CryptoJS中加密解密中的Javascript加密

Question

我正在嘗試加密服務器端（加密節點）和解密客戶端（CryptoJS）。 我可以使用cryptoJS創建密鑰，並且可以在使用相同的單個庫時進行加密和解密，但問題是我無法使用Crypto進行加密，而是使用CryptoJS進行解密，這是真實的場景。 沒有錯誤，只有空響應。

任何幫助非常感謝請！

iv = crypto.randomBytes(16),
orig = 'A confidential message.';
//Crypto JS creates key
var password = "sixteen byte key";
var salt = CryptoJS.lib.WordArray.random(128/8);
var key = CryptoJS.PBKDF2(password, salt, { keySize: 128 / 32, iterations: 1000 });
console.log("step1 generated key: "+ key);

//Convert key for crypto use - as a Buffer
var hashHex = key.toString(CryptoJS.enc.Hex);
var hash = new Buffer(hashHex,'hex');

//Test encryption and decryption with crypto (Node)
//use CryptoJS key to encrypt data using crypto cipheriv
var cipher2 = crypto.createCipheriv('aes-128-cbc', hash, iv); //iv must be a buffer
var encrypted1 = cipher2.update(orig, 'utf8', 'hex');
var encrypted2 = encrypted1 += cipher2.final('hex');
console.log("Crypto string:", encrypted2.toString());

// Start decrypt
var decipher = crypto.createDecipheriv('aes-128-cbc', hash, iv);
var dec = decipher.update(encrypted2, 'hex', 'utf8')
dec += decipher.final('utf8');
console.log("Crypto decrypted msg:", dec);

//test with crypto JS (ie the client)
//CryptoJS key is a string
var encryptedCJS = CryptoJS.AES.encrypt(orig, key.toString(), { iv: iv, mode: CryptoJS.mode.CBC});
console.log("CryptoJS encrypted: "+encryptedCJS);

var decryptedCryptoJS = CryptoJS.AES.decrypt(encryptedCJS, key.toString(), { mode: CryptoJS.mode.CBC, iv: iv });
console.log("CryptoJS decrypted msg: "+decryptedCryptoJS.toString(CryptoJS.enc.Utf8));

//This part does not work - use message encrypted by crypto but cannot decrypt with CryptoJS. decryptedCryptoJSFinal is empty
var decryptedCryptoJSFinal = CryptoJS.AES.decrypt(encrypted2, key.toString(), {iv: iv, mode: CryptoJS.mode.CBC});
console.log("FINAL CryptoJS decrypted: "+decryptedCryptoJSFinal.toString(CryptoJS.enc.Utf8));

我認為加密加密的輸出必須是輸出CryptoJS加密的不同格式，但我找不到問題。 總的來說，我打算通過CryptoJS將加密數據作為JSON發送到客戶端進行解密。

Answer 1

我認為你的問題出現在客戶端，如果你把'key'和'iv'作為字符串傳遞給'CryptoJS.AES.encrypt'，那么CryptoJS會把你的'key'和隨機的'salt'產生一個不同的秘密密碼的關鍵。 您可以驗證它是否使用相同的密鑰從同一clearText生成不同的cipherTexts，iv，它們將始終不同，因為每次運行該函數時，CryptoJS內部都會生成不同的密鑰。

為了避免這種情況，你需要傳遞'key'和'iv'編碼（'hex'或'base64'，具體取決於你使用的代碼），然后CryptoJS解釋它不必生成一個密鑰並帶你的密鑰的“關鍵”。

檢查此示例：

//BACKEND with node crypto aes-256-cbc->  generate key and ciphertext
/////////////////////////////////////////////////////////////////////
var crypto = require('crypto');
var algorithm = 'aes-256-cbc';
var inputEncoding = 'utf8';
var outputEncoding = 'base64';
var pt = 'HELLO';

//generate key and iv
var masterKey = "253D3FB468A0E24677C28A624BE0F939";
var salt  = "0000000000000000";
var keySize = 256/8;
var ivSize = 128/8;
var iterations = 100;
var outputKey = crypto.pbkdf2Sync(masterKey, salt, iterations, keySize+ivSize, "sha1");

// obtain key and IV  splitting outputKey
var buffer = new Buffer(outputKey, inputEncoding);
var secretKey = buffer.slice(0, keySize);
var iv = buffer.slice(keySize, (keySize+ivSize)); 

console.log('secretKey->',secretKey.toString('base64'));
console.log('iv->',iv.toString('base64'));       

//encrypt
var encrypt = crypto.createCipheriv(algorithm, secretKey, iv);
var encrypted = encrypt.update(pt, inputEncoding, outputEncoding);
encrypted += encrypt.final(outputEncoding);
console.log('Ciphering "%s"', pt);
//We obtain a 
console.log('CipherText base64' string "%s ', encrypted.toString());



//FRONTEND with node CryptoJS aes-256-cbc->  generate same key and obtain cleartext
////////////////////////////////////////////////////////////////////
var masterKey = "253D3FB468A0E24677C28A624BE0F939";
var salt ="0000000000000000";
var iterations = 100; 
var keySize = 256;
var ivSize = 128;
var outputKey = CryptoJS.PBKDF2(masterKey, salt, {
  keySize: (keySize+ivSize)/32,
  iterations: iterations
});
// the underlying words arrays might have more content than was asked: remove insignificant words
outputKey.clamp();

// split key and IV
var secretKey = CryptoJS.lib.WordArray.create(outputKey.words.slice(0, 
keySize/32));
var iv = CryptoJS.lib.WordArray.create(outputKey.words.slice(keySize/32));

console.log('secretKey->', secretKey.toString(CryptoJS.enc.Base64));
console.log('iv->', iv.toString(CryptoJS.enc.Base64));

var decrypted = CryptoJS.AES.decrypt(ct, secretKey,{iv: iv});//Default mode CBC { mode: CryptoJS.mode.CFB });
console.log('CipherText->', ct);
console.log('ClearText decrypted', decrypted.toString(CryptoJS.enc.Utf8));