drxpt06820 2016-04-28 08:52
浏览 327
已采纳

Go中的AES-CTR加密和CryptoJS中的解密

I have a problem decrypting text, which is encrypted in Go lang, with CryptoJS.

Here is Go code: https://play.golang.org/p/xCbl48T_iN

package main

import (
    "crypto/aes"
    "crypto/cipher"
    "encoding/base64"
    "fmt"
)

func main() {
    key := []byte("1234567890123456")
    plaintext := []byte("text can be a random lenght")

    block, err := aes.NewCipher(key)
    if err != nil {
        panic(err)
    }

    // The IV needs to be unique, but not secure. Therefore it's common to
    // include it at the beginning of the ciphertext.
    // BTW (only for test purpose) I don't include it

    ciphertext := make([]byte, len(plaintext))

    iv := []byte{'\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f','\x0f'}

    stream := cipher.NewCTR(block, iv)
    stream.XORKeyStream(ciphertext, plaintext) 

    // CTR mode is the same for both encryption and decryption, so we can
    // also decrypt that ciphertext with NewCTR.
        base := base64.StdEncoding.EncodeToString(ciphertext)
    fmt.Printf("encodedHEX: %x
", ciphertext)
    fmt.Printf("encodedBASE: %s
", base)

    plaintext2 := make([]byte, len(plaintext))
    stream = cipher.NewCTR(block, iv)
    stream.XORKeyStream(plaintext2, ciphertext)

    fmt.Printf("decoded: %s
", plaintext2)
}

Here is JS code: http://jsfiddle.net/Ltkxm64n/

var key = CryptoJS.enc.Hex.parse('31323334353637383930313233343536');
var iv = CryptoJS.enc.Hex.parse('0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f');
var encrypted = CryptoJS.AES.encrypt("text can be a random lenght", key, {
  mode: CryptoJS.mode.CTR,
  iv: iv
});

console.log(encrypted.ciphertext.toString());
console.log(encrypted.toString());

var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
  mode: CryptoJS.mode.CTR,
  iv: iv
});
console.log(decrypted.toString(CryptoJS.enc.Utf8)); 
// text can be a random lenght

Both works well encrypting and decrypting, but when I copy the base64 ciphertext from GO to JS (or viceversa), it doesn't work. I also noticed that first part of js output is the same of Go output, but in js output there are more bytes than in Go one.

My purpose is to encrypt some text in GO, then ship Base64 ciphertext to JS that can decrypt it.

Thank you

  • 写回答

2条回答 默认 最新

  • doulai2573 2016-04-28 11:53
    关注

    Ok, here is what you do to fix this:

    1. Add no-padding js to your sources list: http://crypto-js.googlecode.com/svn/tags/3.1/build/components/pad-nopadding.js

    2. When encrypting/decrypting specify parameter: padding: CryptoJS.pad.NoPadding

    CTR mode doesn't require padding plain text before encrypting.
    Keystream generated from multiple AES blocks is trimmed to match plain text length before XORing.
    Looks like CryptoJS generates keystream to xor it with plain text but doesn't trim it, because the length of ciphertext generated by CryptoJS without padding: CryptoJS.pad.NoPadding is always multiple of 16 bytes (exactly as AES block size).

    var key = CryptoJS.enc.Hex.parse('31323334353637383930313233343536');
    var iv = CryptoJS.enc.Hex.parse('0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f');
    var encrypted = CryptoJS.AES.encrypt("text can be a random lenght", key, {
      mode: CryptoJS.mode.CTR,
      iv: iv,
      padding: CryptoJS.pad.NoPadding
    });
    
    document.getElementById("id").innerHTML = encrypted.ciphertext.toString();
    document.getElementById("id2").innerHTML = encrypted.toString();
    
    var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
      mode: CryptoJS.mode.CTR,
      iv: iv,
      padding: CryptoJS.pad.NoPadding
    });
    document.getElementById("decrypt").innerHTML = decrypted.toString(CryptoJS.enc.Utf8); // text can be a random lenght
    <script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
    <script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/mode-ctr.js"></script>
    <script src="http://crypto-js.googlecode.com/svn/tags/3.1/build/components/pad-nopadding.js"></script>
    <p> Ciphertext in HEX: </p>
    <p id="id"> </p>
    <p> Ciphertext in BASE64: </p>
    <p id="id2"> </p>
    <p> PlainText: </p>
    <p id="decrypt"></p>

    </div>
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 安装opengauss数据库报错
  • ¥15 【急】在线问答CNC雕刻机的电子电路与编程
  • ¥60 在mc68335芯片上移植ucos ii 的成功工程文件
  • ¥15 笔记本外接显示器正常,但是笔记本屏幕黑屏
  • ¥15 Python pandas
  • ¥15 蓝牙硬件,可以用哪几种方法控制手机点击和滑动
  • ¥15 生物医学数据分析。基础课程就v经常唱课程舅成牛逼
  • ¥15 云环境云开发云函数对接微信商户中的分账功能
  • ¥15 空间转录组CRAD遇到问题
  • ¥20 materialstudio计算氢键脚本问题