用 C 加密的数据的 JavaScript AES 256 解密问题
[英]Problem with JavaScript AES 256 decryption of data that is encrypted in C
问题描述
When I do AES-256 CTR encryption in C using tiny-AES-c library ( https://github.com/kokke/tiny-AES-c ) I unable to decrypt it properly in JavaScript.
当我使用tiny-AES-c库 ( https://github.com/kokke/tiny-AES-c ) 在C 中进行AES-256 CTR加密时,我无法在 JavaScript 中正确解密它。 For JavaScript decryption I'm using library https://github.com/ricmoo/aes-js对于 JavaScript 解密,我正在使用库https://github.com/ricmoo/aes-js
After encryption I do base 64 encode and before decryption base 64 decode and that part works fine.加密后我进行 base 64 编码,解密前进行 base 64 解码,这部分工作正常。
In fields below you can see my C and JavaScript code:在下面的字段中,您可以看到我的 C 和 JavaScript 代码:
C code代码
// AES start
struct AES_ctx ctx;
uint8_t enc_buf[32];
uint8_t iv[16] =
{0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff};
uint8_t key[32] =
{0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4};
uint8_t test_str[32] = { 0, };
uint8_t test_str_size = 32;
AES_init_ctx_iv(&ctx, key, iv);
for (unsigned int i = 0; i < test_str_size; i++) {
test_str[i] = 'A';
}
for (unsigned int i = 0; i < test_str_size / 32; i++) {
memcpy(enc_buf, test_str + i * 32, 32);
AES_CTR_xcrypt_buffer(&ctx, enc_buf, 32);
}
// AES end
JavaScript JavaScript
var key = [96,61,235,16,21,202,113,190,43,115,174,240,133,125,119,129,31,53,44,7,59,97,8,215,45,152,16,163,9,20,223,244];
var encryptedBytes = aesjs.utils.hex.toBytes(ascii_to_hexa(parsedStr));
var aesCtr = new aesjs.ModeOfOperation.ctr(key, new aesjs.Counter(240));
var decrypted = aesCtr.decrypt(encryptedBytes);
console.log('%c AES decrypted: ', 'color: blue', decrypted.toString());
I'm unable to decrypt original data.我无法解密原始数据。
Does anyone can help me with this problem?有没有人可以帮我解决这个问题? Is there any libraries that is known to be compatible between C and JavaScript?是否有已知的在 C 和 JavaScript 之间兼容的库?
Thank you in advance.先感谢您。
1 个解决方案
解决方案1
0 已采纳 2020-01-26 21:04:58
You need to pass entire IV as initial counter value:您需要将整个 IV 作为初始计数器值传递:
var key = [0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4];
var iv = [0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff];
var parsedStr = '4a9e3cb0185657721fdbca54892184431b2f28dc122058471572c77dce243ad5';
var encryptedBytes = aesjs.utils.hex.toBytes(parsedStr);
var aesCtr = new aesjs.ModeOfOperation.ctr(key, iv);
var decrypted = aesCtr.decrypt(encryptedBytes);
console.log('%c AES decrypted: ', 'color: blue', decrypted.toString());
Output:输出:
[Log] AES decrypted: – "65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65,65" (_display, line 40)
Note that it would automatically create aesjs.Counter from the given value if you don't pass an object of aesjs.Counter type.请注意,如果您不传递aesjs.Counter类型的对象, aesjs.Counter根据给定值自动创建aesjs.Counter 。 It is equivalent to passing new aesjs.Counter(iv) .相当于传递了new aesjs.Counter(iv) 。
Also note you shouldn't reuse IV for CTR mode.另请注意,您不应将 IV 重用于 CTR 模式。 It is supposed to be a random nonce for each packet, so no known plaintext attack is possible.它应该是每个数据包的随机数,因此不可能进行已知的明文攻击。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.