加密iOS和解密Node.js AES [英] Encrypt iOS and Decrypt Node.js AES
问题描述
我已经搜索高和低的解决方案,并在Node.js服务器和Objective-C客户端进行加密,并使用AES(或其他如果适用)反之亦然。
我比较新的加密技术,并且了解为什么我的加密文本在每种语言中是不同的,这是我所不知道的。
这是我到目前为止: p>
Node.js加密方法 使用此CryptoJS库 - node-cryptojs-aes
var node_cryptojs = require(node-cryptojs- AES);
var CryptoJS = node_cryptojs.CryptoJS;
var textToEncrypt ='Hello';
var key_clear ='a16byteslongkey!';
//加密+解密
var encrypted = CryptoJS.AES.encrypt(clearText,key_clear,{iv:null});
var decryptpted = CryptoJS.AES.decrypt(encrypted,key_clear,{iv:null});
//输出
console.log(encrypted:+ encrypted); // encrypted:U2FsdGVkX1 / ILXOjqIw2Vvz6DzRh1LMHgEQhDm3OunY =
console.log(decryptpted:+ decryptpted.toString(CryptoJS.enc.Utf8)); //解密:Hello
Objective-C加密方法 使用AESCrypt库
NSString * textToEncrypt = @Hello;
// encrypt
NSString * encryptedText = [AESCrypt encrypt:textToEncrypt password:@a16byteslongkey!];
// decrypt
NSString * decryptptedText = [AESCrypt decrypt:encryptedText password:@a16byteslongkey!];
//输出
NSLog(@要加密的文本:%@,textToEncrypt); //要加密的文本:Hello
NSLog(@加密文本:%@,encryptedText); //加密文本:wY80MJyxRRJdE + eKw6kaIA ==
NSLog(@解密文本:%@,decryptptedText); //解密的文本:Hello
我一直在追刮我的头,尝试了我能想到的一切的。如果需要,可以从库中显示底层加密方法。 SHAR256哈希应用于AESCrypt库中的密钥,但我已经删除了这一点,并认为有一些匹配字符串编码的匹配。
-
您确定在两个库中都使用相同的密钥吗?你说你在AESCrypt中拿出了SHA-256部分,现在这个库是怎么使用password参数的? AES算法只能使用长度为16,24或32字节的密钥。您的密码是16字节长,但是在加密功能中是否将相应的参数更改为128(而不是256)?
你知道CryptoJS如何使用密钥参数?你确定它被直接使用,还是可以在传递给基础的原始AES加密功能之前进行一些处理(例如哈希)? -
什么加密模式是CryptoJS库使用?它的文档没有说。鉴于它要求一个IV,它可能是CBC,但你必须看看源头肯定知道。
AESCrypt的文档声称使用CBC模式,但是不要在任何地方给它。这意味着它会在某个地方生成它,或者总是使用固定的。 (哪一半打败CBC模式的目的,但这是另一个故事)。所以你需要弄明白IV是什么。
TL; DR:除非你确定密钥和密钥长度,相同的模式和相同的IV在两个库中都使用,那么您将具有不同的密文。
I have searched high and low for a solution which and encrypt on Node.js server and Objective-C client, and vise versa using AES (or other if appropriate)
I am relatively new to cryptography, and understanding why my encrypted text is different in each language is beyond my knowledge.
This is what I have so far:
Node.js crypto methods Using this CryptoJS Library - node-cryptojs-aes
var node_cryptojs = require("node-cryptojs-aes");
var CryptoJS = node_cryptojs.CryptoJS;
var textToEncrypt = 'Hello';
var key_clear = 'a16byteslongkey!';
//encrypted + decrypted
var encrypted = CryptoJS.AES.encrypt(clearText, key_clear, { iv: null });
var decrypted = CryptoJS.AES.decrypt(encrypted, key_clear, { iv: null });
//Outputs
console.log("encrypted: " + encrypted); //encrypted: U2FsdGVkX1/ILXOjqIw2Vvz6DzRh1LMHgEQhDm3OunY=
console.log("decrypted: " + decrypted.toString(CryptoJS.enc.Utf8)); // decrypted: Hello
Objective-C crypto methods Using AESCrypt library
NSString* textToEncrypt = @"Hello";
// encrypt
NSString* encryptedText = [AESCrypt encrypt:textToEncrypt password:@"a16byteslongkey!"];
// decrypt
NSString* decryptedText = [AESCrypt decrypt:encryptedText password:@"a16byteslongkey!"];
// output
NSLog(@"Text to encrypt: %@", textToEncrypt); // Text to encrypt: Hello
NSLog(@"Encrypted text: %@", encryptedText); // Encrypted text: wY80MJyxRRJdE+eKw6kaIA==
NSLog(@"Decrypted text: %@", decryptedText); // Decrypted text: Hello
I've been scratching my head for ages and tried everything I can think of. Can show underlying crypto methods from the libraries if required. There is SHAR256 hash applied to the key in AESCrypt library but I have removed this, and think there is some missmatch with the string encoding.
Are you sure the same key is being used in both libraries? You say you took out the SHA-256 part in AESCrypt, how is the library using the password parameter now? The AES algorithm can only use keys of 16, 24, or 32 bytes in length. Your password is 16 bytes long, but did you change the corresponding parameter to 128 (instead of 256) in the encrypt function? Do you know how CryptoJS is using the key parameter? Are you sure it's being used directly, or might there be some processing (for example, hashing) before it's passed to the underlying primitive AES encryption function?
What mode of encryption is the CryptoJS library using? Its documentation doesn't say. Given that it asks for an IV, it's probably CBC, but you would have to look at the source to know for sure. AESCrypt's documentation claims to use CBC mode, but you don't give it an IV anywhere. That must mean that it generates it own somewhere, or always uses a fixed one. (Which half defeats the purpose of CBC mode, but that's another story). So you need to figure out what the IV actually is.
TL;DR: unless you make sure that the same key and key length, the same mode, and the same IV are used across both libraries, then you will have different cipher text.
这篇关于加密iOS和解密Node.js AES的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
