无法将 PHP OpenSSL IV 转换为 Node.JS
Cannot convert PHP OpenSSL IV to Node.JS
我正在尝试将我的对称 AES-256-CBC 加密从 PHP 转换为 NodeJS。但我认为我没有正确转换 IV,我尝试了不同的方法,但没有成功。
我的PHP代码:
<?php
class Encryption{
const method = 'AES-256-CBC';
private static $passwordString;
private static $iv;
private static $password;
public static function encryptString($string){
self::setEncryptionPasswordString();
self::setEncryptionIV();
self::setEncryptionPassword();
$encrypted = openssl_encrypt($string, self::method, self::$password, OPENSSL_RAW_DATA, self::$iv);
$encrypted = base64_encode($encrypted);
$encrypted = str_replace(['+', '/', '='], ['-', '_', ''], $encrypted);
return $encrypted;
}
public static function decryptString($string){
self::setEncryptionPasswordString();
self::setEncryptionIV();
self::setEncryptionPassword();
$string = str_replace(['-', '_'], ['+', '/'], $string);
$string = base64_decode($string);
$decrypted = openssl_decrypt($string, self::method, self::$password, OPENSSL_RAW_DATA, self::$iv);
return $decrypted;
}
private static function setEncryptionPasswordString(){
self::$passwordString = getenv("ENC_PASS");
}
private static function setEncryptionIV(){
self::$iv = chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0);
}
private static function setEncryptionPassword(){
self::$password = substr(hash('sha256', self::$passwordString, true), 0, 32);
}
}
?>
我的 NodeJS 代码:
const crypto = require("crypto");
const method = "AES-256-CBC";
const iv = Buffer.alloc(16);
const password = "my_password";
function encrypt(string){
//let key = crypto.createHash("SHA-256").update(String(password)).digest("base64").substr(0, 32); Not Working
let key = "my_iv";
let cipher = crypto.createCipheriv(method, key.substr(0, 32), iv);
let encrypted = cipher.update(string);
let result = encrypted.toString("base64").replace(/[=]/g, "").replace(/[+]/g, "-").replace(/[\/]/g, "_");
return result;
}
function decrypt(string){
}
module.exports.encrypt = (string) => encrypt(string);
module.exports.decrypt = (string) => decrypt(string);
我认为,Buffer.alloc(16) 没有像我预期的那样工作,我不知道如何更改它。有人可以帮帮我吗!
下面的 Node.js 代码应该给出与 PHP 代码相同的结果:
Node.js
const crypto = require("crypto");
const Algorithm = "aes-256-cbc";
function encrypt(plainText, key, iv, outputEncoding = "base64") {
const cipher = crypto.createCipheriv(Algorithm, key, iv);
const output = Buffer.concat([cipher.update(plainText), cipher.final()]).toString(outputEncoding);
return output.replace('+', '-').replace('/', '_').replace('=', '');
}
function decrypt(cipherText, key, iv, outputEncoding = "base64") {
cipherText = Buffer.from(cipherText.replace('-', '+').replace('_', '/'), "base64");
const cipher = crypto.createDecipheriv(Algorithm, key, iv);
return Buffer.concat([cipher.update(cipherText), cipher.final()]).toString(outputEncoding);
}
const passwordString = "test password";
const KEY = crypto.createHash('sha256').update(passwordString).digest();
const IV = Buffer.alloc(16);
console.log("Key length (bits):", KEY.length * 8);
console.log("IV length (bits):", IV.length * 8);
const encrypted = encrypt("Brevity is the soul of wit", KEY, IV, "base64");
console.log("Encrypted (base64):", encrypted);
const decrypted = decrypt(encrypted, KEY, IV, "utf8")
console.log("Decrypted:", decrypted);
PHP
putenv('ENC_PASS=test password');
$x = new Encryption();
$encrypted = $x->encryptString("Brevity is the soul of wit");
echo "Encrypted (base64): " . $encrypted . "\r\n";
echo "Decrypted: " . $x->encryptString("Brevity is the soul of wit") . "\r\n";
两者都应该给出
的输出
IEqTyL_k1xgQaBZGFLYYfTmzytKzFgicM-5mWMyxgYw
