fucking-util-signature-all icon indicating copy to clipboard operation
fucking-util-signature-all copied to clipboard

Published 20 hours ago verified publisher icon lipingruan

加密内容稍长golang解密错误。

Open JavinYang opened this issue 5 years ago • 3 comments

js代码:

Vue.prototype.$rsa = function(data) {
	var priKey =
		`-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAz5TOzCB0DXwuYgftCFc27KxvJDPmNvDqVcqBPnn1UGmNkwcn
ZQSd+LSg1laDHwNui6dd/69pthE5Cj06SPKq/tXVazW7t5ycOfrRLrO22bym2Zis
kndhxyF1k7/LqoCnLhIFm82bNkihcUbmAbQMH6c4zqOVKJ5Hp8y4rd3oIk/zW/Yy
PQ+7ibFPEl2+2YUs4RDMwtghJqOv83nUryKPyo+zItq8qSzKDxrjNI5G/Ormlxn/
nTt6jJtOn3klbJG6CbtmOnX4P7gM/oJHRBq1r//P6Lcrr1OZESkUJ4+2/Q1JCiL9
wVSU+EmfyIBvY+xTlQ7UOegUJ3/mvzHEufDfzQIDAQABAoIBAD1HjcD+96OffEXe
VyA2NvWpden3FEg12MfYz0y1TjEd5/h2jS+qLERmdnCv+2dlaPX7Q6mejBN+hBs8
tf8g/E/cqnNK2o66wffvzl7+GMWwhoUIKDHY4lmZzA8A+MvtzOyxz0wOZ3qf+GDr
cC0ijM2vXPrLmdXy2+5yZjaVoti1v1+IywDN37pckZ4dmhs+m1ZovNzO8kf0u117
exf3PGMRAC/6aHWLrwvmzUKLtsCUzGwNXPFqECnMmCJZPjQqkx1pQWaVKo1E+DKF
4r7ViBxbYlMZmMZ9f1mVNLA152aQbX8jiPs/A20023zFaoFpQbAXgQ7f70wbe98n
ytiqUQECgYEA6iQVAk2MAp2vSJfQ8TDVO29R4PwDdD3a+9FpRmPnmVtSafKePDU3
IIrjET9nf+e5jA/rIfbZYSUX5ckPdN64o6G8FuqErOUqUKJAE8KVflzMfPMLAwGO
ioUnYxtfnR1GyNQTA6VMkzx/UYFvvtRpPUNwVQ+uxlfKUpAJ/u8JnkECgYEA4vX0
mtDlss47X4jPrNGvE0qoSmenw8aKEnzgyziwGeEOYAAu1y0gbvhiTljodtA7wQMX
MZwuZOGzeBhG4dMiQcSM6IBnajR9z70hEIz2YItS/hVCJUOGtaqUFk6J5hPpbrzG
+Wygq0JlWXas4HneG+XrzzoW0ar+SgKe7U+DNo0CgYB/X0meixkTgzyLvSsJSot1
XcWpIu+uGMg8HVur00V2g9t9j2LNVhW7OlL0Ww2u4xxpOW+sdmEjG864Tnx+E3tW
aPGtdb7fX3t5igpZtY0lxM3pWz4uUHZ+nJkkrQuCqR6MufHuFcpmfo60hDmKEnt9
vGYrn/BwLen+qCUH7nnJAQKBgQDFL2G8HCBk8C6/etLL2EWeoi+CrXohat5M37hC
d9bwNQtTNvV7N5bFMwHeBfq6N4Ki17eP/5yDQ2C0x4rV6qUJtOWjnuO6by6bjTsr
8Pyhtop9fCTC0V85eKE+nC/M+KHH9zV8QPd6s63wQ15BjT/+xwzQNyzaLxDNZmeD
0KA0hQKBgQDk046TF1xRSr3nCMZm/v9RQ3miC9P0/QohweL+gUAKsPlXqowm0zDm
DDCxPie0pOhW7x+pw8vtOuEf7CY6JskVcMAHxMTa9C1i0tqLwJ2bgWquK/KggKPZ
KH+/Dx4wBgnnTrdcWdLs1bb39x6EqbZXikGb5+D4hHFL2AIUIvpsuQ==
-----END RSA PRIVATE KEY-----`;

