如何解决无法将 PHP OpenSSL IV 转换为 Node.JS
我正在尝试将我的对称 AES-256-CBC 加密从 PHP 转换为 NodeJS。但我认为我没有正确转换 IV,我尝试了不同的方法,但没有奏效。
<?PHP
class Encryption{
const method = 'AES-256-CBC';
private static $passwordString;
private static $iv;
private static $password;
public static function encryptString($string){
self::setEncryptionPasswordString();
self::setEncryptionIV();
self::setEncryptionPassword();
$encrypted = openssl_encrypt($string,self::method,self::$password,OPENSSL_RAW_DATA,self::$iv);
$encrypted = base64_encode($encrypted);
$encrypted = str_replace(['+','/','='],['-','_',''],$encrypted);
return $encrypted;
}
public static function decryptString($string){
self::setEncryptionPasswordString();
self::setEncryptionIV();
self::setEncryptionPassword();
$string = str_replace(['-','_'],['+','/'],$string);
$string = base64_decode($string);
$decrypted = openssl_decrypt($string,self::$iv);
return $decrypted;
}
private static function setEncryptionPasswordString(){
self::$passwordString = getenv("ENC_PASS");
}
private static function setEncryptionIV(){
self::$iv = chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0);
}
private static function setEncryptionPassword(){
self::$password = substr(hash('sha256',self::$passwordString,true),32);
}
}
?>
我的 NodeJS 代码:
const crypto = require("crypto");
const method = "AES-256-CBC";
const iv = Buffer.alloc(16);
const password = "my_password";
function encrypt(string){
//let key = crypto.createHash("SHA-256").update(String(password)).digest("base64").substr(0,32); Not Working
let key = "my_iv";
let cipher = crypto.createCipheriv(method,key.substr(0,32),iv);
let encrypted = cipher.update(string);
let result = encrypted.toString("base64").replace(/[=]/g,"").replace(/[+]/g,"-").replace(/[\/]/g,"_");
return result;
}
function decrypt(string){
}
module.exports.encrypt = (string) => encrypt(string);
module.exports.decrypt = (string) => decrypt(string);
我认为,Buffer.alloc(16) 没有按照我的预期工作,我不知道如何更改它。有人可以帮我吗!
解决方法
下面的 Node.js 代码应该给出与 PHP 代码相同的结果:
Node.js
const crypto = require("crypto");
const Algorithm = "aes-256-cbc";
function encrypt(plainText,key,iv,outputEncoding = "base64") {
const cipher = crypto.createCipheriv(Algorithm,iv);
const output = Buffer.concat([cipher.update(plainText),cipher.final()]).toString(outputEncoding);
return output.replace('+','-').replace('/','_').replace('=','');
}
function decrypt(cipherText,outputEncoding = "base64") {
cipherText = Buffer.from(cipherText.replace('-','+').replace('_','/'),"base64");
const cipher = crypto.createDecipheriv(Algorithm,iv);
return Buffer.concat([cipher.update(cipherText),cipher.final()]).toString(outputEncoding);
}
const passwordString = "test password";
const KEY = crypto.createHash('sha256').update(passwordString).digest();
const IV = Buffer.alloc(16);
console.log("Key length (bits):",KEY.length * 8);
console.log("IV length (bits):",IV.length * 8);
const encrypted = encrypt("Brevity is the soul of wit",KEY,IV,"base64");
console.log("Encrypted (base64):",encrypted);
const decrypted = decrypt(encrypted,"utf8")
console.log("Decrypted:",decrypted);
PHP
putenv('ENC_PASS=test password');
$x = new Encryption();
$encrypted = $x->encryptString("Brevity is the soul of wit");
echo "Encrypted (base64): " . $encrypted . "\r\n";
echo "Decrypted: " . $x->encryptString("Brevity is the soul of wit") . "\r\n";
两者都应该给出
的输出IEqTyL_k1xgQaBZGFLYYfTmzytKzFgicM-5mWMyxgYw
正如@robert-kawecki 所指出的,理想情况下,您应该为每种加密使用不同的 IV,以确保最佳安全级别。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
