Node.js中的AES 256 GCM加密解密

时间:2018-11-12 19:01:28

标签: encryption aes node.js

我正在nodejs中实现一组基本的加密/解密功能,并且在解密部分不断出现以下错误:
Error: Unsupported state or unable to authenticate data

到目前为止,这是我的代码:

import crypto from 'crypto'
import logger from './logger'

const ALGORITHM = 'aes-256-gcm'

export const encrypt = (keyBuffer, dataBuffer, aadBuffer) => {
  // iv stands for "initialization vector"
  const iv = Buffer.from(crypto.randomBytes(12), 'utf8')
  logger.debug('iv: ', iv)
  const encryptor = crypto.createCipheriv(ALGORITHM, keyBuffer, iv)
  logger.debug('encryptor: ', encryptor)
  logger.debug('dataBuffer: ', dataBuffer)
  return Buffer.concat([iv, encryptor.update(dataBuffer, 'utf8'), encryptor.final()])
}

export const decrypt = (keyBuffer, dataBuffer, aadBuffer) => {
  const iv = dataBuffer.slice(0, 96)

  const decryptor = crypto.createDecipheriv(ALGORITHM, keyBuffer, iv)
  return Buffer.concat([decryptor.update(dataBuffer.slice(96), 'utf8'), decryptor.final()])
}

我的错误发生在解密功能的最后一行。我将iv存储为dataBuffer的一部分。

谢谢!

2 个答案:

答案 0 :(得分:0)

我意识到我在发布的原始代码中犯了几个错误,其中一个是@TheGreatContini,其中一个是切片的大小,该切片的大小是按位而不是字节。不过,我最想念的还是authTag,它始终应包含在解密功能设置中。

这是我的工作代码,供有兴趣将来参考的任何人使用

import crypto from 'crypto'
import logger from './logger'

const ALGORITHM = 'aes-256-gcm'

export const encrypt = (keyBuffer, dataBuffer, aadBuffer) => {
  // iv stands for "initialization vector"
  const iv = crypto.randomBytes(12)
  const cipher = crypto.createCipheriv(ALGORITHM, keyBuffer, iv)
  const encryptedBuffer = Buffer.concat([cipher.update(dataBuffer), cipher.final()])
  const authTag = cipher.getAuthTag()
  let bufferLength = Buffer.alloc(1)
  bufferLength.writeUInt8(iv.length, 0)
  return Buffer.concat([bufferLength, iv, authTag, encryptedBuffer])
}

export const decrypt = (keyBuffer, dataBuffer, aadBuffer) => {
  const ivSize = dataBuffer.readUInt8(0)
  const iv = dataBuffer.slice(1, ivSize + 1)
  // The authTag is by default 16 bytes in AES-GCM
  const authTag = dataBuffer.slice(ivSize + 1, ivSize + 17)
  const decipher = crypto.createDecipheriv(ALGORITHM, keyBuffer, iv)
  decipher.setAuthTag(authTag)
  return Buffer.concat([decipher.update(dataBuffer.slice(ivSize + 17)), decipher.final()])
}

答案 1 :(得分:0)

为什么要重新发明轮子? kruptein处理大多数AES模式和密钥大小,并使用了authTagAADCCM模式下可用的GCMOCB功能。 / p> 

const kruptein = require('kruptein');

kruptein.init({secret: 'squirrel'});

let ciphertext = kruptein.set('Foo Bar!');
let plaintext = kruptein.get(ciphertext);
相关问题
最新问题