encryption - nodejs中的AES 256 GCM加密解密
问题描述
我正在 nodejs 中实现一组基本的加密/解密函数,我在解密部分不断收到以下错误:
Error: Unsupported state or unable to authenticate data
到目前为止,这是我的代码:
import crypto from 'crypto'
import logger from './logger'
const ALGORITHM = 'aes-256-gcm'
export const encrypt = (keyBuffer, dataBuffer, aadBuffer) => {
// iv stands for "initialization vector"
const iv = Buffer.from(crypto.randomBytes(12), 'utf8')
logger.debug('iv: ', iv)
const encryptor = crypto.createCipheriv(ALGORITHM, keyBuffer, iv)
logger.debug('encryptor: ', encryptor)
logger.debug('dataBuffer: ', dataBuffer)
return Buffer.concat([iv, encryptor.update(dataBuffer, 'utf8'), encryptor.final()])
}
export const decrypt = (keyBuffer, dataBuffer, aadBuffer) => {
const iv = dataBuffer.slice(0, 96)
const decryptor = crypto.createDecipheriv(ALGORITHM, keyBuffer, iv)
return Buffer.concat([decryptor.update(dataBuffer.slice(96), 'utf8'), decryptor.final()])
}
我的错误发生在解密函数的最后一行。我将 iv 存储为 dataBuffer 的一部分。
提前致谢!
解决方案
我意识到我在发布的原始代码中犯了几个错误,@TheGreatContini 所说的其中一个错误是切片的大小,它是以位而不是应该的字节来完成的。尽管如此,我缺少的最大部分是 authTag,它始终应该包含在解密函数设置中。
这是我的工作代码,供任何对未来参考感兴趣的人使用:
import crypto from 'crypto'
import logger from './logger'
const ALGORITHM = 'aes-256-gcm'
export const encrypt = (keyBuffer, dataBuffer, aadBuffer) => {
// iv stands for "initialization vector"
const iv = crypto.randomBytes(12)
const cipher = crypto.createCipheriv(ALGORITHM, keyBuffer, iv)
const encryptedBuffer = Buffer.concat([cipher.update(dataBuffer), cipher.final()])
const authTag = cipher.getAuthTag()
let bufferLength = Buffer.alloc(1)
bufferLength.writeUInt8(iv.length, 0)
return Buffer.concat([bufferLength, iv, authTag, encryptedBuffer])
}
export const decrypt = (keyBuffer, dataBuffer, aadBuffer) => {
const ivSize = dataBuffer.readUInt8(0)
const iv = dataBuffer.slice(1, ivSize + 1)
// The authTag is by default 16 bytes in AES-GCM
const authTag = dataBuffer.slice(ivSize + 1, ivSize + 17)
const decipher = crypto.createDecipheriv(ALGORITHM, keyBuffer, iv)
decipher.setAuthTag(authTag)
return Buffer.concat([decipher.update(dataBuffer.slice(ivSize + 17)), decipher.final()])
}
推荐阅读
- java - primefaces-8.0 、omnifaces-1.8 和 prettyfaces-jsf2-3.3.3 结合在一起的问题
- java - 如何修复错误:在 gradle bootRun 中处理 'command'/Library/Java/JavaVirtualMachines/adoptopenjdk-13.jdk/Contents/Home/bin/java''?
- python - Python直方图输出同时尝试和输出中的代码除外
- sql - 如何使用 sql 语句在应用程序(客户端)中获取行号
- spring - Keycloak 得到 401 错误,但是 spring security 没有处理这个错误
- python - 在没有配置文件的情况下验证 google API
- phpstorm - 通过热键在 PhpStorm 中包裹选定的文本?
- javascript - 找不到模块:将图像导入 React 项目时无法解析“../images/bg-header-desktop.svg”
- java - Java Spark 需要很长时间才能创建会话
- c# - 如何访问作为列表的类元素
在 C# 中?