AES (aes-cbc-256)加密/解密的openssl预期输出截断

Question

我写了剧本。请原谅我不是脚本专家。破译后，结果被截断。

[Message in text]: 0123456789abcdefghijklmnopqrstuvwxyz

message_input in hex: 303132333435363738396162636465666768696a6b6c6d6e6f707172737475767778797a0a
key: 788a1ca0bf1ab80f092841aabd77793f
hex string is too short, padding with zero bytes to length
c19f83afc1160ce81b0fc9906d513693386ccdd313b0f2884c698411441054e8
ciphered text: c19f83afc1160ce81b0fc9906d513693386ccdd313b0f2884c698411441054e8
IV: 7ecd3d63a8b74bb2f80d71a1c9d43359
deciphering ...

hex string is too short, padding with zero bytes to length
key: 788a1ca0bf1ab80f092841aabd77793f
iv: 7ecd3d63a8b74bb2f80d71a1c9d43359
answer: 30313233343536373839616263646566
Deciphered Message in hex: 30313233343536373839616263646566
deciphered text: 0123456789abcdef

恢复的deciphered text: 0123456789abcdef**，** ghijklmnopqrstuvwxyz 被截断。，这应该是AES-CBC。有什么选择我没有打开吗？

这是密码：

    IV=$(openssl rand -hex 16)
    get_key_for_ciphering; # key_for_ciphering gets populated

    message_input=$(echo -n "${message_input//[[:space:]]/}") # remove spaces

    echo "message_input in hex: "$message_input
    echo "key": $key_for_ciphering;

    ANS=$(echo "0: $message_input" | xxd -r | openssl enc -aes-256-cbc -iv $IV -K "$key_for_ciphering" | xxd -p)

    ANS=$(echo -n "${ANS//[[:space:]]/}") # remove spaces

以下是解密(message_input=$ANS)：

    get_key_for_ciphering; # key_for_ciphering gets populated

    ANS=$(echo "0: $message_input" | xxd -r | openssl enc -aes-256-cbc -d -nopad -nosalt -K "$key_for_ciphering" -iv $IV | xxd -p) # -nopad -nosalt 

Answer 1

在您的问题中，问题在于xxd命令。当使用xxd -r将十六进制字符串转换为二进制时，您必须使用-p告诉xxd这是一个普通的十六进制字符串(没有换行)。

当用xxd -p转换回十六进制时，每隔32个字节就会添加换行符。不幸的是，xxd没有提供不包括换行的标志(您可以使用-c来设置列数，但它限制在最大值)。有许多选项可以删除换行符，但其中一个选项是在命令中附加一个| tr -d '\n'，如下面的示例所示。

IV=$(openssl rand -hex 16)
key_for_ciphering=$(openssl rand -hex 16)
message_input="303132333435363738396162636465666768696a6b6c6d6e6f707172737475767778797a0a"

message_input=$(echo -n "${message_input//[[:space:]]/}") # remove spaces

echo "Message: $message_input"
echo "Key: $key_for_ciphering"
echo "IV: $IV"

ANS=$(echo "0: $message_input" | xxd -r -p | openssl enc -aes-256-cbc -iv $IV -K "$key_for_ciphering" | xxd -p | tr -d '\n')

ANS=$(echo -n "${ANS//[[:space:]]/}") # remove spaces

echo "Encrypted: $ANS"

ANS=$(echo "0: $ANS" | xxd -r -p | openssl enc -aes-256-cbc -d -nopad -nosalt -K "$key_for_ciphering" -iv $IV | xxd -p | tr -d '\n')

echo "Decrypted: $ANS"

Answer 2

编辑：

不工作，因为shell参数不能包含二进制零。可能使用过滤器修复：

#!/bin/bash

tohex () {
    perl -e 'binmode STDIN; while (<STDIN>) { print unpack "H*",$_; }'
}

fromhex () {
    perl -e 'binmode STDIN; while (<STDIN>) { print pack "H*",$_; }'
}

binInput='0123456789abcdefghijklmnopqrstuvwxyz'

hexIV="$(openssl rand -hex 16)"

hexKey='788a1ca0bf1ab80f092841aabd77793f'

hexCipher="$(printf '%s' "$binInput" |\
    openssl enc -aes-256-cbc -nosalt -iv "$hexIV" -K "$hexKey" | tohex)"

binResult="$(printf '%s' "$hexCipher" | fromhex |\
   openssl enc -aes-256-cbc -d -iv "$hexIV" -K "$hexKey")"

if [ "$binInput" = "$binResult" ]; then echo OK;
fi

-原文：

我认为你的问题在于十六进制的转换。尝试使用perl /unpack：

tohex () {
    perl -e 'print unpack "H*", "$ARGV[0]"' "$1"
}

fromhex () {
    perl -e 'print pack "H*", "$ARGV[0]"' "$1"
}

message='0123456789abcdefghijklmnopqrstuvwxzy §"+!%/=()'
message_hex=$(tohex "$message")
message_cmp=$(fromhex "$message_hex")

if [ "$message" = "$message_cmp" ]; then echo OK; fi