Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
321 views
in Technique[技术] by (71.8m points)

encryption - How can I encrypt a string with AES-128-CBC algorithm in Javascript?

I have the following shell script which uses openssl to encrypt string:

API_KEY="qrBprgc/3dTjrrD@4t!9FcNjwT3_Ra"
DATE="Mon, 19 Mar 2018 12:45:05 EET"

aesivkey=$(echo -n "$DATE" | openssl dgst -sha256 -hmac "$API_KEY" -r)
aes128cbciv=${aesivkey:0:32}
aes128cbckey=${aesivkey:32:32}

private_key="test"
encrypted_private_key=`echo -e $private_key | openssl aes-128-cbc -base64 -nosalt -K $aes128cbckey -iv $aes128cbciv`

I am trying to make the same function in javascript(to use it in postman). At the moment I have the following code:

var dateString = "Mon, 19 Mar 2018 12:45:05 EET";
var api_key="qrBprgc/3dTjrrD@4t!9FcNjwT3_Ra"

//aesivkey=$(echo -n "$DATE" | openssl dgst -sha256 -hmac "$API_KEY" -r)
var aesivkey = (CryptoJS.HmacSHA256(dateString, api_key)).toString();
//aes128cbciv=${aesivkey:0:32}
var aes128cbciv = aesivkey.substring(0, 32);
//aes128cbckey=${aesivkey:32:32}
var aes128cbckey = aesivkey.substring(aesivkey.length - 32);

var private_key="test"

//encrypted_private_key=`echo -e $private_key | openssl aes-128-cbc -base64 -nosalt -K $aes128cbckey -iv $aes128cbciv`
var encrypted_private_key = CryptoJS.AES.encrypt(private_key, aes128cbckey,
{
    keySize: 128 / 8,
    iv: aes128cbciv,
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pad.Pkcs7
});

Could someone please explain what I am doing wrong?

Result in shell script: HSMD8RaXNbRrN4c1NzFXvQ==

Result in javascript: U2FsdGVkX1+uapLKV00iSOtj8eVpjfY4onoqQmoPPF4=

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Currently the result is Salted__ (see the ASCII contents of the base 64 encoding, the first 8 bytes spell this word), i.e. it uses password encryption. This is probably because your key and IV need to be decoded from hexadecimals to a WordArray before use. If the key is a string instead of a WordArray it will be interpreted as being a password, and the key will be derived.

For instance:

CryptoJS.enc.Hex.parse(aes128cbckey)

and

iv: CryptoJS.enc.Hex.parse(aes128cbciv)

Notes:

  • Specifying the keySize in the configuration parameters is nice if you provide a password, but if you specify the key directly you should probably not use it.

  • The developer that created CryptoJS should really really really not have overloaded the encrypt function.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...