CryptoJS AES256 解密问题
CryptoJS AES256 decryption issue
我在解密 AES256 编码 URL 的过程中遇到了一些问题。对于我使用 CryptoJS 的解密过程,但是输出会引发以下异常:
Malformed UTF-8 data
我错过了什么吗?
代码:
router.post("/signin/:eoLogin2", async (req, res) => {
const param = req.params.eoLogin2;
const key = "26kozQaKwRuNJ24tsfd22asdaD2f6232";
try {
// 1. DECODE URL, CONVERT DATA AND IV TO BASE64 atob()
const decodedURL = decodeURI(param);
const data = atob(decodedURL.split(":")[0]);
const IV = atob(decodedURL.split(":")[1]);
console.table(["Base64 decoded DATA: ", data]);
console.table(["Base64 decoded IV: ", IV]);
// 2. DECRYPT DATA
const decrypted = CryptoJS.AES.decrypt(data, key, {
iv: IV,
mode: CryptoJS.mode.CBC,
}).toString(CryptoJS.enc.Utf8);
console.log(decrypted);
return;
} catch (err) {
console.log(err.message);
res.status(500).send({ msg: "Internal server error" });
}
});
URL:
http://localhost:8000/api/v1/users/signin/dwmV7J2tAsk%2F%2F2cU6I1ce8NHtE0D55sXM6GL9eJQe744bp6RQZ2uvhaxa6%2Fvs8m5BtcbFcOpgY%2BpEP3gaKXgVe4QFPLfQTTgB0aeZTvyGOIk%2FdHyF%2B%2FNpZj0jHj6smq5QOyeYf4kZYTzBFxn9YLgZLigYl%2F0gvi1eOq5BMJRhFqKC8T5F9WrtWKhVgynSKT5roQYYRa2xXwNnoQezqx8xtd0BEneWxMN9Tm5XvRHkIOKmoSDD1b5WPAvSWi8%2FdK9%3ANjE3YjVkNjhkNTc0MTI3Mg%3D%3D
为了能够解密,必须在发布的代码中更改以下内容:
- 密钥必须采用 UTF8 编码并解析为
WordArray
。
- IV 部分必须进行 Base64 解码并解析为
WordArray
。
- 数据部分不需要进行Base64解码,直接作为Base64编码的字符串传给
CryptoJS.AES.decrypt()
。
通过这些更改,以下加密代码:
const key = "26kozQaKwRuNJ24tsfd22asdaD2f6232";
const decodedURL = decodeURIComponent("dwmV7J2tAsk%2F%2F2cU6I1ce8NHtE0D55sXM6GL9eJQe744bp6RQZ2uvhaxa6%2Fvs8m5BtcbFcOpgY%2BpEP3gaKXgVe4QFPLfQTTgB0aeZTvyGOIk%2FdHyF%2B%2FNpZj0jHj6smq5QOyeYf4kZYTzBFxn9YLgZLigYl%2F0gvi1eOq5BMJRhFqKC8T5F9WrtWKhVgynSKT5roQYYRa2xXwNnoQezqx8xtd0BEneWxMN9Tm5XvRHkIOKmoSDD1b5WPAvSWi8%2FdK9%3ANjE3YjVkNjhkNTc0MTI3Mg%3D%3D");
const data = decodedURL.split(":")[0];
const IV = decodedURL.split(":")[1];
const decrypted = CryptoJS.AES.decrypt(
data,
CryptoJS.enc.Utf8.parse(key),
{
iv: CryptoJS.enc.Base64.parse(IV),
mode: CryptoJS.mode.CBC
}).toString(CryptoJS.enc.Utf8)
console.log(decrypted.replace(/(.{56})/g,'\n'));
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>
成功解密密文
明文为:
userName=SEIDLTot1;userPass=3CB5DE262A55F5A21083AB2B9DC07367E01EC61CB81F849D4EBC024BC0E75F1650F8B11815D0AC77B8450DCC62300145B1A083FA70F64857134882854CAE481B;sendTime=1605287468
更多详细信息,例如关于编码器,在 CryptoJS 文档 here.
