如何检查解密是否正确？ [英] How to check if the decryption is correct?

问题描述

我正在聊天室，为多个用户加密消息，每个用户可能具有不同的加密和密钥/密码。因此，用户的密钥不会与所有消息一起使用;返回错误。

  var message =secret message; 
 var encrypted = CryptoJS.AES.encrypt（message，Secret Passphrase）; 
 try {
 var decryptpted = CryptoJS.AES.decrypt（encrypted，Secret Passphrase123）。toString（CryptoJS.enc.Utf8）; 
 if（decryptpted.length> 0）{
 alert（解密）; 
} else {
 alert（false）; 
} 
} catch（e）{
 alert（false）; 
} 
  

我正在捕捉错误，但有时解密返回，混乱字母和符号。目前我正在做的这样做并不有效。有没有更好的方法？

解决方案

需要验证加密，请参阅

I'm working on chat room that encrypt messages for more than one users and each user might have different encryption and key/password. The user's key won't work with all the message, therefore; return errors.

var message ="secret message";
var encrypted = CryptoJS.AES.encrypt(message, "Secret Passphrase");
try {
    var decrypted = CryptoJS.AES.decrypt(encrypted, "Secret Passphrase123").toString(CryptoJS.enc.Utf8);
    if (decrypted.length > 0) {
        alert(decrypted);
    } else {
        alert("false");
    }
} catch(e) {
    alert("false");
}

I'm currently catching the error, but sometimes the decryption returns with jumbled up letters and symbols. The current way I'm doing this is not efficient. Is there a better way?

解决方案

What is needed it authenticated encryption, see Wikipedia.

Essentially HMAC the encrypted data with the encryption key and append the result to the encrypted data.

Prior to decryption HMAC the encrypted data with the decryption key and compare to the appended HMAC value. (Use a constant time comparison function.)

这篇关于如何检查解密是否正确？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！