dongwo5589
2016-08-11 07:40
浏览 719

在JavaScript中使用CryptoJS和AES加密进行AES加密的不同输出

Here is my solution to PHP, Ruby & Swift.

I faced issues when using CryptoJS on my test.

my code is like this

var data = "Hello World";
var key = "57119C07F45756AF6E81E662BE2CCE62";
var iv = "GsCJsm/uyxG7rBTgBMrSiA==";

var encryptedData = CryptoJS.AES.encrypt(data, 
    CryptoJS.enc.Hex.parse(key), {
        mode: CryptoJS.mode.CBC,
        padding: CryptoJS.pad.Pkcs7,
        iv: CryptoJS.enc.Base64.parse(iv) 
    }
);

console.log("encryptedData: " + encryptedData);

// var crypttext = encryptedData.toString();
var crypttext = "k4wX2Q9GHU4eU8Tf9pDu+w==";

var decryptedData = CryptoJS.AES.decrypt({
    ciphertext: CryptoJS.enc.Base64.parse(crypttext) 
}, CryptoJS.enc.Hex.parse(key), {
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pad.Pkcs7,
    iv: CryptoJS.enc.Base64.parse(iv) 
});

console.log("decryptedData: " + decryptedData);

console.log result

encryptedData: 97SwKfGtNARERiSYyZxdAQ==

decryptedData:

图片转代码服务由CSDN问答提供 功能建议

这是我对PHP,Ruby& amp;的解决方案 Swift。

我在测试中使用CryptoJS时遇到了问题。

我的代码是这样的 \ n

  var data =“Hello World”; 
var key =“57119C07F45756AF6E81E662BE2CCE62”; 
var iv =“GsCJsm / uyxG7rBTgBMrSiA ==”; 
 
var encryptedData = CryptoJS.AES.encrypt(data,\  n CryptoJS.enc.Hex.parse(key),{
 mode:CryptoJS.mode.CBC,
 padding:CryptoJS.pad.Pkcs7,
 iv:CryptoJS.enc.Base64.parse(iv)
}  
); 
 
console.log(“encryptedData:”+ encryptedData); 
 
 // var crypttext = encryptedData.toString(); 
var crypttext =“k4wX2Q9GHU4eU8Tf9pDu + w =​​=”; 
 
var  decryptedData = CryptoJS.AES.decrypt({
 ciphertext:CryptoJS.enc.Base64.parse(crypttext)
},CryptoJS.enc.Hex.parse(key),{
 mode:CryptoJS.mode.CBC,\  n padding:CryptoJS.pad.Pkcs7,
 iv:CryptoJS.enc.Base64.parse(iv)
}); 
 
 nconsole.log(“decryptedData:”+ decryptedData); 
  <  /pre>

console.log结果

encryptedData:97SwKfGtNARERiSYyZxdAQ ==

decryptedData:

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • dougu3290 2016-08-11 18:16
    已采纳

    I've looked at your PHP code. You're using a 32 character key which is obviously Hex-encoded, but instead of decoding it to bytes, you're using the characters directly. Therefore the aes-256-cbc cipher is also wrong.

    If you don't want to change your misleading PHP code, you can simply make the same mistake in CryptoJS: CryptoJS.enc.Utf8.parse(key) instead of CryptoJS.enc.Hex.parse(key).


    Security considerations:

    The IV must be unpredictable (read: random). Don't use a static IV, because that makes the cipher deterministic and therefore not semantically secure. An attacker who observes ciphertexts can determine when the same message prefix was sent before. The IV is not secret, so you can send it along with the ciphertext. Usually, it is simply prepended to the ciphertext and sliced off before decryption.

    It is better to authenticate your ciphertexts so that attacks like a padding oracle attack are not possible. This can be done with authenticated modes like GCM or EAX, or with an encrypt-then-MAC scheme.

    点赞 评论

相关推荐 更多相似问题