	var pubKey =
		`-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5TOzCB0DXwuYgftCFc2
7KxvJDPmNvDqVcqBPnn1UGmNkwcnZQSd+LSg1laDHwNui6dd/69pthE5Cj06SPKq
/tXVazW7t5ycOfrRLrO22bym2ZiskndhxyF1k7/LqoCnLhIFm82bNkihcUbmAbQM
H6c4zqOVKJ5Hp8y4rd3oIk/zW/YyPQ+7ibFPEl2+2YUs4RDMwtghJqOv83nUryKP
yo+zItq8qSzKDxrjNI5G/Ormlxn/nTt6jJtOn3klbJG6CbtmOnX4P7gM/oJHRBq1
r//P6Lcrr1OZESkUJ4+2/Q1JCiL9wVSU+EmfyIBvY+xTlQ7UOegUJ3/mvzHEufDf
zQIDAQAB
-----END PUBLIC KEY-----`;

	let rsa = new Signature.RSA();
	rsa.keys.setOptions({
		encryptionScheme: 'pkcs1'
	});
	rsa.setPrivateKey(priKey);
	rsa.setPublicKey(pubKey);

	let encrypted = rsa.encrypt(data, 'base64' /*default*/ );
        // 之后密文会拷贝到golang测试解密
	console.log("密文", encrypted)

	let decrypted = rsa.decrypt(encrypted, 'base64');
	console.log(decrypted)
};

// 这个长度加密以后golang可以正常解析
Vue.prototype.$rsa('{"system":"","registerCode":"yqBhf4z4UQKcYo0P_3","username":"S","password":"12345678","captchaId":"U26oZSk8KvCYnKTCo3dB","verificationCode":"7ey8","nonce":"1952220223909419643","key":"yMYQCBA6yphXNxDh","cid":"41850fa66954d544d30927e4de2305ce"}');
//在system添加了两个字符长度 golang解析失败
Vue.prototype.$rsa('{"system12":"","registerCode":"yqBhf4z4UQKcYo0P_3","username":"S","password":"12345678","captchaId":"U26oZSk8KvCYnKTCo3dB","verificationCode":"7ey8","nonce":"1952220223909419643","key":"yMYQCBA6yphXNxDh","cid":"41850fa66954d544d30927e4de2305ce"}');

golang:

// Rsa解密
func (this *cryptoEx) RsaDecrypt(ciphert []byte, privateKey []byte) ([]byte, error) {
	block, _ := pem.Decode(privateKey)
	if block == nil {
		return nil, errors.New("private key error!")
	}
	fmt.Println(string(block.Bytes))
	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
	if err != nil {
		return nil, err
	}

	return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphert)
}

// 分别拷贝js加密的铭文过来进行测试 含有system12的golang解析失败
data, _ := base64.StdEncoding.DecodeString("cNt8j7+Dxr3FVb8Pyub+QcNVR8rhVyUDSL8RxNnDZBoxeAYeFgGapba+Kbp/GkONBZakYL1CNVM9MXZNFzs8GRHmWmsl5yVi2krejJPV2JoRWpcgG19gP7PfAYXivLfAY4pFdLVDpWwf4w/td+YzOZIrYpf3MQqkVnPghWzVhbFeaQ3Xo58fPr5wW/EAE9BqjrNKJSk6EbLDZLKorJIronlj01WsyU4qWkij56gbiNfNYxl2VOanaMBwk4D7RSdCZXKWuZhbPkfw0KOPrkOC5czf7WiHPiPI6xlstO7VbUppdlXZ5mWvwDHvbTUMdvMxxtRK3ZeNE3m2HR4Ablsd9g==")
decData, err := util.CryptoEx.RsaDecrypt(data, pri)
if err != nil {
	fmt.Println(err)
}
fmt.Println("解密后的数据:", string(decData))

我是在不理解为什么会发生这种状况?js可以成功解析自己,但是拷贝到golang长度变化会导致解析失败,因此前来求救。

JavinYang avatar Jan 30 '20 23:01 JavinYang

我很少写Go, 不过我之前写的测试是通过了的, 我把你的密钥和密文复制进去解密通过了, 以下是示例:

package main

import (
  "fmt"
// ========第一步: 安装这个包========
  "github.com/wenzhenxi/gorsa"
)

// 这里不需要公钥
var PublicKey = `公钥`

// ========第二步: 复制私钥========
var PirvateKey = `私钥`


func main() {

// ========第三步: 复制密文========
  var encrypted = `密文`

  decrypted, decryptError := gorsa.PriKeyDecrypt ( encrypted, PirvateKey )

  fmt.Println ( decryptError );

  fmt.Println ( "\n解密数据 => " + decrypted + "\n" )
}

lipingruan avatar Jan 31 '20 16:01 lipingruan

不行不知道什么原因,我现在减少了内容长度,之后通过aes进行长内容数据加密的。

JavinYang avatar Feb 05 '20 01:02 JavinYang

@JavinYang

可能是你用的加密库没有实现分段加密,

在 Golang 里面推荐使用这个库:

github.com/wenzhenxi/gorsa

lipingruan avatar Mar 30 '20 04:03 lipingruan