Go中的AES-CTR加密和CryptoJS中的解密

I have a problem decrypting text, which is encrypted in Go lang, with CryptoJS.

Here is Go code: https://play.golang.org/p/xCbl48T_iN

package main

import (
    "crypto/aes"
    "crypto/cipher"
    "encoding/base64"
    "fmt"
)

func main() {
    key := []byte("1234567890123456")
    plaintext := []byte("text can be a random lenght")

    block, err := aes.NewCipher(key)
    if err != nil {
        panic(err)
    }

    // The IV needs to be unique, but not secure. Therefore it's common to
    // include it at the beginning of the ciphertext.
    // BTW (only for test purpose) I don't include it

    ciphertext := make([]byte, len(plaintext))

    iv := []byte{'\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f'}

    stream := cipher.NewCTR(block, iv)
    stream.XORKeyStream(ciphertext, plaintext) 

    // CTR mode is the same for both encryption and decryption, so we can
    // also decrypt that ciphertext with NewCTR.
        base := base64.StdEncoding.EncodeToString(ciphertext)
    fmt.Printf("encodedHEX: %x
", ciphertext)
    fmt.Printf("encodedBASE: %s
", base)

    plaintext2 := make([]byte, len(plaintext))
    stream = cipher.NewCTR(block, iv)
    stream.XORKeyStream(plaintext2, ciphertext)

    fmt.Printf("decoded: %s
", plaintext2)
}

Here is JS code: http://jsfiddle.net/Ltkxm64n/

var key = CryptoJS.enc.Hex.parse('31323334353637383930313233343536');
var iv = CryptoJS.enc.Hex.parse('0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f');
var encrypted = CryptoJS.AES.encrypt("text can be a random lenght", key, {
  mode: CryptoJS.mode.CTR,
  iv: iv
});

console.log(encrypted.ciphertext.toString());
console.log(encrypted.toString());

var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
  mode: CryptoJS.mode.CTR,
  iv: iv
});
console.log(decrypted.toString(CryptoJS.enc.Utf8)); 
// text can be a random lenght

Both works well encrypting and decrypting, but when I copy the base64 ciphertext from GO to JS (or viceversa), it doesn't work. I also noticed that first part of js output is the same of Go output, but in js output there are more bytes than in Go one.

My purpose is to encrypt some text in GO, then ship Base64 ciphertext to JS that can decrypt it.

Thank you

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

doulai2573 2016-04-28 11:53

关注

Ok, here is what you do to fix this:

Add no-padding js to your sources list: http://crypto-js.googlecode.com/svn/tags/3.1/build/components/pad-nopadding.js
When encrypting/decrypting specify parameter: padding: CryptoJS.pad.NoPadding

CTR mode doesn't require padding plain text before encrypting.
Keystream generated from multiple AES blocks is trimmed to match plain text length before XORing.
Looks like CryptoJS generates keystream to xor it with plain text but doesn't trim it, because the length of ciphertext generated by CryptoJS without padding: CryptoJS.pad.NoPadding is always multiple of 16 bytes (exactly as AES block size).

var key = CryptoJS.enc.Hex.parse('31323334353637383930313233343536');
var iv = CryptoJS.enc.Hex.parse('0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f');
var encrypted = CryptoJS.AES.encrypt("text can be a random lenght", key, {
  mode: CryptoJS.mode.CTR,
  iv: iv,
  padding: CryptoJS.pad.NoPadding
});

document.getElementById("id").innerHTML = encrypted.ciphertext.toString();
document.getElementById("id2").innerHTML = encrypted.toString();

var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
  mode: CryptoJS.mode.CTR,
  iv: iv,
  padding: CryptoJS.pad.NoPadding
});
document.getElementById("decrypt").innerHTML = decrypted.toString(CryptoJS.enc.Utf8); // text can be a random lenght

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/mode-ctr.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1/build/components/pad-nopadding.js"></script>
<p> Ciphertext in HEX: </p>
<p id="id"> </p>
<p> Ciphertext in BASE64: </p>
<p id="id2"> </p>
<p> PlainText: </p>
<p id="decrypt"></p>

</div>

本回答被题主选为最佳回答 , 对您是否有帮助呢?

