How to implement CryptoJS.AES.decrypt in Go

Question content

I am using CryptoJS in JavaScript to do a "simple" AES decryption with a given key

var CryptoJS = require('crypto-js');

let encrypted = 'U2FsdGVkX19dGrnVQb3BYZ9SWtQBCt2XZDeWFBEfWoi3qnSHg26aQnADUKjTDtSgpPUDzXc59XrIBsTZp9IRg4dYy9Lo0/GjSVn8qlINhE8NJXozQvUNPJSs6nvWSiivCsh9KHGsWFEusMeTefM9V2hKRpQHnFp5VHDLPgGImjHXOQO71eO4qFoQ3ESqUdnDO94nlTjcJU8AP+GabRMjHP08OVz87uyV4SfvT7AZhAYuOPOumHbJaV5nHz2ouqBZgXR3OK07AUk6V+Faz43BT3Qd2+xGLyz8C+teekmudVhmGlnzvMK/VUs0bNDUttdVVnkz/VbXVOj++07uhDsJoMKzZQYTNLkIl9HnuXDmhKOrLSYs2EYpNrH9T/2ZP3nwqJaI7bbLBCfCpNFGNLY4jyNou4Bl5GEK6sxg0zraUCZTgvfuuvBpKWFcFhPvYf8eJGoI3dOWTRWyRnS6e4j3bg==';
let key = 'KBlgcIOrad7EYpiz9LNNTMSg98QoqSVK';

var decrypted = CryptoJS.AES.decrypt(encrypted, key);

let data = decrypted.toString(CryptoJS.enc.Utf8);

console.log(data);

I tried to decrypt this data in Go (Golang) but failed. I know nothing about AES, this is my code so far

package main

import (
    "crypto/aes"
    "crypto/cipher"
    "encoding/base64"
    "fmt"
)

func main() {
    encrypted := "U2FsdGVkX19dGrnVQb3BYZ9SWtQBCt2XZDeWFBEfWoi3qnSHg26aQnADUKjTDtSgpPUDzXc59XrIBsTZp9IRg4dYy9Lo0/GjSVn8qlINhE8NJXozQvUNPJSs6nvWSiivCsh9KHGsWFEusMeTefM9V2hKRpQHnFp5VHDLPgGImjHXOQO71eO4qFoQ3ESqUdnDO94nlTjcJU8AP+GabRMjHP08OVz87uyV4SfvT7AZhAYuOPOumHbJaV5nHz2ouqBZgXR3OK07AUk6V+Faz43BT3Qd2+xGLyz8C+teekmudVhmGlnzvMK/VUs0bNDUttdVVnkz/VbXVOj++07uhDsJoMKzZQYTNLkIl9HnuXDmhKOrLSYs2EYpNrH9T/2ZP3nwqJaI7bbLBCfCpNFGNLY4jyNou4Bl5GEK6sxg0zraUCZTgvfuuvBpKWFcFhPvYf8eJGoI3dOWTRWyRnS6e4j3bg=="
    key := "KBlgcIOrad7EYpiz9LNNTMSg98QoqSVK"

    e, _ := base64.StdEncoding.DecodeString(encrypted)
    k := []byte(key)

    dst, err := decryptAES(e, k)
    if err != nil {
        panic(err)
    }

    fmt.Println(string(dst))
}

func decryptAES(ciphertext []byte, key []byte) ([]byte, error) {
    block, err := aes.NewCipher(key)
    if err != nil {
        return nil, err
    }

    if len(ciphertext) < aes.BlockSize {
        return nil, fmt.Errorf("ciphertext is too short")
    }

    iv := ciphertext[:aes.BlockSize]
    ciphertext = ciphertext[aes.BlockSize:]

    stream := cipher.NewCFBDecrypter(block, iv)
    plaintext := make([]byte, len(ciphertext))
    stream.XORKeyStream(plaintext, ciphertext)

    return plaintext, nil
}

Result: �9�����ff������������jTY:���SV�PZLDw%�z��0���&� � �j@'��_H��0 ����b�8�b}�;Y���d��0�^P얿L�aC�3�2�m�� d׺ �h� -׸��%Z(0��c�v�r�:�=�>}���b��n�����g�lu}������&�3� .�%|M��fxdGW27z�D��J���"(�[D� <��n�z�4:����� ��iZs��ix��G��$��.=��3J��5{"g��#z ����Z��#����@����Xs��# ��ZR;����VI ������ ��w�X/�bp�r ��

Quick try: https://goplay.tools/snippet/QooAajJ4ky0

Please help me decrypt this data using Go or fix my code. Thank you<3

Correct answer

As @Topaco clearly mentioned in the comments,

According to CryptoJS Documentation, the default mode is CBC. So your ciphertext is encrypted using CBC mode.

But in your go code, you used CFB mode to decrypt the ciphertext by using cipher.NewCFBDecrypter(block, iv), This is obviously not the correct model.

You must use NewCFBDecrypter /pkg.go.dev/crypto/cipher#NewCB​​CDecrypter" rel="nofollow noreferrer">NewCB​​CDecrypter

I can use the https://www.php.cn/link/2c6ee860dfb322d0fc5dbbf5a2aa0b39 package.

<code>package main

import (
    "fmt"
    "github.com/Luzifer/go-openssl"
)

func main() {
    data := "U2FsdGVkX19dGrnVQb3BYZ9SWtQBCt2XZDeWFBEfWoi3qnSHg26aQnADUKjTDtSgpPUDzXc59XrIBsTZp9IRg4dYy9Lo0/GjSVn8qlINhE8NJXozQvUNPJSs6nvWSiivCsh9KHGsWFEusMeTefM9V2hKRpQHnFp5VHDLPgGImjHXOQO71eO4qFoQ3ESqUdnDO94nlTjcJU8AP+GabRMjHP08OVz87uyV4SfvT7AZhAYuOPOumHbJaV5nHz2ouqBZgXR3OK07AUk6V+Faz43BT3Qd2+xGLyz8C+teekmudVhmGlnzvMK/VUs0bNDUttdVVnkz/VbXVOj++07uhDsJoMKzZQYTNLkIl9HnuXDmhKOrLSYs2EYpNrH9T/2ZP3nwqJaI7bbLBCfCpNFGNLY4jyNou4Bl5GEK6sxg0zraUCZTgvfuuvBpKWFcFhPvYf8eJGoI3dOWTRWyRnS6e4j3bg=="
    secret := "KBlgcIOrad7EYpiz9LNNTMSg98QoqSVK"

    o := openssl.New()

    dec, err := o.DecryptBytes(secret, []byte(data))
    if err != nil {
        fmt.Printf("An error occurred: %s\n", err)
    }

    fmt.Printf("Decrypted text: %s\n", string(dec))
}

</code>

Output

Decrypted text: [{"file":"https://eno.tendoloads.com/_v6/71f87b4028d27b3ba749bd2029f3248245618a740ca81a9a9863f257784436f85c939482f4d306945639b935dc612f232173cae4f207297dea8798f69741cdadcf03986938ae645355b02ac49101bd99d26dbcacac3e6ab00b678324a21474728d09a70cb4b5086fbc36943efb9f1695c522b23382b639d8f473c8ce9a528151/master.m3u8","type":"hls"}]

or If you want to use CFB with CryptoJS, then you must specify the mode explicitly.

var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
  mode: CryptoJS.mode.CFB,
});

The above is the detailed content of How to implement CryptoJS.AES.decrypt in Go. For more information, please follow other related articles on the PHP Chinese website!