AES-256-CBC 加密 Golang 和 PHP

我正在尝试在golang中实现AES-256-CBC加密。我有一个已经使用了多年的工作PHP代码。我在Golang中获得了加密值,但是对于相同的有效负载/ 键 / iv组合,这些值与PHP的输出不匹配。


为了简化,我在下面的代码中对有效载荷/key/iv进行了硬编码。我还从我的go代码中删除了详细的错误消息。


这是我的 GO 代码


func encryption() {

    plaintext := []byte("12345678912345678912345678900000")

    key, _ := base64.StdEncoding.DecodeString("cidRgzwfcgztwae/mccalIeedOAmA/CbU3HEqWz1Ejk=")

    iv, _ := hex.DecodeString("162578ddce177a4a7cb2f7c738fa052d")


    /*php seem to use PKCS7 padding to make the source string match the blocksize 

     requirement for AES-256-CBC.

     From what I understand, I need to do padding manually in Golang. 

     Correct me if wrong */

    plaintext, _ = Pkcs7Pad(plaintext, aes.BlockSize)


    block, _ := aes.NewCipher(key)


    ciphertext := make([]byte, aes.BlockSize+len(plaintext))


    mode := cipher.NewCBCEncrypter(block, iv)


    mode.CryptBlocks(ciphertext[aes.BlockSize:], plaintext)


    fmt.Printf("EncryptedText %v\n", string(ciphertext))

    fmt.Printf("EncryptedText as hex %v\n", hex.EncodeToString(ciphertext))

}


func Pkcs7Pad(b []byte, blocksize int) ([]byte, error) {

    if blocksize <= 0 {

        return nil, errors.New("Invalid block size")

    }

    if b == nil || len(b) == 0 {

        return nil, errors.New("Invalid block size")

    }

    n := blocksize - (len(b) % blocksize)

    pb := make([]byte, len(b)+n)

    copy(pb, b)

    copy(pb[len(b):], bytes.Repeat([]byte{byte(n)}, n))

    return pb, nil

}

我的 Go 输出是


EncryptedText |8??X?z??F ?0ĺe?,??G?V?

Gce??dM????z?,*ȁҼ

EncryptedText as hex 7c38bad658907a81d14620c930c4ba658c1f022cdb1392479856cc0a471d6365dfc5644db6b28cef7ac02c2ac881d2bc

我有一个PHP代码来执行相同的任务,这给了我一个不同的输出。


function encryption() {

    $plaintext = "12345678912345678912345678900000";

    $key = base64_decode("cidRgzwfcgztwae/mccalIeedOAmA/CbU3HEqWz1Ejk=");

    $iv = hex2bin("162578ddce177a4a7cb2f7c738fa052d");

}


有什么想法吗?


holdtom
浏览 330回答 1
1回答

MMMHUHU

您的方法存在一些问题:openssl_encrypt,默认情况下,输出基数为 64 的编码字符串(不是十六进制)我怀疑你的(你没有包括)正在做一些意想不到的事情(因为你跳过了开始pkcs7Padciphertextmode.CryptBlocks(ciphertext[aes.BlockSize:], plaintext)注意:我无法复制您的结果,因为您没有包含您的结果(指向游乐场的链接是一个好主意,因为它可以确保其他人能够复制您的问题)。pkcs7Pad我相信下面的代码会给出你正在寻找的东西(结果与php匹配 - 我没有做任何进一步的测试):func main() {&nbsp; &nbsp; plaintext := []byte("12345678912345678912345678900000")&nbsp; &nbsp; key, err := base64.StdEncoding.DecodeString("cidRgzwfcgztwae/mccalIeedOAmA/CbU3HEqWz1Ejk=")&nbsp; &nbsp; if err != nil {&nbsp; &nbsp; &nbsp; &nbsp; panic(err)&nbsp; &nbsp; }&nbsp; &nbsp; iv, err := hex.DecodeString("162578ddce177a4a7cb2f7c738fa052d")&nbsp; &nbsp; if err != nil {&nbsp; &nbsp; &nbsp; &nbsp; panic(err)&nbsp; &nbsp; }&nbsp; &nbsp; plaintext = pkcs7Pad(plaintext, aes.BlockSize)&nbsp; &nbsp; block, err := aes.NewCipher(key)&nbsp; &nbsp; if err != nil {&nbsp; &nbsp; &nbsp; &nbsp; panic(err)&nbsp; &nbsp; }&nbsp; &nbsp; ciphertext := make([]byte, len(plaintext))&nbsp; &nbsp; mode := cipher.NewCBCEncrypter(block, iv)&nbsp; &nbsp; mode.CryptBlocks(ciphertext, plaintext)&nbsp; &nbsp; fmt.Printf("EncryptedText %v\n", string(ciphertext))&nbsp; &nbsp; fmt.Printf("EncryptedText as hex %v\n", hex.EncodeToString(ciphertext))&nbsp; &nbsp; fmt.Printf("EncryptedText as base 64 %v\n", base64.StdEncoding.EncodeToString(ciphertext))}func pkcs7Pad(ciphertext []byte, blockSize int) []byte {&nbsp; &nbsp; padding := blockSize - len(ciphertext)%blockSize&nbsp; &nbsp; padtext := bytes.Repeat([]byte{byte(padding)}, padding)&nbsp; &nbsp; return append(ciphertext, padtext...)}
打开App,查看更多内容
随时随地看视频慕课网APP

相关分类

Go