查看更多回答(1条)

报告相同问题？

关注问题

Go中的AES-CTR加密和CryptoJS中的解密 javascript
2016-04-28 08:52

回答 2 已采纳 Ok, here is what you do to fix this: Add no-padding js to your sources list: http://crypto-js.go
AES-256-CBC加密在golang和node / php之间不匹配 node.js php
2018-06-08 13:42

回答 1 已采纳 Okay, I managed to get the go output to match your other outputs, but I'm not 100% clear on all of
AES-128-CTR加密在PHP（openssl_encrypt）和Node.js（加密）上给出不同的结果 node.js php
2018-09-18 12:37

回答 1 已采纳 While browsing the related section (after my post) I came across this one: C# and PHP have differe
128-AES-CTR_AES加密解密_
2021-09-29 12:03

NEA2加密算法实现，使用128-AES-CTR模式
有熟悉aes-256-gcm 加密解密算法的朋友吗 c# python
2021-07-20 10:21

回答 1 已采纳你是要加密的还是解密的Ｃ＃代码还是下面贴出来的实现就行了我看看
使用AES 256 CTR在Node JS中加密和在Golang中解密 node.js
2017-12-08 19:21

回答 1 已采纳 It is your NodeJS code that is incorrect. CTR mode requires an IV, calling crypto.createCipher is
aes-128-cbc和aes-128加密有什么区别吗？ php
2015-10-14 09:31

回答 4 已采纳 3 things: AES: Advanced Encryption Standard. This is the name of the encryption algorithm (symme
ffmpeg 4.4 cenc-aes-ctr 加解密 MP4 工程性质分析
2023-11-15 19:15

Dream_Dynasty的博客 ffmpeg 4.4 cenc-aes-ctr 加解密 MP4 工程性质分析
Python中的AES-GCM解密 python
2018-08-25 21:31

回答 1 已采纳 Worked like a charm for me. from Crypto.Cipher import AES import binascii key = binascii.unhexli
AES CBC：JavaScript / CryptoJS加密-> Golang解密 javascript
2019-03-22 21:30

回答 2 已采纳 I'm still not totally sure why previous attempts have failed. It could have been one of many the d
从PHP到Golang的aes-256-gcm解密 php
2018-10-01 22:45

回答 1 已采纳 Normally an encrypted message looks like IV+ciphertext+tag, not ciphertext+IV+tag. When one deviat
AES-CTR加密模式介绍 & 例题
2023-07-26 10:50

Emmaaaaaaaaaa的博客学到了AES-CTR加密模式，往后填充哪里确实需要我们记住如果初始值就是16字节，那Counter value1的值就是初始值，之后的Counter value便是每次在初始值后加1，也就没有所谓的后8字节为分组序号组这一说法，就像上面...
Go中的AES-GCM + Base64后无法解密
2017-11-19 21:10

回答 1 已采纳 Someone from the GopherSlack community came up with the solution: StdEncoding pads it's results w
crypto-js AES-CTR 实现密文前缀式局部解密细节踩坑点
2023-04-10 16:50

ATFWUS的博客项目有需求，长明文经过AES-CTR模式加密后，在解密的时候，密文不能直接得到，每次通过某些方法尝试后，只能得到一块密文（按顺序），所以只能一块一块的拼接解密。在使用crypto-js这个库的时候，发送不能直接实现...
ffmpeg 4.4版本对MP4文件进行AES-CTR加密，和流式加密
2023-08-08 18:10

Dream_Dynasty的博客 ffmpeg 4.4版本对MP4文件进行AES-CTR加密，和流式加密
没有解决我的问题, 去提问

悬赏问题

¥20 求数据集和代码#有偿答复
¥15 关于下拉菜单选项关联的问题
¥20 java-OJ-健康体检
¥15 rs485的上拉下拉，不会对a-b<-200mv有影响吗，就是接受时，对判断逻辑0有影响吗
¥15 使用phpstudy在云服务器上搭建个人网站
¥15 应该如何判断含间隙的曲柄摇杆机构，轴与轴承是否发生了碰撞？
¥15 vue3+express部署到nginx
¥20 搭建pt1000三线制高精度测温电路
¥15 使用Jdk8自带的算法，和Jdk11自带的加密结果会一样吗，不一样的话有什么解决方案，Jdk不能升级的情况
¥15 画两个图 python或R

码龄粉丝数原力等级 --

Go中的AES-CTR加密和CryptoJS中的解密

2条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

Go中的AES-CTR加密和CryptoJS中的解密

2条回答 默认 最新

悬赏问题

2条回答默认最新