1

所以,我有一个需要用 private key 和 padding 解密的内容AES/ECB/PKCS5Padding

我尝试了许多库和许多示例,但它们都不起作用。现在,这是我设法完成最后一步的地方,但我不确定是否有另一个库可以为我做这件事。

var absolutePath = path.resolve('./private.txt');
    var privateKey = fs.readFileSync(absolutePath, "utf8");
    var buffer = new Buffer(toDecrypt, "base64");
    var decrypted = crypto.privateDecrypt(privateKey, buffer);
    return decrypted.toString("utf8");

这给我带来了错误:

0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag

第二个示例与第一个示例略有不同,但使用了填充(这就是我需要的,我只是想尝试不使用它以查看它是否有效):

var stringKey = 'BEGIN RSA PRIVATE KEY-----....';
    var cipherText = 'ENCRYPTEDTEXT';

    // we compute the sha256 of the key
    var hash = crypto.createHash("sha256");
    hash.update(stringKey, "utf8");
    var sha256key = hash.digest();
    var keyBuffer = new Buffer(sha256key);

    var cipherBuffer = new Buffer(cipherText, 'hex');
    var aesDec = crypto.createDecipheriv("aes-256-ecb", keyBuffer, ''); // always use createDecipheriv when the key is passed as raw bytes
    var output = aesDec.update(cipherBuffer, 'binary', 'binary');
    var final = aesDec.final();
    return output + final;

它在线崩溃var final = aesDec.final()并引发错误:

digital envelope routines:EVP_DecryptFinal_ex:wrong final block length

有没有人有关于如何做到这一点的知识或经验?

4

1 回答 1

3

我们有类似的问题。

我们从 api 收到加密的 base 64 字符串,需要解密 aes 密钥,然后,使用解密的 aes 密钥,我们需要解密有效载荷。

我们所做的:

  1. var bytes = new Buffer(input, 'base64');这是来自服务器的加密数据

var aes = bytes.slice(offset, offset + AES_SIZE);切片字节数组得到aes

`var aesString = aes.toString('binary');` convert it to binary string
  1. 使用伪造库:

var forge = require('node-forge');

var pki = require('node-forge').pki;




 // Grab private key from file
                                    var absolutePath = path.resolve('../private-key.txt');
                                    var privateKey = fs.readFileSync(absolutePath, "utf8");

     // Generate private key object
                                    var private_key = pki.privateKeyFromPem(privateKey);
                                    var result;
    
                                    // Decrypt aes key with private key
                                    try {
                                        result = private_key.decrypt(api.apiSecret, 'RSA-OAEP', {
                                            md: forge.md.sha1.create(),
                                            mgf1: {
                                                md: forge.md.sha1.create()
                                            }
                                        });
                                    } catch (err) {
                                        console.error(err.message);
                                        return;
                                    }
    
    
// Build byte array from aes key
                                var base = new Buffer(result, 'binary');

                                // Generate initialization vector
                                var iv = forge.random.getBytesSync(api.content.length);

                                // Create decipher object with AES/ECB/PKCS5 padding
                                var decipher = forge.cipher.createDecipher('AES-ECB', forge.util.createBuffer(base));
                                decipher.start({ iv: iv });
                                // Add content for decrypting
                                decipher.update(forge.util.createBuffer(api.content));
                                var result = decipher.finish();
                                // Get json data from decipher object
                                var data = decipher.output.data;
于 2017-11-21T14:11:12.347 回答