中有描述
我在解密 AES256 编码 URL 的过程中遇到了一些问题。对于我使用 CryptoJS 的解密过程,但是输出会引发以下异常:
Malformed UTF-8 data
我错过了什么吗? 代码:
router.post("/signin/:eoLogin2", async (req, res) => {
const param = req.params.eoLogin2;
const key = "26kozQaKwRuNJ24tsfd22asdaD2f6232";
try {
// 1. DECODE URL, CONVERT DATA AND IV TO BASE64 atob()
const decodedURL = decodeURI(param);
const data = atob(decodedURL.split(":")[0]);
const IV = atob(decodedURL.split(":")[1]);
console.table(["Base64 decoded DATA: ", data]);
console.table(["Base64 decoded IV: ", IV]);
// 2. DECRYPT DATA
const decrypted = CryptoJS.AES.decrypt(data, key, {
iv: IV,
mode: CryptoJS.mode.CBC,
}).toString(CryptoJS.enc.Utf8);
console.log(decrypted);
return;
} catch (err) {
console.log(err.message);
res.status(500).send({ msg: "Internal server error" });
}
});
URL:
http://localhost:8000/api/v1/users/signin/dwmV7J2tAsk%2F%2F2cU6I1ce8NHtE0D55sXM6GL9eJQe744bp6RQZ2uvhaxa6%2Fvs8m5BtcbFcOpgY%2BpEP3gaKXgVe4QFPLfQTTgB0aeZTvyGOIk%2FdHyF%2B%2FNpZj0jHj6smq5QOyeYf4kZYTzBFxn9YLgZLigYl%2F0gvi1eOq5BMJRhFqKC8T5F9WrtWKhVgynSKT5roQYYRa2xXwNnoQezqx8xtd0BEneWxMN9Tm5XvRHkIOKmoSDD1b5WPAvSWi8%2FdK9%3ANjE3YjVkNjhkNTc0MTI3Mg%3D%3D
为了能够解密,必须在发布的代码中更改以下内容:
- 密钥必须采用 UTF8 编码并解析为
WordArray
。 - IV 部分必须进行 Base64 解码并解析为
WordArray
。 - 数据部分不需要进行Base64解码,直接作为Base64编码的字符串传给
CryptoJS.AES.decrypt()
。
通过这些更改,以下加密代码:
const key = "26kozQaKwRuNJ24tsfd22asdaD2f6232";
const decodedURL = decodeURIComponent("dwmV7J2tAsk%2F%2F2cU6I1ce8NHtE0D55sXM6GL9eJQe744bp6RQZ2uvhaxa6%2Fvs8m5BtcbFcOpgY%2BpEP3gaKXgVe4QFPLfQTTgB0aeZTvyGOIk%2FdHyF%2B%2FNpZj0jHj6smq5QOyeYf4kZYTzBFxn9YLgZLigYl%2F0gvi1eOq5BMJRhFqKC8T5F9WrtWKhVgynSKT5roQYYRa2xXwNnoQezqx8xtd0BEneWxMN9Tm5XvRHkIOKmoSDD1b5WPAvSWi8%2FdK9%3ANjE3YjVkNjhkNTc0MTI3Mg%3D%3D");
const data = decodedURL.split(":")[0];
const IV = decodedURL.split(":")[1];
const decrypted = CryptoJS.AES.decrypt(
data,
CryptoJS.enc.Utf8.parse(key),
{
iv: CryptoJS.enc.Base64.parse(IV),
mode: CryptoJS.mode.CBC
}).toString(CryptoJS.enc.Utf8)
console.log(decrypted.replace(/(.{56})/g,'\n'));
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>
成功解密密文
明文为:
userName=SEIDLTot1;userPass=3CB5DE262A55F5A21083AB2B9DC07367E01EC61CB81F849D4EBC024BC0E75F1650F8B11815D0AC77B8450DCC62300145B1A083FA70F64857134882854CAE481B;sendTime=1605287468
更多详细信息,例如关于编码器,在 CryptoJS 文档 here.
中有描述