Javascript 从Go到JS forge的AES-CFB
我想写点不安全的东西。其目的是对服务器端MP3进行加密,使其不能仅通过wget或“另存为”下载并供普通用户使用 想法是在服务器端,加载mp3,aes cfb对其进行加密,在头中发送密钥,在响应体中发送加密的mp3 服务器端使用Go的stdlib和AES-CFB加密。首先使用base64编码,然后只输出加密的[]字节-s 客户端我用forge解密。我发送一个xhr,读取arraybuffer,使用forge解密,并将输出写入控制台 test.txt的内容是“这只是一个测试,可能正在运行,可能没有。” 梅因,加油Javascript 从Go到JS forge的AES-CFB,javascript,encryption,go,Javascript,Encryption,Go,我想写点不安全的东西。其目的是对服务器端MP3进行加密,使其不能仅通过wget或“另存为”下载并供普通用户使用 想法是在服务器端,加载mp3,aes cfb对其进行加密,在头中发送密钥,在响应体中发送加密的mp3 服务器端使用Go的stdlib和AES-CFB加密。首先使用base64编码,然后只输出加密的[]字节-s 客户端我用forge解密。我发送一个xhr,读取arraybuffer,使用forge解密,并将输出写入控制台 test.txt的内容是“这只是一个测试,可能正在运行,可能没有。
package main
import (
"net/http"
"io"
"crypto/rand"
"os"
"crypto/aes"
"crypto/cipher"
"fmt"
)
var (
key = "1234567890123456"
fn = "test.txt"
)
func main() {
http.Handle("/file/", http.HandlerFunc(serveFile))
http.Handle("/", http.FileServer(http.Dir("public")))
http.ListenAndServe(":8080", nil)
}
func serveFile(w http.ResponseWriter, r *http.Request) {
file, e := os.Open(fn)
if e != nil {
fmt.Println(e.Error())
return
}
defer file.Close()
fi, _ := file.Stat()
b := make([]byte, fi.Size())
io.ReadFull(file, b)
o := AESencrypt([]byte(key), b)
w.Header().Set("Access-Control-Allow-Origin", "*")
//w.Header().Set("Key", key)
fmt.Println(o)
fmt.Println(len(o))
w.Write(o)
}
func AESencrypt(key []byte, content []byte) []byte {
block, err := aes.NewCipher(key)
if err != nil {
panic(err)
}
ciphertext := make([]byte, aes.BlockSize + len(content))
iv := ciphertext[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
panic(err)
}
stream := cipher.NewCFBEncrypter(block, iv)
stream.XORKeyStream(ciphertext[aes.BlockSize:], content)
return ciphertext
}
index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>MP3 Player Demo</title>
</head>
<body>
<button onclick="loadFile('1')">Load</button>
<script src="node_modules/node-forge/js/forge.bundle.js"></script>
<script src="assets/reader.js"></script>
</body>
</html>
结果很奇怪
它被“正确”解密,但是每个解密结果都有一个前缀或随机长度的垃圾
3产出:
ArrayBuffer { byteLength: 69 } reader.js:10:9
Object { data: "3~æÿK¥=®ªÿÂßthis is just a test…", read: 0, _constructedStringLength: 69 } reader.js:16:9
3~æÿK¥=®ªÿÂßthis is just a test and maybe it's working maybe not. reader.js:17:9
-------------- reader.js:18:9
ArrayBuffer { byteLength: 69 } reader.js:10:9
Object { data: "ÅJÇ9Ë54«ÚV«this is just a test…", read: 0, _constructedStringLength: 69 } reader.js:16:9
ÅJÇ9Ë54«ÚV«this is just a test and maybe it's working maybe not. reader.js:17:9
-------------- reader.js:18:9
ArrayBuffer { byteLength: 69 } reader.js:10:9
Object { data: "ªÕxïÂ`zqA \cýx#this is just a test…", read: 0, _constructedStringLength: 69 } reader.js:16:9
ªÕxïÂ`zqA \cýx#this is just a test and maybe it's working maybe not. reader.js:17:9
-------------- reader.js:18:9
此处的输出被截断,但与test.txt相同。正如您所看到的,它总是以随机垃圾为前缀
我做错了什么?AES-CFB的伪造实现是错误的还是正确的?为什么它们不兼容?或者为什么解密不同?如果AES-CFB是标准,为什么会有不同的实现
我还尝试了gopherjs作为替代方案,效果很好,但a)代码太大(~3.7MB),b)我不知道如何使用gopherjs播放解密的音频。但这只是一个旁白。你忘了取下IV。这意味着IV也会被“解密”,导致胡说八道 这种无稽之谈似乎被解释为UTF-8,其中一个字符可能采用多字节编码,因此打印出来的IV的大小可能有所不同
因此,请删除IV,并在调试二进制值时尝试打印十六进制。我删除了前缀,结果显示前缀长度为16字节。让音频播放是另一回事。你是对的,十六进制输出会显示它总是16字节的iv前缀。
ArrayBuffer { byteLength: 69 } reader.js:10:9
Object { data: "3~æÿK¥=®ªÿÂßthis is just a test…", read: 0, _constructedStringLength: 69 } reader.js:16:9
3~æÿK¥=®ªÿÂßthis is just a test and maybe it's working maybe not. reader.js:17:9
-------------- reader.js:18:9
ArrayBuffer { byteLength: 69 } reader.js:10:9
Object { data: "ÅJÇ9Ë54«ÚV«this is just a test…", read: 0, _constructedStringLength: 69 } reader.js:16:9
ÅJÇ9Ë54«ÚV«this is just a test and maybe it's working maybe not. reader.js:17:9
-------------- reader.js:18:9
ArrayBuffer { byteLength: 69 } reader.js:10:9
Object { data: "ªÕxïÂ`zqA \cýx#this is just a test…", read: 0, _constructedStringLength: 69 } reader.js:16:9
ªÕxïÂ`zqA \cýx#this is just a test and maybe it's working maybe not. reader.js:17:9
-------------- reader.js:18:9