用nodejs crypto与php的mcrypt解密blowfish-ecb
我试图在Node.js中使用内置的encryption库来解码以下base64编码的密文
2tGiKhSjSQEjoDNukf5BpfvwmdjBtA9kS1EaNPupESqheZ1TCr5ckEdWUvd+e51XWLUzdhBFNOBRrUB5jR64Pjf1VKvQ4dhcDk3Fdu4hyUoBSWfY053Rfd3fqpgZVggoKk4wvmNiCuEMEHxV3rGNKeFzOvP/P3O5gOF7HZYa2dgezizXSgnnD6mCp37OJXqHuAngr0pps/i9819O6FyKgu6t2AzwbWZkP2sXvH3OGRU6oj5DFTgiKGv1GbrM8mIrC7rlRdNgiJ9dyHrOAwqO+SVwzhhTWj1K//PoyyzDKUuqqUQ6AvJl7d1o5sHNzeNgJxhywMT9F10+gnliBxIg8gGSmzBqrgwUNZxltT4uEKz67u9eJi59a0HBBi/2+umzwOCHNA4jl1x0mv0MhYiX/A== 它似乎与PHP的mcrypt函数使用stringtypeconfig.sys^_-作为关键,如通过input值http://www.tools4noobs.com/online_tools/decrypt/和selectBlowfish,ECB,Base64解码。
但是,当我在Node.js中运行以下代码:
var crypto = require('crypto'); var data = "2tGiKhSjSQEjoDNukf5BpfvwmdjBtA9kS1EaNPupESqheZ1TCr5ckEdWUvd+e51XWLUzdhBFNOBRrUB5jR64Pjf1VKvQ4dhcDk3Fdu4hyUoBSWfY053Rfd3fqpgZVggoKk4wvmNiCuEMEHxV3rGNKeFzOvP/P3O5gOF7HZYa2dgezizXSgnnD6mCp37OJXqHuAngr0pps/i9819O6FyKgu6t2AzwbWZkP2sXvH3OGRU6oj5DFTgiKGv1GbrM8mIrC7rlRdNgiJ9dyHrOAwqO+SVwzhhTWj1K//PoyyzDKUuqqUQ6AvJl7d1o5sHNzeNgJxhywMT9F10+gnliBxIg8gGSmzBqrgwUNZxltT4uEKz67u9eJi59a0HBBi/2+umzwOCHNA4jl1x0mv0MhYiX/A=="; var decipher = crypto.createDecipher('bf-ecb', 'typeconfig.sys^_-'); data = decipher.update(data, "base64", "utf8"); data += decipher.final("utf8"); console.log(data);
我得到垃圾输出:
y : d ( Q i z1 4 k ( a5 u 73c/ (ֻ ) fȠ ec -<z 8 ( -L ԛ I 1L* u 4 j- Чh쭊@\P)? . ^ q㊬ U W& x 85 T-ג9,dE<g} `* |@ k" ! D'u ,x 7 9q=q q ա> w T H3͜ i)R zy C o
我也试过了库本身的testing,因为它似乎能够处理它自己编码的东西:
var crypto = require('crypto') var cipher = crypto.createCipher("bf-ecb", "key"); var data = cipher.update("foobar", "utf8", "base64"); data += cipher.final("base64"); console.log(data); var decipher = crypto.createDecipher("bf-ecb", "key"); data = decipher.update(data, "base64", "utf8"); data += decipher.final("utf8"); console.log(data);
生产:
y0rq5pYkiU0= foobar
但是复制并粘贴该base64string并将其input到http://www.tools4noobs.com/online_tools/decrypt/中,同时还会生成垃圾输出。
这两个库不应该产生相同的输出,还是有什么我做错了?
Node.js在将密钥用作密钥之前计算密码的MD5哈希值。 据我所知,mcrypt按原样使用密钥。
计算密码的MD5散列,并将其用作mcrypt密钥。
https://github.com/tugrul/node-mcrypt
var mcrypt = require('mcrypt'); var bfEcb = new mcrypt.MCrypt('blowfish', 'ecb'); bfEcb.open('typeconfig.sys^_-'); var cipherText = new Buffer('2tGiKhSjSQEjoDNukf5BpfvwmdjBtA9kS1EaNPupESqheZ1TCr5ckEdWUvd+e51XWLUzdhBFNOBRrUB5jR64Pjf1VKvQ4dhcDk3Fdu4hyUoBSWfY053Rfd3fqpgZVggoKk4wvmNiCuEMEHxV3rGNKeFzOvP/P3O5gOF7HZYa2dgezizXSgnnD6mCp37OJXqHuAngr0pps/i9819O6FyKgu6t2AzwbWZkP2sXvH3OGRU6oj5DFTgiKGv1GbrM8mIrC7rlRdNgiJ9dyHrOAwqO+SVwzhhTWj1K//PoyyzDKUuqqUQ6AvJl7d1o5sHNzeNgJxhywMT9F10+gnliBxIg8gGSmzBqrgwUNZxltT4uEKz67u9eJi59a0HBBi/2+umzwOCHNA4jl1x0mv0MhYiX/A==', 'base64'); console.log(bfEcb.decrypt(cipherText).toString()); bfEcb.close();