Gibberish图书馆提供了一个不错的CBC算法……
// In Jascascript
GibberishAES.enc("Made with Gibberish\n","password");
// Outputs: "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o"
# On the command line
echo "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o" |
openssl enc -d -aes-256-cbc -a -k password
我怎样才能在ruby中进行解密?直截了当的方式不起作用……
require 'openssl'
def aes(m,k,t)
(aes = OpenSSL::Cipher::Cipher.new('aes-256-cbc').send(m)).key = k
aes.update(t) << aes.final
end
def encrypt(key,text)
aes(:encrypt,key,text)
end
def decrypt(key,text)
aes(:decrypt,text)
end
def p k
Digest::SHA256.digest(k) ## what goes here???
end
require 'base64'
def t x
## also tried.. simply returning x...
Base64.decode64(x)
end
text = "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o"
pass = "password"
decrypt(p(pass),t(text))
解决方法
深入研究Gibberish代码……提供答案的线索.以及为什么传统机制不起作用.
dec = function(string,pass) {
// string,password in plaintext
var cryptArr = Base64.decode(string),salt = cryptArr.slice(8,16),pbe = openSSLKey(s2a(pass),salt),key = pbe.key,iv = pbe.iv;
cryptArr = cryptArr.slice(16,cryptArr.length);
// Take off the Salted__fFeeddcc
string = rawDecrypt(cryptArr,iv);
return string;
},
转换为ruby现在相当微不足道.请注意我个人未来的参考.
require 'base64'
require 'openssl'
def decode(k,t)
cryptArr = Base64.decode64(t)
salt = cryptArr[8..15]
data = cryptArr[16..-1]
aes = OpenSSL::Cipher::Cipher.new('AES-256-CBC').decrypt
aes.pkcs5_keyivgen(k,salt,1)
s = aes.update(data) + aes.final
end
orig = "Made with Gibberish\n"
cipr = "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o"
pass = "password"
puts decode(pass,cipr)
