<p>本文档旨在帮助开发者理解和实践 AES 加密 JSON 文件的解密过程,特别是在缺少初始化向量(IV)的情况下。我们将分析提供的 JavaScript 代码,并使用 Python 实现解密,同时探讨可能遇到的问题和解决方案,包括数据填充、
编码问题以及如何处理未知的 IV。通过本文,读者将能够掌握 AES 解密的基本原理和实际应用,并解决类似的问题。</p>
## 理解 AES 加密与解密
AES(Advanced Encryption Standard)是一种对称加密算法,广泛应用于
数据加密。在加密过程中,需要使用密钥(Key)和初始化向量(IV)。密钥用于加密和解密数据,而 IV 用于增加加密的随机性,防止相同的明文生成相同的密文,从而提高安全性。
### AES 的工作模式
AES 支持多种工作模式,如 CBC(Cipher Block Ch
aining)、ECB(Electronic Codebook)、CTR(Counter)等。不同的工作模式在安全性、性能和应用场景上有所差异。
- **CBC 模式:** 每个明文块在加密前与前一个密文块进行异或运算,因此每个密文块都依赖于之前的所有明文块。这种模式需要一个 IV,通常与密钥一起使用。
- **ECB 模式:** 每个明文块独立加密,相同的明文块会生成相同的密文块。这种模式简单但安全性较低,不推荐使用。
- **CTR 模式:** 将一个计数器加密后与明文进行异或运算。计数器对每个块递增,因此每个块的加密都不同。
### 数据填充(Padding)
由于 AES 是分组密码,需要将数据分成固定大小的块(例如 16
字节)。如果数据长度不是块大小的整数倍,则需要进行填充。常见的填充方式包括 PKCS#7 填充。
## 分析 JavaScript 解密代码
提供的 JavaScript 代码片段 `Decryption.
js` 包含了加密密钥和加密后的数据源,这为我们提供了破解加密的线索。
```
javascript
// Encrypted source for asset decryption functions.
let decryptionAESKey = "02f3ffa287f78ba68c60f24f79c6fb18ce32b4ebaadac11af5ace8c67a50ae9f";
let decryptionSource = "40b6b8e3d1f7b7128ecc16eae4702ff707e619c027744b8c55717e265516356dcbc3029ee1748978c8b13100f5c57352bb1e641a9104f037df0d65765d97e1997200d0fc41437c054bd6551b0b65ee0d53ac344f02ed6eaea3c4d24b0b667270c4c11593e4877c4dfd78ded0b8f35d6ceafec6d80ddec24f1653bf74d0b441f98e07529100845f4bff00bf96efa5307913a3fe5c87636ff1039a153a2ecb7ddf34500210292421715e4e063bf185afc22b21693260b638a4a395c1a87c3cc047e9acc5f59a1ca3144064cb6617f07bb6b357c4fe7c6ccbf9afee97efabf19397f7251702a6258a7aa42b704b238d27260930ec02f9451601360341018d4e2c34eb52
cade8cb9b46738c369a6324f2e9603961bf81fb14a34f1db1e6f0b550024fd82eb0cfe556578f7b4e8d110b4bb2071f221d9bb024016afb1e7b09751ace8332a739570ef159b865da5a4a599052c7a31bcdbe7c728fc78fdec634baa68fec24bc26cd306bb32b42d9e78b69eed8ff011e86730436027ec3a60fca7bdc363192a10c46353ba45dc1bd476c2d004746a506e4539fac1b456a4aa36063ada89f682e3cb20076130d4c7041e2fa8bf1867f4c257f453332a39efc2a4463b8da5a1509e9016623d047226e2e6fb90b53b11c28e24938a41e0c88441b687e372de74939f10f16b4c892ab99f390b827efa70bed165619e8be33c29211c1f0bc8122e0addde18bff2afa2b54409c33f36bb480552bb5d9d293eb1cc10b8cd1029fc08464b31c7ffe85a3bd0334782b2561e21d8df4208ea0390ab5d3ea5913bbdd822ca1d9e3d291e8953c3e7742d414616e3e49058a6fb984059f14346de6d13a138b710ad03c9a85f353142e1b9f731ea8f0b7df601d949339a7b917362177e03f89610f757c1564b6a8a4450ccbc8f0e7a1f1b33e6c5817724e2a8e0187e00a8b28cc0ad9a789ae38bba0104919806813cfbbdba5afe880fc074e7f57e9518c9a5293dee4dc69c402a652a660eb40f2c19ea5cdfc947a78205fc792423c40e20565c98f8b0e86a5c4928c018ffa269d99398a92d8259