用PyCrypto解密。
我选择使用AES加密。
开始(我不会经历我试过的一切):
-
我按照此页
其中在我的case:
(这可能是一个非常糟糕的混合javascript和coffeescript)
crypto = requirecrypto
[...]
key =mykeywhatever
cipher = crypto.createCipher('aes192',key)
encoding_string = cipher.final('hex')
[...]
$ -
然后,我使用 PyCrypto的github的页面上的自述编写了我的python脚本来解密此字符串:
来自Crypto.Cipher import AES
[...]
my_string = data_coming_from_rabbitmq
obj = AES.new('mykeywhatever', AES.MODE_CBC)
obj.decrypt(密文)
[...]
这显然没有工作:在readme有一个IV,但是因为我没有在节点脚本中给一个,为什么我会给一个在python一个?
经过更多的搜索,我了解到节点的Crypto使用OpenSSL,而PyCrypto显然不是。所以我查看并找到了这些页面:
-
li> AES在库PyCrypto& Node.JS Crypto - 还有更多...
事情变得复杂,没有人在做同样的事情来解密数据,我迷路了,并要求帮助。
答案是我的同事和我想出了(我大多是我的工作人员)。
所以我们从如何解密... OpenSSL
-
我们需要修改加密脚本:
crypto = requirecrypto
[...]
var iv = new Buffer('asdfasdfasdfasdf')
var key = new Buffer 'asdfasdfasdfasdfasdfasdfasdfasdf')
var cipher = crypto.createCipheriv('aes-256-cbc',key,iv);
cipher.update(new Buffer(mystring));
var enc = cipher.final('base64');
[...]
iv 长,键为32bytes。我们将
createCipher
更改为createCipheriv
。 -
返回到python解密脚本:
Process只是阅读PyCrypto的文档,并比较我们从开始的代码。
然后我们决定只是坚持API ,并从头开始。它提供了:
来自base64 import b64decode
来自Crypto.Cipher import AES
[... ]
iv ='asdfasdfasdfasdf'
key ='asdfasdfasdfasdfasdfasdfasdfasdf'
encoded = b64decode('my_encrypted_string')
dec = AES.new = AES.MODE_CBC,IV = iv)
value = dec.decrypt(encoded)
它是那么简单...
希望它会帮助一些人!
更新:
正如Perseids在他的回答的意见中写道,IV必须是随机的,并且对于每个消息都是不同的
I'm writing this question + answer because I struggled a lot (maybe because of a lack of experience), got lost in many different ways of encrypting/decrypting things with node or python.
I thought maybe my case could help people in the future.
What I needed to do:
- Get data from a form, encrypt them using Crypto (node-js)
- Pass the encrypted data in Python and decrypt it using PyCrypto.
I chose to use the AES encryption.
Here is how I started (I'm not gonna go through everything I tried):
I followed the example at the end of this page
Which gave in my case:
(this might be a very bad mix between javascript and coffeescript)
crypto = require "crypto" [...] key = "mykeywhatever" cipher = crypto.createCipher('aes192', key) cipher.update('string i want to encode', 'binary', 'hex') encoded_string = cipher.final('hex') [...]
This worked pretty fine to encode my string.
Then I wrote my python script to decrypt this string, using the readme on PyCrypto's github's page:
from Crypto.Cipher import AES [...] my_string = data_coming_from_rabbitmq obj = AES.new('mykeywhatever', AES.MODE_CBC) obj.decrypt(ciphertext) [...]
This obviously didn't work: in the readme there is an IV but since I didn't gave one in the node script, why would I give one in the python one?
After more googling, I learnt that node's Crypto uses OpenSSL, while PyCrypto apparently doesn't. So I looked into that and found those pages:
- How can I decrypt something with PyCrypto that was encrypted using OpenSSL?
- Is AES the same in libraries PyCrypto & Node.JS Crypto
- and a lot more...
So things got complicated, no one is doing the same thing to decrypt data, I got lost, and asked for help.
The answer is what my coworker and I came up with (well, mostly my corworker).
So we started from the "How can i decrypt... OpenSSL" 's answer.
We needed to modify the encryption script which gave:
crypto = require "crypto" [...] var iv = new Buffer('asdfasdfasdfasdf') var key = new Buffer('asdfasdfasdfasdfasdfasdfasdfasdf') var cipher = crypto.createCipheriv('aes-256-cbc', key, iv); cipher.update(new Buffer("mystring")); var enc = cipher.final('base64'); [...]
iv needs to be 16bytes long, key is 32bytes. And we changed
createCipher
tocreateCipheriv
.Back to the python decryption script:
Process was simply reading PyCrypto's documentation, and compare with the code we started from.
Then we decided to just stick to the API, and start from scratch. And it gave:
from base64 import b64decode from Crypto.Cipher import AES [...] iv = 'asdfasdfasdfasdf' key = 'asdfasdfasdfasdfasdfasdfasdfasdf' encoded = b64decode('my_encrypted_string') dec = AES.new(key=key, mode=AES.MODE_CBC, IV=iv) value = dec.decrypt(encoded)
And it was as simple as that... Hope it'll help some of you!
Update:
As Perseids wrote in the comments of his answer, the IV has to be random and different for every message
这篇关于AES - 使用Crypto(node-js)进行加密/使用Pycrypto(python)进行解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!