使用vb.net AES / CBCencryptionstring,并需要使用JavaScript CryptoJS进行解密
我有一个vb.net Windows窗体应用程序,将stringencryption到文件。 我现在需要JavaScript来解密这个值。 我试图使用CryptoJS,但我正在努力与语法,以及如何获得在CryptoJS.PBKDF2(假设是正确的使用)使用正确的格式密码,盐和初始化向量。
调用方法
Dim encryptedComplianceValue = encrypt2(complianceValue, "Password", "Salt Value", "SHA1", 2, "@1B2c3D4e5F6g7H8", 256)
encryption方法
Public Function encrypt2(ByVal plainText As String, ByVal passPhrase As String, ByVal saltValue As String, ByVal hashAlgorithm As String, ByVal passwordIterations As Integer, ByVal initVector As String, ByVal keySize As Integer) As String Dim initVectorBytes As Byte() initVectorBytes = Encoding.ASCII.GetBytes(initVector) Dim saltValueBytes As Byte() saltValueBytes = Encoding.ASCII.GetBytes(saltValue) Dim plainTextBytes As Byte() plainTextBytes = Encoding.UTF8.GetBytes(plainText) Dim password As Rfc2898DeriveBytes password = New Rfc2898DeriveBytes(passPhrase, saltValueBytes, passwordIterations) Dim keyBytes As Byte() keyBytes = password.GetBytes(keySize / 8) Dim symmetricKey As RijndaelManaged symmetricKey = New RijndaelManaged() symmetricKey.Mode = CipherMode.CBC Dim encryptor As ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes) Dim memoryStream As MemoryStream memoryStream = New MemoryStream() Dim cryptoStream As CryptoStream cryptoStream = New CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write) cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length) cryptoStream.FlushFinalBlock() Dim cipherTextBytes As Byte() cipherTextBytes = memoryStream.ToArray() memoryStream.Close() cryptoStream.Close() Dim cipherText As String cipherText = Convert.ToBase64String(cipherTextBytes) Return cipherText End Function
JavaScript的
function decryptMsg256() { var keySize = 256; var iterations = 2; var algorithm = 'AES-256-CBC'; // the password that user provides var userPass = "Password"; console.log("user pass : " + userPass); // get the encrypted msg var encMsg64 = "v6shkblimfQMOoa8VxICjQ=="; var encMsg = CryptoJS.enc.Base64.parse(encMsg64); //var salt =CryptoJS.enc.Utf8.parse("Mon,07-Mar-2016 18:50:46 GMT"); var salt = "Salt Value"; console.log('salt: '+ salt); var saltbytes = []; for (var i = 0; i <salt.length; ++i) { saltbytes .push(salt.charCodeAt(i)); } console.log('saltbytes: '+ saltbytes ); //var iv =CryptoJS.enc.Utf8.parse("@1B2c3D4e5F6g7H8"); var iv = "@1B2c3D4e5F6g7H8"; console.log('IV: '+ iv); var ivbytes = []; for (var i = 0; i <iv.length; ++i) { ivbytes.push(iv.charCodeAt(i)); } console.log('ivbytes: '+ ivbytes ); //var saltBuffer = new Buffer(salt); //var passwordBuffer = new Buffer(userPass); var key = CryptoJS.PBKDF2(userPass, saltbytes,{keyBytes: 32, iterations: 2 }); //var key = CryptoJS.PBKDF2(userPass, salt, iterations, keySize/8); //var decipher = CryptoJS.createDecipheriv(algorithm, key, iv); console.log( 'key: '+ key); var keybytes = []; for (var i = 0; i <key.length; ++i) { keybytes.push(key.charCodeAt(i)); } console.log('keybytes: '+ keybytes); //var plainText="Hello, World!"; //console.log('Plain Text '+ plainText ); //var encMsg = CryptoJS.AES.encrypt(plainText, key, { // iv:iv, // mode: CryptoJS.mode.CBC, // padding: CryptoJS.pad.Pkcs7 // }); //console.log('Encrypted Message '+ encMsg ); var decText = ''; var decMsg = CryptoJS.AES.decrypt( encMsg, key, { iv:iv, mode: CryptoJS.mode.CBC, //padding: CryptoJS.pad.Pkcs7 } ); //console.log( "decryptedData = " + decMsg ); // convert to UTF8 string decText = decMsg.toString( CryptoJS.enc.Utf8); console.log( "decryptedText = " + decText ); }
你有多个问题:
-
你的IV是一个简单的ASCIIstring,所以你可以很容易地用二进制格式parsing它
var iv = CryptoJS.enc.Utf8.parse("@1B2c3D4e5F6g7H8");
-
不要在
saltbytes.push(salt.charCodeAt(i));
使用自定义的“二进制”格式saltbytes.push(salt.charCodeAt(i));
或类似的。 您需要使用CryptoJS的原生格式,该格式可以通过CryptoJS.enc.<Encoder>.parse(string)
-
PBKDF2的输出大小由
keySize
指定,而不是由keyBytes
指定:var key = CryptoJS.PBKDF2(userPass, salt, {keySize: 256/32, iterations: 2 });
-
解密函数期望密文是一个CipherParams对象。 好东西,鸭子打字的作品:
var decMsg = CryptoJS.AES.decrypt({ ciphertext: encMsg }, key, { iv: iv });
- 2路encryptionalgorithm,对Ruby和Node.JS只encryption到字母和数字
- .NET和nodejs之间的AESalgorithm值差异,CryptoJS
- 用Node.js和MongoDB存储密码
- Java BouncyCastle中的确定性AES-CTR?
- 节点encryptionaes256-cbc 0x0填充的例子
- Node.jsencryptioninput/输出types
- AES CryptoJSencryption和phpseclib解密
- 使用phpseclib使用AES进行encryption,并使用CryptoJS进行解密
- 当PassPhrase相同时,需要SJCL做相同的encryption的AES 256输出