Perl 中的 AES 加密类似于 crypto-js@4.2.0

Question

Perl 中的 AES 加密类似于 crypto-js@4.2.0

h q*_*h q 2 javascript encryption perl aes cryptojs

以下 JavaScript 代码：

'use strict';
const CryptoJS = require('crypto-js');

const plaintext = 's3cret';
const password  = 'MyPassword';
//const iv   = CryptoJS.lib.WordArray.random(16);
//const salt = CryptoJS.lib.WordArray.random(16);
const iv   = CryptoJS.enc.Hex.parse("43c9ccba630fe1cd61fc2bdb90121c6f"); // For testing
const salt = CryptoJS.enc.Hex.parse("5c788a415851e909d9c7951717714204"); // For testing
const key = CryptoJS.PBKDF2(password, salt, {keySize: 128/32, iterations: 1000});
const b64ciphertext = CryptoJS.AES.encrypt(plaintext, key, {iv: iv}).ciphertext.toString(CryptoJS.enc.Base64);
console.log(b64ciphertext);

Run Code Online (Sandbox Code Playgroud)

使用crypto-js@4.2.0, 产生：

'use strict';

const plaintext = 's3cret';
const password = 'MyPassword';
//const iv   = CryptoJS.lib.WordArray.random(16);
//const salt = CryptoJS.lib.WordArray.random(16);
const iv   = CryptoJS.enc.Hex.parse("43c9ccba630fe1cd61fc2bdb90121c6f"); // For testing
const salt = CryptoJS.enc.Hex.parse("5c788a415851e909d9c7951717714204"); // For testing
const key = CryptoJS.PBKDF2(password, salt, {keySize: 128/32, iterations: 1000});
console.log("key: " + key.toString(CryptoJS.enc.Base64));
const b64ciphertext = CryptoJS.AES.encrypt(plaintext, key, {iv: iv}).ciphertext.toString(CryptoJS.enc.Base64);
console.log("ciphertext: " + b64ciphertext);

Run Code Online (Sandbox Code Playgroud)

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js" integrity="sha512-a+SUDuwNzXDvz4XrIcXHuCf089/iJAoN4lmrXJg18XnduKK6YlDHNRalv4yd1N40OKI80tFidF+rqTFKGPoWFQ==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>

Run Code Online (Sandbox Code Playgroud)

key: 8E2dqz889iLAam1MV4wweQ==
ciphertext: eiJkaAmCVjHFKbvY/CnkvQ==

Run Code Online (Sandbox Code Playgroud)

使用crypto-js@4.1.1, 产生：

key: 8E2dqz889iLAam1MV4wweQ==
ciphertext: eiJkaAmCVjHFKbvY/CnkvQ==

Run Code Online (Sandbox Code Playgroud)

'use strict';

const plaintext = 's3cret';
const password = 'MyPassword';
//const iv   = CryptoJS.lib.WordArray.random(16);
//const salt = CryptoJS.lib.WordArray.random(16);
const iv   = CryptoJS.enc.Hex.parse("43c9ccba630fe1cd61fc2bdb90121c6f"); // For testing
const salt = CryptoJS.enc.Hex.parse("5c788a415851e909d9c7951717714204"); // For testing
const key = CryptoJS.PBKDF2(password, salt, {keySize: 128/32, iterations: 1000});
console.log("key: " + key.toString(CryptoJS.enc.Base64));
const b64ciphertext = CryptoJS.AES.encrypt(plaintext, key, {iv: iv}).ciphertext.toString(CryptoJS.enc.Base64);
console.log("ciphertext: " + b64ciphertext);

Run Code Online (Sandbox Code Playgroud)

key: 8NJim/oe3/Q0+wLRq86FGg==
ciphertext: qT1Vtod7ihS2wvtwmlnPow==

Run Code Online (Sandbox Code Playgroud)

这个答案crypto-js@4.1.1提供了Perl 等效的输出：

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js" integrity="sha512-E8QSvWZ0eCLGk4km3hxSsNmGWbLtSCSUcewDQPQWZF6pEU8GlT8a5fF32wOl1i8ftdMhssTrF/OhyGWwonTcXA==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>

Run Code Online (Sandbox Code Playgroud)

使用 Perl，如何获得类似于的输出crypto-js@4.2.0？

Answer 1

Top*_*aco 5

CryptoJS v4.1.1 默认使用 SHA1 作为 PBKDF2 摘要，CryptoJS v4.2.0 默认使用 SHA256。为了在 Perl 代码中使用 SHA256，您必须添加hash_class => 'HMACSHA2'，即：

my $pbkdf2 = Crypt::PBKDF2->new(output_len=>128/8, iterations=>1000, hash_class => 'HMACSHA2');

Run Code Online (Sandbox Code Playgroud)

为了完整起见：在 CryptoJS 中，还可以使用以下选项显式设置摘要hasher：以下代码还将在 v4.1.1 下使用 SHA256 作为 PBKDF2 摘要：

const key = CryptoJS.PBKDF2(password, salt, {keySize: 128/32, iterations: 1000, hasher: CryptoJS.algo.SHA256});

Run Code Online (Sandbox Code Playgroud)

请注意，CryptoJS 最近已停产且不再维护。

归档时间：	2 年，3 月前
查看次数：	163 次
最近记录：	2 年，3 月前