d4a29f98841caa1f7f38afd7973c98572411b7136b4b46c0071814e951c712acebff3dc65dd3d51be7714c6e2b687cf1d5d3bd6af32e53b90ebd7c5d189fd7e08790b20f1c9483ea296b4997c90396736c8d3f4f49f39e948bc083b1a17977a6996d53f0b2ea5b8afa591b13487903762d8ea90f334d0e3c6ae6c9fe6be1a0e820ff9185fc10d469c7945d2f67f24e87fe0efa81e3eab7e35df5a17f4fd29a1a0803d77f0d381f8ef169c75a59133ab9b527bff464d999c5cf2ee3e26588c19577ff8b118e507886c575d7bf34a8d55f79772a2aa64987ebc43dfa3b6790d20fa54a4c2344c9647d987f9da268573a1f7ecad3df5013eff514d3142a63b6636cfeb0f3731a2770c053f77fa839bff6cdc4a8d1da5ccc6457f23c6d1db958086b029170c54c4f2d8658589dad998860f8bcaa06a59345f754943fb78384253c077e91959ef6c7f0e1862ea4e67dad3fd5de4ccf99c215837619c9173ee9645c59100fc718ee8b95782af73d1f952898cedb653c9090f5941f5f440968a0dcf26fa3a5b73715f7f379b7d793a22559bb00107b5f346175f4aaf27e2eac1a6a35b21ab246fb68b1d48eb949aa71932cab58eaaffcd29965d9dd6e068f13d23cbde334ccb0aa0a0724a7dba6162b4487066605ae3148575cdc13523f06713aa2642e121ccea6c28c750428bc170e7486b6c255f50064dac1080d591b26289138705837188abb240a2c34e1a4293dd8f294c31d763d83ec0833cea4633e23a863cd3a700af99e1dd7781d8cb2088857ab9620af005aa267e75422e65a55a377b9af96008adab10ae73c7c1020e2d2d4406e54eb2f4270013537138c19c3b6795f8785eb66ef3b0dcdce56ed17a1022d0362a6c9e9be6c3b23667a51ae1fa8b8988602f56860cb90b00f38b82f3c1e1d101449c430ff77d9e38f30ed2704e8620419b28ced8d7933f0447c0e4e86a0678072c7dc3bf43adabd18bc5226bd7e1ec55bf1b779f227e54517252d919eee1ec6494fe3088235f8ac46b77888b6ebbf633da74371f0b9e014df6d4d993da3df5cf278205a43e468f48dca0faf1cc864ef8024aece48f36ded739b56deefd3380e2c851020f2ad80b6cef180fb2a24bbdf070e4d170c1a7a0eb4fdab1309cb2a4d3952ec58efc0c23696aa173de2ae878cd9fc1d6907f5542acea57786207c43859aecf1ca5715d78b3d92198434d83694960c1c4d7d8a23ca01af35fd6a5c98c38c0367b40cbb17559cc753d636ba94fe8ba6fc2635d27767dcef5f9b667cd94f843ec022e8195e9234e0c43801480d6f1be263572a5444cef4ac4c9f80a41e76c0012727e195776fa4b56834f447a11ff05f4092beb6ad234054b7164299b2e1e670407a280812794f2d1fbf7ad6342225f5be2537e13f5902b54d5bdaf19fa4ff535d44e03a9be57d91135119de28966320f449e97cc6fb807a6ed5d9f4bcc22d546af71d253b3cf00d4dd56393d68b25aff86c0893502c200257f3418a7e1247629a3a9464b415ffd1d7d6862b4f00fcb2669e943b9e157862bf71f2d5156a40bc91e26dbe6482090a03a324220c79c1f9c3b7c7f932c6d6407cb8fce7b5a67221a2c93aedf78d7eb69ba88862e31e92b2d5c7e8eee17bffd108bc46b94997590d94248d5440648baefebc37564facaa01047ebeeab15f90eff18111e8fc890231d3ba3d1214b0b797f9cf688f06a2b9e006de65846a01fd4bbaa290091d0b41b11179f31063a947a1778ed0f80931d66281e42a43f8a57ce31983c71d11e1c8cffd9a55c6987b3ca