如何解决通过ColdFusion加密解密NodeJS中的AES / CBC / PKCS5Padding
我正在将nodeJS应用程序与ColdFusion应用程序合并。我使用下面的方法在ColdFusion中进行了加密,其中key是加密密钥字符串
key = 'nQw7y6QejwGFh/SNrul20Q=='
encrypt(value,key,"AES/CBC/PKCS5Padding","HEX");
然后,在NodeJS中,我尝试使用加密解密它
const crypto = require('crypto');
const key = "nQw7y6QejwGFh/SNrul20Q==";
const binaryEncryptionKey = new Buffer( key,"base64" );
decrypt = (value) => {
try {
var decipher = crypto.createDecipheriv( "AES-128-CBC",binaryEncryptionKey );
var value = (
decipher.update( value,"base64","utf8" ) +
decipher.final( "utf8" )
);
return value;
} catch (err) {
console.log(err);
}
}
它首先为缓冲区返回警告:
DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(),Buffer.allocUnsafe(),or Buffer.from() methods instead.
然后,我得到了错误:
TypeError [ERR_INVALID_ARG_TYPE]: The "iv" argument must be of type string or an instance of Buffer,TypedArray,or DataView. Received undefined
我没有“ iv”,因为ColdFusion一方没有使用它进行加密。是否可以在NodeJS中对其进行解密?
- 当我更改为Buffer.alloc时,出现错误:
TypeError [ERR_INVALID_ARG_TYPE]: The "size" argument must be of type number. Received type string ('nQw7y6QejwGFh/SNrul20Q==..)
例如,我具有以下加密的字符串:FB391CAAE5CD8FF47C55211ED8636D213C95F233B615D4E56CB7CD6B051D01DF356E1C45ED7AABAB5F9BCBB9EED6355B
谢谢
解决方法
here描述了ColdFusion encrypt函数。 AES / CBC所需的16字节IV可以明确指定。如果没有给出IV,它将自动生成并放置在密文前面(另请参见Michael Fehr的评论)。 NodeJS中的解密可以如下进行:
const crypto = require('crypto');
const key = Buffer.from('nQw7y6QejwGFh/SNrul20Q==','base64');
const ivCiphertext = Buffer.from('FB391CAAE5CD8FF47C55211ED8636D213C95F233B615D4E56CB7CD6B051D01DF356E1C45ED7AABAB5F9BCBB9EED6355B','hex');
const iv = ivCiphertext.slice(0,16);
const ciphertext = ivCiphertext.slice(16);
var decrypt = (value) => {
try {
var decipher = crypto.createDecipheriv('AES-128-CBC',key,iv);
var value =
decipher.update(value,'','utf8') +
decipher.final('utf8');
return value;
} catch (err) {
console.log(err);
}
}
console.log(decrypt(ciphertext)); // 4388576099656673
结果为4388576099656673,与相应的ColdFusion脚本一致,该脚本可以执行,例如here,第s。 示例:
<cfscript>
key = 'nQw7y6QejwGFh/SNrul20Q==';
iv = BinaryDecode('FB391CAAE5CD8FF47C55211ED8636D21','HEX');
ciphertext = '3C95F233B615D4E56CB7CD6B051D01DF356E1C45ED7AABAB5F9BCBB9EED6355B';
plaintext = decrypt(ciphertext,'AES/CBC/PKCS5Padding','HEX',iv);
writeOutput(plaintext);
</cfscript>
请注意,new Buffer()已过时。可以在here中找到对Buffer.alloc()的描述。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
