dongsu1951 2014-08-26 19:16 采纳率: 0%
浏览 177

Golang AES CFB-变异IV

I've writing a client-side app in Go that needs to interact with a C program on the server-side. The client does an AES CFB encrypt and the server decrypts. Unfortunately the server-side has a bug with reusing an initialization vector. It tries to do 3 decrypt operations based on:-
key1, iv
key2, iv
key3, iv

Due to this issue the iv is actually modified between decrypt operations. My problem now is how to reproduce this behaviour on the client side using Go.

By inserting a Println into the encrypt function below, I can see the cfb struct which, I think, contains the modified IV for the next block but because it's a stream interface, I'm not sure how to extract it into a byte slice. Any suggestions?


package main

import (

func encrypt_aes_cfb(plain, key, iv []byte) (encrypted []byte) {
  block, err := aes.NewCipher(key)
  if err != nil {
  encrypted = make([]byte, len(plain))
  stream := cipher.NewCFBEncrypter(block, iv)
  stream.XORKeyStream(encrypted, plain)

func main() {
  plain := []byte("Hello world...16Hello world...32")
  key := make([]byte, 32)
  iv := make([]byte, 16)
  enc := encrypt_aes_cfb(plain, key, iv)
  fmt.Println("Key: ", hex.EncodeToString(key))
  fmt.Println("IV:  ", hex.EncodeToString(iv))
  fmt.Println("Enc: ", hex.EncodeToString(enc))
  • 写回答

1条回答 默认 最新

  • dongzhang3482 2014-08-26 20:12

    Going down the path you're hinting at is a bit ugly, and prone to break when the implementation changes.

    You can get the IV from the stream by:

    s := reflect.Indirect(reflect.ValueOf(stream))
    lastIV := s.FieldByName("next").Bytes()

    But, there's an easier way! Concatenate the plain text inputs, so that the stream for the second starts with the IV from the end of the first (and so on).

    <kbd>Playground Example</kbd>

    combined := append(plain, plain2...)
    encCombined := encrypt_aes_cfb(combined, key, iv)
    enc := encCombined[:len(plain)]
    enc2 := encCombined[len(plain):]
    本回答被题主选为最佳回答 , 对您是否有帮助呢?



    • ¥15 matlab+波形匹配算法
    • ¥15 转录组分析做聚类树图时癌旁组被分到了癌组
    • ¥15 大一Python字典
    • ¥15 multisim电路设计(相关搜索:设计报告)
    • ¥15 PC-lint Plus
    • ¥15 gpl24676注释
    • ¥15 php5.3内存泄露
    • ¥15 DigSilent如何复制复合模型到自己案例?
    • ¥15 求日版华为b610s-77a 官方公版固件,有偿
    • ¥15 关于#java#的问题,请各位专家解答!(相关搜索:java程序)