Encryption 使用CTR模式解密
我试图了解使用CTR模式的加密是如何工作的,因此我创建了以下函数来测试它:Encryption 使用CTR模式解密,encryption,go,Encryption,Go,我试图了解使用CTR模式的加密是如何工作的,因此我创建了以下函数来测试它: import ( "crypto/cipher" "crypto/rand" ) // generateIV generates an initialization vector (IV) suitable for encryption. // // http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Initialization_v
import (
"crypto/cipher"
"crypto/rand"
)
// generateIV generates an initialization vector (IV) suitable for encryption.
//
// http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Initialization_vector_.28IV.29
func generateIV(bytes int) []byte {
b := make([]byte, bytes)
rand.Read(b)
return b
}
func encrypt(block cipher.Block, value []byte) []byte {
iv := generateIV(block.BlockSize())
encrypted := make([]byte, len(value) + block.BlockSize())
encrypted = append(encrypted, iv...)
stream := cipher.NewCTR(block, iv)
stream.XORKeyStream(encrypted, value)
return encrypted
}
func decrypt(block cipher.Block, encrypted []byte) []byte {
iv := encrypted[:block.BlockSize()]
ciphertext := encrypted[block.BlockSize():]
stream := cipher.NewCTR(block, iv)
plain := make([]byte, len(ciphertext))
// XORKeyStream is used to decrypt too?
stream.XORKeyStream(plain, ciphertext)
return plain
}
加密似乎工作得很好,但我真的不知道,因为我不理解解密的输出。我是否也应该使用
stream.XORKeyStream
进行解密?测试如下所示:
import (
"crypto/aes"
"fmt"
"testing"
)
func TestEncryptCTR(t *testing.T) {
block, err := aes.NewCipher([]byte("1234567890123456"))
if err != nil {
panic(err)
}
value := "foobarbaz"
encrypted := encrypt(block, []byte(value))
decrypted := decrypt(block, encrypted)
fmt.Printf("--- %s ---", string(decrypted))
}
但我绝对不会让“foobarbaz”回来。你能指出我做错了什么吗?问题是我在测试基础知识之前做得太多了。我想在生成的密文前加上IV,但在某种程度上我破坏了一切。这个简单的版本,没有预设IV,可以工作:
import (
"crypto/cipher"
"crypto/rand"
)
// generateIV generates an initialization vector (IV) suitable for encryption.
//
// http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Initialization_vector_.28IV.29
func generateIV(bytes int) []byte {
b := make([]byte, bytes)
rand.Read(b)
return b
}
func encrypt(block cipher.Block, value []byte, iv []byte) []byte {
stream := cipher.NewCTR(block, iv)
ciphertext := make([]byte, len(value))
stream.XORKeyStream(ciphertext, value)
return ciphertext
}
func decrypt(block cipher.Block, ciphertext []byte, iv []byte) []byte {
stream := cipher.NewCTR(block, iv)
plain := make([]byte, len(ciphertext))
// XORKeyStream is used to decrypt too!
stream.XORKeyStream(plain, ciphertext)
return plain
}
以及相应的测试:
import (
"crypto/aes"
"fmt"
"testing"
)
func TestEncryptCTR(t *testing.T) {
block, err := aes.NewCipher([]byte("1234567890123456"))
if err != nil {
panic(err)
}
iv := generateIV(block.BlockSize())
value := "foobarbaz"
encrypted := encrypt2(block, []byte(value), iv)
decrypted := decrypt2(block, encrypted, iv)
fmt.Printf("--- %s ---", string(decrypted))
}
我得到了“foobarbaz”,正如预期的那样
现在,让预编IV开始工作。:)
编辑就是这样,自动生成并在IV前面加上前缀:
func encrypt(block cipher.Block, value []byte) []byte {
// Generate an initialization vector (IV) suitable for encryption.
// http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Initialization_vector_.28IV.29
iv := make([]byte, block.BlockSize())
rand.Read(iv)
// Encrypt it.
stream := cipher.NewCTR(block, iv)
stream.XORKeyStream(value, value)
// Return iv + ciphertext.
return append(iv, value...)
}
func decrypt(block cipher.Block, value []byte) []byte {
if len(value) > block.BlockSize() {
// Extract iv.
iv := value[:block.BlockSize()]
// Extract ciphertext.
value = value[block.BlockSize():]
// Decrypt it.
stream := cipher.NewCTR(block, iv)
stream.XORKeyStream(value, value)
return value
}
return nil
}
程序的第一个版本(有问题)中的错误在哪里?
stream.XORKeyStream()
接收到一个非空的片段,用encrypt()
中的加密值填充,因为我在加密之前预先添加了IV。先做准备,然后再解决。