I used CryptoSwift to encrypt some data, and then encrypted the same data using Node.js. But the results are not same. I asked the author, he said it's not a bug.
我使用CryptoSwift加密一些资料,然后使用Node.js加密相同的资料。但结果并不相同。我问作者,他说这不是一个bug。
I don't know where I made a mistake. Here are pictures of how I used CryptoSwift and Node.js:
我不知道我在哪里犯了错误。下面是我如何使用CryptoSwift和nodey .js:
Cipher algorithm: aes-256-cfb
密码算法:aes - 256循环流化床
key: 32 bytes 1
关键:32字节1
iv: 16 bytes 0
4:16字节0
CryptoSwift: develop-branch 0.1.1
CryptoSwift:develop-branch 0.1.1
Node.js: LTS 4.2.3
节点。js:LTS 4.2.3
CryptoSwift加密的数据
Data encrypted by Node.js 4.2.3
加密的数据节点。js 4.2.3
Here is swift code:
这是斯威夫特代码:
func testAES() {
let key = [UInt8](count: 32, repeatedValue: 1)
let iv = [UInt8](count: 16, repeatedValue: 0)
print(key)
print(iv)
let aes256cfb = try! AES(key: key, iv: iv, blockMode: .CFB)
let en1 = try! aes256cfb.encrypt([0x5, 0x77], padding: nil)
print(en1.map({ i in String(format: "%2x", i)}))
let en2 = try! aes256cfb.encrypt([0x5, 0x0, 0x3, 0x89, 0x20], padding: nil)
print(en2.map({ i in String(format: "%2x", i)}))
}
CryptoSwift:
["77", "ef"]
["77", "98", "c9", "2c", "45"]
Node.js:
<Buffer 77 ef>
<Buffer cf a5 66 8a 3e>
You can see, the first two bytes are same, but the rest are not. Why? Is my code writing wrong? I don't know much about crypto, please tell me the reason. Thank you so much.
您可以看到,前两个字节是相同的,但其余的不是。为什么?我的代码写错了吗?我对密码不太了解,请告诉我原因。非常感谢。
2 个解决方案
#1
0
Unless the data is a multiple of the block size (16-bytes) and the data size is known by both sides a-priori to meet the requirement padding is required. The generally used padding is PKCS#7 (PKCS#5 is essentially the same).
除非数据是块大小(16字节)的倍数,并且数据大小被双方事先知道以满足需求填充。通常使用的填充是PKCS#7 (PKCS#5本质上是相同的)。
In the code no padding is specified so the balance of the block will be whatever junk is in the buffer or perhaps the algorithm may null pad it, it is always best not to rely on non-standard defaults.
在代码中没有指定填充,因此块的余额将会是缓冲区中的任何垃圾,或者可能是该算法可以对其进行空垫,所以最好不要依赖于非标准的默认值。
See the SO Answer for an example of using Common Crypto.
有关使用公共加密的示例,请参见SO答案。
But the best thing to do is use RNCryptor for your encryption, it is available for several languages and platforms. It also handles all the bits that make encryption secure. It is well vetted and being actively developed.
但是最好的方法是使用RNCryptor进行加密,它可以用于多种语言和平台。它还处理所有使加密安全的比特。它经过良好的审查和积极发展。
#2
1
To answer that question.
要回答这个问题。
Your NodeJS code encrypt [0x5, 0x77, 0x5, 0x0, 0x3, 0x89, 0x20], but your CryptoSwift code encrypt [0x5, 0x77] then [0x5, 0x0, 0x3, 0x89, 0x20]. This is why you get different results.
您的NodeJS代码加密[0x5, 0x77, 0x5, 0x0, 0x3, 0x89, 0x20],但是您的密码码加密[0x5, 0x77]然后[0x5, 0x0 0, 0x3, 0x89, 0x20]。这就是你得到不同结果的原因。
#1
0
Unless the data is a multiple of the block size (16-bytes) and the data size is known by both sides a-priori to meet the requirement padding is required. The generally used padding is PKCS#7 (PKCS#5 is essentially the same).
除非数据是块大小(16字节)的倍数,并且数据大小被双方事先知道以满足需求填充。通常使用的填充是PKCS#7 (PKCS#5本质上是相同的)。
In the code no padding is specified so the balance of the block will be whatever junk is in the buffer or perhaps the algorithm may null pad it, it is always best not to rely on non-standard defaults.
在代码中没有指定填充,因此块的余额将会是缓冲区中的任何垃圾,或者可能是该算法可以对其进行空垫,所以最好不要依赖于非标准的默认值。
See the SO Answer for an example of using Common Crypto.
有关使用公共加密的示例,请参见SO答案。
But the best thing to do is use RNCryptor for your encryption, it is available for several languages and platforms. It also handles all the bits that make encryption secure. It is well vetted and being actively developed.
但是最好的方法是使用RNCryptor进行加密,它可以用于多种语言和平台。它还处理所有使加密安全的比特。它经过良好的审查和积极发展。
#2
1
To answer that question.
要回答这个问题。
Your NodeJS code encrypt [0x5, 0x77, 0x5, 0x0, 0x3, 0x89, 0x20], but your CryptoSwift code encrypt [0x5, 0x77] then [0x5, 0x0, 0x3, 0x89, 0x20]. This is why you get different results.
您的NodeJS代码加密[0x5, 0x77, 0x5, 0x0, 0x3, 0x89, 0x20],但是您的密码码加密[0x5, 0x77]然后[0x5, 0x0 0, 0x3, 0x89, 0x20]。这就是你得到不同结果的原因。