跨平台 AES 256 GCM Javascript & Elixir
Cross Platform AES 256 GCM Javascript & Elixir
我一直在尝试使用 AES 256 和 GCM 在 Javascript 中加密并在 Elixir 中解密。我从各处借用了一些例子并得出了以下结论。
加密 Javascript
const _crypto = require('crypto');
function encrypt(message, secret) {
// random initialization vector
const iv = _crypto.randomBytes(16);
// extract the auth tag
const cipher = _crypto.createCipheriv('aes-256-gcm', secret, iv);
// encrypt the given text
const encrypted = Buffer.concat([cipher.update(message, 'utf8'), cipher.final()]);
// extract the auth tag
const tag = cipher.getAuthTag();
const encrypted_message = Buffer.concat([iv, tag, encrypted]).toString('base64');
return encrypted_message;
}
const secret = _crypto.randomBytes(32);
encrypt("secret message", secret);
在 Elixir 中解密
def decrypt(encrypted_message, secret) do
secret_key = :base64.decode(secret)
ciphertext = :base64.decode(encrypted_message)
<<iv::binary-16, tag::binary-16, ciphertext::binary>> = ciphertext
:crypto.block_decrypt(:aes_gcm, secret_key, iv, {"AES256GCM", ciphertext, tag})
end
# secret would be the secret from javascript encoded in base64
decrypt(encrypted_message, secret)
而我在 Elixir 方面的结果一直是 :error
我的感觉是和编解码有关,但是我好像找不到哪里出错了。
如果有人能指出正确的方向,我将不胜感激。
谢谢!
更新工作版本
对于那些打算使用相同语言的人:
Javascript加密
const _crypto = require('crypto');
function encrypt(message, secret) {
// random initialization vector
const iv = _crypto.randomBytes(16);
// extract the auth tag
const cipher = _crypto.createCipheriv('aes-256-gcm', secret, iv);
// add the following line if you want to include "AES256GCM" on the elixir side
// cipher.setAAD(Buffer.from("AES256GCM", 'utf8'));
// encrypt the given text
const encrypted = Buffer.concat([cipher.update(message, 'utf8'), cipher.final()]);
// extract the auth tag
const tag = cipher.getAuthTag();
const encrypted_message = Buffer.concat([iv, tag, encrypted]).toString('base64');
return encrypted_message;
}
const secret = _crypto.randomBytes(32);
encrypt("secret message", secret);
灵药解密
def decrypt(encrypted_message, secret) do
secret_key = :base64.decode(secret)
ciphertext = :base64.decode(encrypted_message)
<<iv::binary-16, tag::binary-16, ciphertext::binary>> = ciphertext
// make sure _AAD is an empty string "" if you didn't set it during encryption
:crypto.block_decrypt(:aes_gcm, secret_key, iv, {_AAD, ciphertext, tag})
// otherwise, you would need to set _AAD to whatever you set during encryption, using "AES256GCM" as example
// Note: AAD (Associated Authenticated Data) can be whatever string you want to my knowledge, just to make sure you have the same in both encryption and decryption process
// :crypto.block_decrypt(:aes_gcm, secret_key, iv, {"AES256GCM", ciphertext, tag})
end
# secret would be the secret from javascript encoded in base64
decrypt(encrypted_message, secret)
这很简单:你的 "AES256GCM" 不应该存在(或者 null,我对 Erlang 不是很熟悉)。它代表额外的认证数据,包含在认证标签的计算中,显然与加密代码生成的认证标签不同。
:aes_gcm已经指定了模式,key的大小当然是由secret_key的大小决定的,反正字符串就没必要了。
我一直在尝试使用 AES 256 和 GCM 在 Javascript 中加密并在 Elixir 中解密。我从各处借用了一些例子并得出了以下结论。
加密 Javascript
const _crypto = require('crypto');
function encrypt(message, secret) {
// random initialization vector
const iv = _crypto.randomBytes(16);
// extract the auth tag
const cipher = _crypto.createCipheriv('aes-256-gcm', secret, iv);
// encrypt the given text
const encrypted = Buffer.concat([cipher.update(message, 'utf8'), cipher.final()]);
// extract the auth tag
const tag = cipher.getAuthTag();
const encrypted_message = Buffer.concat([iv, tag, encrypted]).toString('base64');
return encrypted_message;
}
const secret = _crypto.randomBytes(32);
encrypt("secret message", secret);
在 Elixir 中解密
def decrypt(encrypted_message, secret) do
secret_key = :base64.decode(secret)
ciphertext = :base64.decode(encrypted_message)
<<iv::binary-16, tag::binary-16, ciphertext::binary>> = ciphertext
:crypto.block_decrypt(:aes_gcm, secret_key, iv, {"AES256GCM", ciphertext, tag})
end
# secret would be the secret from javascript encoded in base64
decrypt(encrypted_message, secret)
而我在 Elixir 方面的结果一直是 :error
我的感觉是和编解码有关,但是我好像找不到哪里出错了。
如果有人能指出正确的方向,我将不胜感激。
谢谢!
更新工作版本
对于那些打算使用相同语言的人:
Javascript加密
const _crypto = require('crypto');
function encrypt(message, secret) {
// random initialization vector
const iv = _crypto.randomBytes(16);
// extract the auth tag
const cipher = _crypto.createCipheriv('aes-256-gcm', secret, iv);
// add the following line if you want to include "AES256GCM" on the elixir side
// cipher.setAAD(Buffer.from("AES256GCM", 'utf8'));
// encrypt the given text
const encrypted = Buffer.concat([cipher.update(message, 'utf8'), cipher.final()]);
// extract the auth tag
const tag = cipher.getAuthTag();
const encrypted_message = Buffer.concat([iv, tag, encrypted]).toString('base64');
return encrypted_message;
}
const secret = _crypto.randomBytes(32);
encrypt("secret message", secret);
灵药解密
def decrypt(encrypted_message, secret) do
secret_key = :base64.decode(secret)
ciphertext = :base64.decode(encrypted_message)
<<iv::binary-16, tag::binary-16, ciphertext::binary>> = ciphertext
// make sure _AAD is an empty string "" if you didn't set it during encryption
:crypto.block_decrypt(:aes_gcm, secret_key, iv, {_AAD, ciphertext, tag})
// otherwise, you would need to set _AAD to whatever you set during encryption, using "AES256GCM" as example
// Note: AAD (Associated Authenticated Data) can be whatever string you want to my knowledge, just to make sure you have the same in both encryption and decryption process
// :crypto.block_decrypt(:aes_gcm, secret_key, iv, {"AES256GCM", ciphertext, tag})
end
# secret would be the secret from javascript encoded in base64
decrypt(encrypted_message, secret)
这很简单:你的 "AES256GCM" 不应该存在(或者 null,我对 Erlang 不是很熟悉)。它代表额外的认证数据,包含在认证标签的计算中,显然与加密代码生成的认证标签不同。
:aes_gcm已经指定了模式,key的大小当然是由secret_key的大小决定的,反正字符串就没必要了。