我正试图让as3crypto在AES-128模式下与Gibberish或EzCrypto玩得很好。 无论我使用什么样的设置组合,我根本无法让一个人解密另一个,并且通常在ruby中获得“不良解密”消息。每个包含的环境都可以解密它自己加密的数据,但似乎无法解密另一个。 有没有人能让这两个人一起工作?
这是我尝试过的变种之一:
在Actionscript方面,使用as3crypto:
//define the encryption key
var key:ByteArray = Hex.toArray("password");
//put plaintext into a bytearray
var plainText:ByteArray = Hex.toArray(Hex.fromString("this is a secret!"));
//set the encryption key
var aes:AESKey = new AESKey(key);
//encrypt the text
aes.encrypt( plainText );
trace(Base64.encode(Hex.fromArray(plainText)));
//encrypted value is N2QwZmI0YWQ4NzhmNDNhYjYzM2QxMTAwNGYzNDI1ZGUyMQ==
在红宝石方面,使用胡言乱语:
// also tried the default size (256)
cipher = Gibberish::AES.new("password",128)
// raises the following exception: OpenSSL::Cipher::CipherError: wrong final block length
cipher.dec("N2QwZmI0YWQ4NzhmNDNhYjYzM2QxMTAwNGYzNDI1ZGUyMQ==")
我尝试了各种不同的方法,都产生了上述异常或“加密不良”
答案 0 :(得分:0)
终于把它弄清楚了。事情是Gibberish和EzCrypto似乎没有提供指定IV的方法,这在使用aes-cbc时是必需的。诀窍是从加密数据的前16个字节中提取iv as3crypto产生。
这是as3代码,也改变了一点:
// there are other ways to create the key, but this works well
var key:ByteArray = new ByteArray();
key.writeUTFBytes(MD5.encrypt("password"));
// encrypt the data. simple-aes-cbc is equiv. to aes-256-cbc in openssl/ruby, if your key is
// long enough (an MD5 is 32 bytes long)
var data:ByteArray = Hex.toArray(Hex.fromString("secret"));
var mode:ICipher= Crypto.getCipher("simple-aes-cbc", key) ;
mode.encrypt(data);
// the value here is base64, 32 bytes long. the first 16 bytes are the IV, needed to decrypt
// the data in ruby
// e.g: sEFOIF57LVGC+HMEI9EMTpcJdcu4J3qJm0PDdHE/OSY=
trace(Base64.encodeByteArray(data));
ruby部分使用名为encryptor的宝石来提供iv。 你也可以直接使用OpenSSL,它很直接:
key = Digest::MD5.hexdigest("password")
// decode the base64 encoded data back to binary:
encrypted_data = Base64.decode64("sEFOIF57LVGC+HMEI9EMTpcJdcu4J3qJm0PDdHE/OSY=")
// the tricky part: extract the IV from the decoded data
iv = encrypted_data.slice!(0,16)
// decrypt!
Encryptor.decrypt(encrypted_data,:key=>key,:iv=>iv)
// should output "secret"