c#加密和JS解密(CryptoJS)
本文关键字:CryptoJS 解密 JS 加密 | 更新日期: 2023-09-27 18:07:01
我在CryptoJS上没有得到相同的结果。请检查一下是什么地方出了问题?
这是我期望的输入/输出:
Encrypted String: 723024D59CF7801A295F81B9D5BB616E
Decrypted String: stackoverflow
这是我在c#中的解密/加密方法。加密是TripleDES模式CBC,我在CryptoJS代码上使用相同的密钥和iv。
public static string Encrypt(string data, string key, string iv)
{
byte[] bdata = Encoding.ASCII.GetBytes(data);
byte[] bkey = HexToBytes(key);
byte[] biv = HexToBytes(iv);
var stream = new MemoryStream();
var encStream = new CryptoStream(stream,
des3.CreateEncryptor(bkey, biv), CryptoStreamMode.Write);
encStream.Write(bdata, 0, bdata.Length);
encStream.FlushFinalBlock();
encStream.Close();
return BytesToHex(stream.ToArray());
}
public static string Decrypt(string data, string key, string iv)
{
byte[] bdata = HexToBytes(data);
byte[] bkey = HexToBytes(key);
byte[] biv = HexToBytes(iv);
var stream = new MemoryStream();
var encStream = new CryptoStream(stream,
des3.CreateDecryptor(bkey, biv), CryptoStreamMode.Write);
encStream.Write(bdata, 0, bdata.Length);
encStream.FlushFinalBlock();
encStream.Close();
return Encoding.ASCII.GetString(stream.ToArray());
}
这是我如何做解密使用CryptoJS
var key = "90033E3984CEF5A659C44BBB47299B4208374FB5DC495C96";
var iv = "E6B9AFA7A282A0CA";
key = CryptoJS.enc.Hex.parse(key);
iv = CryptoJS.enc.Hex.parse(iv);
// Input is a Hex String
var decrypted = CryptoJS.TripleDES.decrypt('723024D59CF7801A295F81B9D5BB616E', key, { iv : iv, mode:CryptoJS.mode.CBC});
console.log(decrypted.toString());
CryptoJS期望密文是CipherParams对象或openssl编码的字符串。你已经把密文变成了海克斯。这样做:
var decrypted = CryptoJS.TripleDES.decrypt({
ciphertext: CryptoJS.enc.Hex.parse('723024D59CF7801A295F81B9D5BB616E')
}, key, {
iv : iv,
mode:CryptoJS.mode.CBC
});
decrypted现在是一个WordArray对象。对其进行字符串化会得到一个默认编码为十六进制的字符串。如果您知道应该输出文本,可以使用适当的编码,如
console.log(decrypted.toString(CryptoJS.enc.Utf8));
Artjom B的答案有效,但如果与静态IV一起使用则有问题。IV(和SALT)应该从消息更改到消息。尝试在不同的语言/库之间创建和发送非静态IV/salt可能很困难。
所以,当我还在c#和JS之间交换加密文本时,我花时间一劳永逸地解决了这个问题,并写了一个小库,并在MIT许可下发布,供每个人使用。
密文采用base64格式,由":"与base64- salt和base64- iv组合而成
使用它的步骤如下:
使用来自https://github.com/smartinmedia/Net-Core-JS-Encryption-Decryption
的库
//Encrypt plain text in C# with a random password
string plainText = "This is my secret text!";
//You can also use the built in password generator!!
//string passPhrase = PasswordGenerator.GenerateRandomPassword(20);
//Or use your own password:
string passPhrase = "This_is_my_password!";
var enc = EncryptionHandler.Encrypt(plainText, passPhrase);
Console.WriteLine("Plaintext: 'This is my secret text' with password 'This_is_my_password!' results in ciphertext: " + enc);
var dec3 = EncryptionHandler.Decrypt(enc, passPhrase);
Console.WriteLine("And decrypting again: " + dec3);
Console.WriteLine("Please start the index.html to see the same in Javascript. Encryption / Decryption run in both ways and can be interchanged between C# and JS!");
:
// This is the ciphertext, which was encrypted by C# to check the interchangeability:
var encryptedBase64FromCSharp = "uTkXNB+PSTjzwUCJbfAHVHd95YOlcJr38wbF08ZxqNw=:PNGRjWb5tOINneaVVf8+cw==:Aic+gosvLjTrCebzY8l/usTh+kWuE0v1xSWw7apYunI=";
var passPhrase = "This_is_my_password!";
var eH = new encryptionHandler();
var decryptedFromCSharp = eH.decrypt(encryptedBase64FromCSharp, passPhrase);
//Now encrypt again with JS
var encryptTextWithJs = eH.encrypt(decryptedFromCSharp, "This_is_my_password!");
//And decrypt again with JS
var decryptedTextWithJs = eH.decrypt(encryptTextWithJs, "This_is_my_password!");
所以,正如你在这里看到的,密文可以在c#和JS之间用随机生成的salt和IVs(它们是在encrypt/decrypt方法中生成的)交换。