1

我正在尝试使用 node.js 解密一个字符串,该字符串以前由第三方软件在 CBC 模式下使用 PHP RIJNDAEL_128 加密。

这是以下 PHP 代码的交互式链接,在沙箱中,您可以自己编译和查看。http://sandbox.onlinephpfunctions.com/code/504a7d052c5b123fac8103a073c05c2ff5f80571

PHP 源代码:

<?php
class CryptClass{

    private $key;

    public function __construct($key){
        $this->key = $key;
    }

    public function cryptage($message){

        $key = base64_decode($this->key);
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

        $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $message, MCRYPT_MODE_CBC, $iv);
        $ciphertext = $iv . $ciphertext;

        return base64_encode($ciphertext);
    }

    public function  decryptage($message){
        $key = base64_decode($this->key);
        $iv_size2 = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
        $ciphertext_dec = base64_decode($message);
        $iv_dec = substr($ciphertext_dec, 0, $iv_size2);
        $ciphertext_dec = substr($ciphertext_dec, $iv_size2);

        $message_decrypt = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key,$ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);

        return str_replace("\0", "", $message_decrypt);
    }
}

// Secret key and data
define('KEY', 'azertyuiolskzif');
define('DATA', 'user@email.com|1477576941|origin.com');

// Crypt
$Crypt = new CryptClass(base64_encode(KEY));
$encodedData = base64_encode($Crypt->cryptage(DATA));

// Decrypt
$decodedData = $Crypt->decryptage(base64_decode($encodedData));

echo 'base64_encode: '.base64_encode(KEY);
echo "\nDATA: ".DATA;
echo "\nDATA length: ".strlen(DATA);
echo "\n\nencodedData: ".$encodedData;
echo "\n\ndata: ".$decodedData;
echo "\n\ndata length: ".strlen($decodedData);
echo "\n\ncrypt/decrypt match?: ".(DATA == $decodedData ? 'yes':'no');

这是我在 node.js 中的实现:不工作,请参阅下面的工作解决方案

var crypto = require('crypto');

var textToEncrypt = 'user@email.com|1477576941|origin.com';
var encryptionMethod = 'AES-128-CBC';
var secret = "azertyuiolskzif";
var iv = 'aaaabbbbccccdddd';


var encrypt = function (plain_text, encryptionMethod, secret, iv) {
    var encryptor = crypto.createCipheriv(encryptionMethod, secret, iv);
    return encryptor.update(plain_text, 'utf8', 'base64') + encryptor.final('base64');
};

var decrypt = function (encryptedMessage, encryptionMethod, secret, iv) {
    var decryptor = crypto.createDecipheriv(encryptionMethod, secret, iv);
    return decryptor.update(encryptedMessage, 'base64', 'utf8') + decryptor.final('utf8');
};

var encryptedMessage = encrypt(textToEncrypt, encryptionMethod, secret, iv);
var decryptedMessage = decrypt(encryptedMessage, encryptionMethod, secret, iv);

console.log(decrypt());
console.log(encryptedMessage);
console.log(decryptedMessage);

Invalid key length我已经尝试了很多事情,但我在其他错误消息之间迷路了。我不太明白的一件事是,KEY显然用于加密数据的长度azertyuiolskzif为 15 个字符,而大多数脚本使用所需的 32 个字符的字符串……也许 PHP 不需要 32 个字符的字符串,但 Node 需要?

或者可能与128和256之间的差异有关。还是由于PHp和Node实现之间的填充差异?

我尝试遵循Encrypt string in PHP and decrypt in Node.js 中给出的建议,但即便如此,我还没有成功加密节点中的数据。

编辑:

经过更多的挖掘(并感谢答案中的解释),我终于在 Node.js 中进行了 crypt/decrypt 工作。但是我还没有成功解密 PHP 加密的东西。

var crypto = require('crypto');

var AES = {};

AES.encrypt = function(dataToEncrypt, encryptionMethod, secret, iv, padding) {
    var encipher = crypto.createCipheriv(encryptionMethod, secret, iv);
    encipher.setAutoPadding(padding || 0); // "true" or "128" would work with aes-128-cbc
    var encryptedData = encipher.update(dataToEncrypt, 'utf8', 'base64');

    encryptedData += encipher.final('base64');
    return encryptedData;
};

AES.decrypt = function(encryptedData, encryptionMethod, secret, iv, padding) {
    var decipher = crypto.createDecipheriv(encryptionMethod, secret, iv);
    decipher.setAutoPadding(padding || 0); // "true" or "128" would work with aes-128-cbc
    var decoded = decipher.update(encryptedData, 'base64', 'utf8');

    decoded += decipher.final('utf8');
    return decoded;
};

// ----

var textToEncrypt = 'user@email.com|1477576941|origin.com';
var secret = "aaaabbbbccccdddd"; // Must be 16 chars
var iv = crypto.randomBytes(16); // Must be 16 chars
var encryptionMethod = 'AES-128-CBC';

// Testing crypt/decrypt using Node.js algorithm.
var encryptedMessage = AES.encrypt(textToEncrypt, encryptionMethod, secret, iv, 128);
var decryptedMessage = AES.decrypt(encryptedMessage, encryptionMethod, secret, iv, 128);

console.log('encryptedMessage', encryptedMessage); // Displays "GWpMWORNKkqlrHJDPuNgSmTKr1vJhaAApHP+ssK3SH5EALTkdWneUZRp9PXNpVQ2"
console.log('decryptedMessage', decryptedMessage); // Displays "user@email.com|1477576941|origin.com"


// Testing decrypt from a string generated by PHP algorithm.
// XXX Doesn't work "Error: error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length"
// XXX Probably due to wrong padding between PHP/Node implementation?
var stringToDecode = 'RlM3Wkl3N3JRM0dnaEh4SkdoZWFDRy9mZGRoTnkxNlZUL2IvcHl4TkdzUUlRSXQwSWNwWUZ5OFpaRENZQys3S2t0bFZIUWoweUVsZGxUU21sYU9tS0E9PQ==';
console.log('stringToDecode', stringToDecode);
console.log(AES.decrypt(
    stringToDecode,
    encryptionMethod, secret, iv, 128
));
4

1 回答 1

1

AES 密钥必须恰好是 128、192 或 256 位之一。一些实现会以某种方式填充键,但这不应该被依赖。使密钥大小正确。

于 2016-10-27T16:44:49.450 回答