正如@robert-kawecki 指出的那样,理想情况下,您应该为每次加密使用不同的 IV 以确保最佳安全级别。
我正在尝试将我的对称 AES-256-CBC 加密从 PHP 转换为 NodeJS。但我认为我没有正确转换 IV,我尝试了不同的方法,但没有成功。
我的PHP代码:
<?php
class Encryption{
const method = 'AES-256-CBC';
private static $passwordString;
private static $iv;
private static $password;
public static function encryptString($string){
self::setEncryptionPasswordString();
self::setEncryptionIV();
self::setEncryptionPassword();
$encrypted = openssl_encrypt($string, self::method, self::$password, OPENSSL_RAW_DATA, self::$iv);
$encrypted = base64_encode($encrypted);
$encrypted = str_replace(['+', '/', '='], ['-', '_', ''], $encrypted);
return $encrypted;
}
public static function decryptString($string){
self::setEncryptionPasswordString();
self::setEncryptionIV();
self::setEncryptionPassword();
$string = str_replace(['-', '_'], ['+', '/'], $string);
$string = base64_decode($string);
$decrypted = openssl_decrypt($string, self::method, self::$password, OPENSSL_RAW_DATA, self::$iv);
return $decrypted;
}
private static function setEncryptionPasswordString(){
self::$passwordString = getenv("ENC_PASS");
}
private static function setEncryptionIV(){
self::$iv = chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0);
}
private static function setEncryptionPassword(){
self::$password = substr(hash('sha256', self::$passwordString, true), 0, 32);
}
}
?>
我的 NodeJS 代码:
const crypto = require("crypto");
const method = "AES-256-CBC";
const iv = Buffer.alloc(16);
const password = "my_password";
function encrypt(string){
//let key = crypto.createHash("SHA-256").update(String(password)).digest("base64").substr(0, 32); Not Working
let key = "my_iv";
let cipher = crypto.createCipheriv(method, key.substr(0, 32), iv);
let encrypted = cipher.update(string);
let result = encrypted.toString("base64").replace(/[=]/g, "").replace(/[+]/g, "-").replace(/[\/]/g, "_");
return result;
}
function decrypt(string){
}
module.exports.encrypt = (string) => encrypt(string);
module.exports.decrypt = (string) => decrypt(string);
我认为,Buffer.alloc(16) 没有像我预期的那样工作,我不知道如何更改它。有人可以帮帮我吗!
下面的 Node.js 代码应该给出与 PHP 代码相同的结果:
Node.js
const crypto = require("crypto");
const Algorithm = "aes-256-cbc";
function encrypt(plainText, key, iv, outputEncoding = "base64") {
const cipher = crypto.createCipheriv(Algorithm, key, iv);
const output = Buffer.concat([cipher.update(plainText), cipher.final()]).toString(outputEncoding);
return output.replace('+', '-').replace('/', '_').replace('=', '');
}
function decrypt(cipherText, key, iv, outputEncoding = "base64") {
cipherText = Buffer.from(cipherText.replace('-', '+').replace('_', '/'), "base64");
const cipher = crypto.createDecipheriv(Algorithm, key, iv);
return Buffer.concat([cipher.update(cipherText), cipher.final()]).toString(outputEncoding);
}
const passwordString = "test password";
const KEY = crypto.createHash('sha256').update(passwordString).digest();
const IV = Buffer.alloc(16);
console.log("Key length (bits):", KEY.length * 8);
console.log("IV length (bits):", IV.length * 8);
const encrypted = encrypt("Brevity is the soul of wit", KEY, IV, "base64");
console.log("Encrypted (base64):", encrypted);
const decrypted = decrypt(encrypted, KEY, IV, "utf8")
console.log("Decrypted:", decrypted);
PHP
putenv('ENC_PASS=test password');
$x = new Encryption();
$encrypted = $x->encryptString("Brevity is the soul of wit");
echo "Encrypted (base64): " . $encrypted . "\r\n";
echo "Decrypted: " . $x->encryptString("Brevity is the soul of wit") . "\r\n";
两者都应该给出
的输出IEqTyL_k1xgQaBZGFLYYfTmzytKzFgicM-5mWMyxgYw
正如@robert-kawecki 指出的那样,理想情况下,您应该为每次加密使用不同的 IV 以确保最佳安全级别。