1c2cafafa0d3e0d21668477de5d4bac263c2d3828c5c55888033efedceb68885cc3e87a2a437875e8852d1445b660abe43555465713b57f694fe412183a0a809ad57e1805a11cc68a7f07b77c2e58581de2eb97741a3e34682437584f129894abd914effcb01d694e71046e3efa453386f08a283743adcfdcbf07ebb96e5a43c3c930f20ae977e0493ed28016085f99d9c6e9164dc4ba1cba17a7cdf121c885fa8cea686a7c4160df73185fb9067079fcd865a40c39c43c690e1b2c39a51aa18fc4ef4b269edc01fc1654b96e065de53fccf9ca933aa3134bb627511068e1caf24454a47ed92dd56122ce25786e8a38f31a42d766c6bd241410e36172b4722c84065c1bf3261aa587d1d5374f4bf6a96791cddc74ab97f32533ea487710dabcd17ce6160380eef91918e70dac3268301461013a255e8aa593d005db3b893db20c5cca8feb5af813f07ec603dd02f3414ed2a4";
decryptionaeskey 显然是 aes 密钥,而 decryptionsource 可能是加密后的数据。由于没有明确的 iv,我们需要尝试不同的方法来确定如何解密这段数据。
Python 实现 AES 解密
以下是一个 Python 脚本,用于解密 AES 加密的数据。该脚本使用了 pycryptodome 库,这是一个常用的 Python 加密库。
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
import binascii
def aes_decrypt(encrypted_data, aes_key):
# Decode hexadecimal encoded data
decoded_data = binascii.unhexlify(encrypted_data)
# Take the first 16 bytes as IV
iv = decoded_data[:16]
# Decode hexadecimal encoded AES key
key = binascii.unhexlify(aes_key)
# Create an AES cipher object mode cbc
cipher = AES.new(key, AES.MODE_CBC, iv)
# Decrypt the data and unpad
decrypted_data = unpad(cipher.decrypt(decoded_data[16:]), AES.block_size)
return decrypted_data.decode('utf_8')
#return decrypted_data
# Example data (replace with your actual data)
encrypted_data = "40b6b8e3d1f7b7128ecc16eae4702ff707e619c027744b8c55717e265516356dcbc3029ee1748978c8b13100f5c57352bb1e641a9104f037df0d65765d97e1997200d0fc41437c054bd6551b0b65ee0d53ac344f02ed6eaea3c4d24b0b667270c4c11593e4877c4dfd78ded0b8f35d6ceafec6d80ddec24f1653bf74d0b441f98e07529100845f4bff00bf96efa5307913a3fe5c87636ff1039a153a2ecb7ddf34500210292421715e4e063bf185afc22b21693260b638a4a395c1a87c3cc047e9acc5f59a1ca3144064cb6617f07bb6b357c4fe7c6ccbf9afee97efabf19397f7251702a6258a7aa42b704b238d27260930ec02f9451601360341018d4e2c34eb52cade8cb9b46738c369a6324f2e9603961bf81fb14a34f1db1e6f0b550024fd82eb0cfe556578f7b4e8d110b4bb2071f221d9bb024016afb1e7b09751ace8332a739570ef159b865da5a4a599052c7a31bcdbe7c728fc78fdec634baa68fec24bc26cd306bb32b42d9e78b69eed8ff011e86730436027ec3a60fca7bdc363192a10c46353ba45dc1bd476c2d004746a506e4539fac1b456a4aa36063ada89f682e3cb20076130d4c7041e2fa8bf1867f4c257f453332a39efc2a4463b8da5a1509e9016623d047226e2e6fb90b53b11c28e24938a41e0c88441b687e372de74939f10f16b4c89登录后复制
以上就是# 解密 AES 加密的 JSON 文件(无 IV)的详细内容,更多请关注php中文网其它相关文章!
30
广告
收藏
812
