我想加密输入流并通过TCP将其发送到另一台服务器。到现在为止还挺好。一切顺利,直到连接关闭。几乎在任何情况下都不满足192位所需的块大小,并且脚本与wrong final block length崩溃,尽管我打开了自动填充。
在使用旧版界面时,似乎只有自动填充才有效。我在这里做错了吗?
var net = require("net")
, crypto = require("crypto");
var credentials = { algorithm: "aes192", password: "password" }
, decipher = crypto.createDecipher(credentials.algorithm, credentials.password)
, cipher = crypto.createCipher(credentials.algorithm, credentials.password);
decipher.setAutoPadding(true);
cipher.setAutoPadding(true);
net.createServer(function(socket) {
socket.pipe(socket);
}).listen(2000);
var socket = net.connect(2000);
socket.pipe(decipher).pipe(process.stdout);
process.stdin.pipe(cipher).pipe(socket);
socket.write("Too short.");
socket.end();
在我理想的Node.js世界中,当源流关闭时,(De-)密码流将自动填充最后一个块。我认为这是一个设计缺陷。
除了opening an issue之外,我该如何规避这种行为呢?我是否必须在Socket和(De-)Cipher Streams之间放置一个字节计数器?
答案 0 :(得分:1)
您已将管道设置为:
stdin | cipher | socket (loopback) | decipher | stdout
但是你通过直接写入套接字来绕过加密,使用它们:
socket (loopback) | decipher | stdout
尝试使用此代码:
var net = require("net")
, crypto = require("crypto");
var credentials = { algorithm: "aes192", password: "password" }
, decipher = crypto.createDecipher(credentials.algorithm, credentials.password)
, cipher = crypto.createCipher(credentials.algorithm, credentials.password);
decipher.setAutoPadding(false); //set to false to keep the padding
cipher.setAutoPadding(true);
//Loopback
server = net.createServer(function(socket) {
socket.pipe(socket);
})
server.listen(2000);
var socket = net.connect(2000);
//cipher to the loopback socket, to decipher and stdout
cipher.pipe(socket).pipe(decipher).pipe(process.stdout);
//write some data
cipher.write("Too short.");
//Clean exit
cipher.end();
server.unref();
出于演示的目的,我从Decryptor对象中删除了自动填充,以便您可以看到剩余的填充。在xxd中管道程序(在命令行,而不是在节点中)给我这个输出:
$ nodejs so.js | xxd
0000000: 546f 6f20 7368 6f72 742e 0606 0606 0606 Too short.......
0x06重复6次。