基本上,如何在CBC / PKCS7中加密javascript,以便在php或.NET中解密?
我尝试过slowAES,但加密的输出文本似乎不正确。
我比较了slowAES和.NET加密,并给两个字节数组输入(key,iv和message),slowAES返回不同的字节数组输出。
我还将结果与.NET和php的mcrypt进行了比较,它们产生了相同的输出。
我已经尝试过此修复link text,但它没有用。
所以,假设是一个slowAES问题,是否有一个可行的替代方案,或者有人知道如何修复它吗?
哦,如果我只使用slowAES:x ,我可以加密和解密更新,举例:
javascript加密:
var bytesToEncrypt = cryptoHelpers.convertStringToByteArray("2|2010-11-23+10:04:53|0");
// [50, 124, 50, 48, 49, 48, 45, 49, 49, 45, 50, 51, 43, 49, 48, 58, 48, 52, 58, 53, 51, 124, 48]
var key = cryptoHelpers.base64.decode("de1310982b646af063e7314e8ddd4787");
//[117, 237, 119, 215, 79, 124, 217, 190, 184, 233, 167, 244, 235, 119, 187, 223, 94, 30, 241, 215, 93, 227, 191, 59]
var iv = cryptoHelpers.base64.decode("v/VCTAlV5+kexBFN16WY5A==");
//[191, 245, 66, 76, 9, 85, 231, 233, 30, 196, 17, 77, 215, 165, 152, 228]
var result = slowAES.encrypt(bytesToEncrypt,
slowAES.modeOfOperation.CBC,
key,
slowAES.aes.keySize.SIZE_128,
iv);
return result['cipher'];
//[114, 176, 211, 189, 47, 133, 36, 115, 173, 19, 122, 45, 30, 212, 189, 54, 149, 167, 92, 127, 198, 13, 121, 102, 70, 172, 119, 194, 249, 98, 107, 236]
.NET / Silverlight 加密:
class AES
{
AesManaged aes;
public AES(string base64key, string base64IV)
: this(Convert.FromBase64String(base64key),Convert.FromBase64String(base64IV))
{}
public AES(byte[] key, byte[] iv)
{
// CBC/128/PKCS7
aes = new AesManaged();
aes.Key = key;
aes.IV = iv;
}
public string Encrypt(string strInptData)
{
byte[] utfdata = UTF8Encoding.UTF8.GetBytes(strInptData);
PrintByteArray(utfdata);
// [50, 124, 50, 48, 49, 48, 45, 49, 49, 45, 50, 51, 43, 49, 48, 58, 48, 52, 58, 53, 51, 124, 48]
PrintByteArray(aes.Key);
// [117, 237, 119, 215, 79, 124, 217, 190, 184, 233, 167, 244, 235, 119, 187, 223, 94, 30, 241, 215, 93, 227, 191, 59]
PrintByteArray(aes.IV);
// [191, 245, 66, 76, 9, 85, 231, 233, 30, 196, 17, 77, 215, 165, 152, 228]
// Create a decrytor to perform the stream transform.
ICryptoTransform encryptor = aes.CreateEncryptor(aes.Key, aes.IV);
// Create the streams used for encryption.
MemoryStream msEncrypt = new MemoryStream();
CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write);
csEncrypt.Write(utfdata, 0, utfdata.Length);
csEncrypt.Flush();
csEncrypt.Close();
// Showing our encrypted content
byte[] encryptBytes = msEncrypt.ToArray();
PrintByteArray(encryptBytes);
// [89, 116, 38, 217, 71, 199, 73, 174, 55, 139, 158, 231, 22, 238, 252, 245, 147, 206, 176, 157, 1, 141, 88, 178, 160, 112, 135, 182, 13, 200, 53, 121]
return HttpUtility.UrlEncode(Convert.ToBase64String(encryptBytes));
}
}
string base64key = "de1310982b646af063e7314e8ddd4787";
string base64iv = "v/VCTAlV5+kexBFN16WY5A==";
aes = new AES(base64key, base64iv);
auth_token = aes.Encrypt("2|2010-11-23+10:04:53|0");
正如你所看到的,.NET和javascript产生不同的字节数组,所以甚至不是base64 / url-encode / decode的东西..
答案 0 :(得分:2)
您的密钥长度为24个字节(192位),但您声称它只有16个字节(128位)长:
var result = slowAES.encrypt(bytesToEncrypt,
slowAES.modeOfOperation.CBC,
key,
slowAES.aes.keySize.SIZE_128, // <- Here is your problem
iv);
将SIZE_128更改为SIZE_192,它应该有效。我编写了一个Java程序,它发出了JavaScript示例生成的相同输出。