如何处理Node.js加密流中的块长度

时间:2022-05-10 19:09:13

I want to crypt an input stream and send it to another server via TCP. So far so good. Everything runs smoothly, until the connection is closed. In almost any case the needed block size of 192 bits is not met and the script crashes with wrong final block length, although I turned auto padding on.

我想加密输入流并通过TCP将其发送到另一台服务器。到现在为止还挺好。一切顺利,直到连接关闭。几乎在任何情况下都不满足192位所需的块大小,并且脚本崩溃时最终块长度错误,尽管我打开了自动填充。

It seems like auto padding only works, when using the legacy interface. Am I doing something wrong here?

在使用传统接口时,似乎自动填充只能起作用。我在这里做错了吗?

var net = require("net")
  , crypto = require("crypto");

var credentials = { algorithm: "aes192", password: "password" }
  , decipher = crypto.createDecipher(credentials.algorithm, credentials.password)
  , cipher = crypto.createCipher(credentials.algorithm, credentials.password);

decipher.setAutoPadding(true);
cipher.setAutoPadding(true);

net.createServer(function(socket) {
  socket.pipe(socket);
}).listen(2000);

var socket = net.connect(2000);

socket.pipe(decipher).pipe(process.stdout);
process.stdin.pipe(cipher).pipe(socket); 

socket.write("Too short.");
socket.end();

In my ideal Node.js world, the (De-)Cipher Stream would automatically pad the last block, when the source stream is closed. I think this is a design flaw.

在我理想的Node.js世界中,当源流关闭时,(De-)密码流将自动填充最后一个块。我认为这是一个设计缺陷。

Apart from opening an issue, how can I circumvent this behaviour? Do I have to put a byte counter between Socket and (De-)Cipher Streams?

除了解决问题外,我该如何规避这种行为呢?我是否必须在Socket和(De-)Cipher Streams之间放置一个字节计数器?

1 个解决方案

#1


1  

You have set your pipes like this :

你已经设置了这样的管道:

stdin | cipher | socket (loopback) | decipher | stdout

But you bypass the encryption by writing directly to the socket, using them like this :

但是你通过直接写入套接字来绕过加密,使用它们如下:

socket (loopback) | decipher | stdout

Try with this code :

试试这段代码:

var net = require("net")
  , crypto = require("crypto");

var credentials = { algorithm: "aes192", password: "password" }
  , decipher = crypto.createDecipher(credentials.algorithm, credentials.password)
  , cipher = crypto.createCipher(credentials.algorithm, credentials.password);

decipher.setAutoPadding(false); //set to false to keep the padding
cipher.setAutoPadding(true);

//Loopback
server = net.createServer(function(socket) {
  socket.pipe(socket);
})

server.listen(2000);

var socket = net.connect(2000);

//cipher to the loopback socket, to decipher and stdout
cipher.pipe(socket).pipe(decipher).pipe(process.stdout);

//write some data 
cipher.write("Too short.");

//Clean exit
cipher.end();
server.unref();

For the purpose of demonstration, I removed auto padding from the Decryptor object so you can see the leftover padding. Piping the program in xxd (at the command line, not in node) gives me this ouput :

出于演示的目的,我从Decryptor对象中删除了自动填充,以便您可以看到剩余的填充。在xxd中管道程序(在命令行,而不是在节点中)给我这个输出:

$ nodejs so.js | xxd
0000000: 546f 6f20 7368 6f72 742e 0606 0606 0606  Too short.......

With the 0x06 repeated 6 times.

随着0x06重复6次。

#1


1  

You have set your pipes like this :

你已经设置了这样的管道:

stdin | cipher | socket (loopback) | decipher | stdout

But you bypass the encryption by writing directly to the socket, using them like this :

但是你通过直接写入套接字来绕过加密,使用它们如下:

socket (loopback) | decipher | stdout

Try with this code :

试试这段代码:

var net = require("net")
  , crypto = require("crypto");

var credentials = { algorithm: "aes192", password: "password" }
  , decipher = crypto.createDecipher(credentials.algorithm, credentials.password)
  , cipher = crypto.createCipher(credentials.algorithm, credentials.password);

decipher.setAutoPadding(false); //set to false to keep the padding
cipher.setAutoPadding(true);

//Loopback
server = net.createServer(function(socket) {
  socket.pipe(socket);
})

server.listen(2000);

var socket = net.connect(2000);

//cipher to the loopback socket, to decipher and stdout
cipher.pipe(socket).pipe(decipher).pipe(process.stdout);

//write some data 
cipher.write("Too short.");

//Clean exit
cipher.end();
server.unref();

For the purpose of demonstration, I removed auto padding from the Decryptor object so you can see the leftover padding. Piping the program in xxd (at the command line, not in node) gives me this ouput :

出于演示的目的,我从Decryptor对象中删除了自动填充,以便您可以看到剩余的填充。在xxd中管道程序(在命令行,而不是在节点中)给我这个输出:

$ nodejs so.js | xxd
0000000: 546f 6f20 7368 6f72 742e 0606 0606 0606  Too short.......

With the 0x06 repeated 6 times.

随着0x06重复6次。