I have a ‘simple’ AES decryption with a given key using CryptoJS in Javascript
var CryptoJS = require('crypto-js');
let encrypted = 'U2FsdGVkX19dGrnVQb3BYZ9SWtQBCt2XZDeWFBEfWoi3qnSHg26aQnADUKjTDtSgpPUDzXc59XrIBsTZp9IRg4dYy9Lo0/GjSVn8qlINhE8NJXozQvUNPJSs6nvWSiivCsh9KHGsWFEusMeTefM9V2hKRpQHnFp5VHDLPgGImjHXOQO71eO4qFoQ3ESqUdnDO94nlTjcJU8AP+GabRMjHP08OVz87uyV4SfvT7AZhAYuOPOumHbJaV5nHz2ouqBZgXR3OK07AUk6V+Faz43BT3Qd2+xGLyz8C+teekmudVhmGlnzvMK/VUs0bNDUttdVVnkz/VbXVOj++07uhDsJoMKzZQYTNLkIl9HnuXDmhKOrLSYs2EYpNrH9T/2ZP3nwqJaI7bbLBCfCpNFGNLY4jyNou4Bl5GEK6sxg0zraUCZTgvfuuvBpKWFcFhPvYf8eJGoI3dOWTRWyRnS6e4j3bg==';
let key = 'KBlgcIOrad7EYpiz9LNNTMSg98QoqSVK';
var decrypted = CryptoJS.AES.decrypt(encrypted, key);
let data = decrypted.toString(CryptoJS.enc.Utf8);
console.log(data);
I were trying to decrypt that data in Go (Golang) but failed. I have no knowledge about AES, here my code so far
package main
import (
"crypto/aes"
"crypto/cipher"
"encoding/base64"
"fmt"
)
func main() {
encrypted := "U2FsdGVkX19dGrnVQb3BYZ9SWtQBCt2XZDeWFBEfWoi3qnSHg26aQnADUKjTDtSgpPUDzXc59XrIBsTZp9IRg4dYy9Lo0/GjSVn8qlINhE8NJXozQvUNPJSs6nvWSiivCsh9KHGsWFEusMeTefM9V2hKRpQHnFp5VHDLPgGImjHXOQO71eO4qFoQ3ESqUdnDO94nlTjcJU8AP+GabRMjHP08OVz87uyV4SfvT7AZhAYuOPOumHbJaV5nHz2ouqBZgXR3OK07AUk6V+Faz43BT3Qd2+xGLyz8C+teekmudVhmGlnzvMK/VUs0bNDUttdVVnkz/VbXVOj++07uhDsJoMKzZQYTNLkIl9HnuXDmhKOrLSYs2EYpNrH9T/2ZP3nwqJaI7bbLBCfCpNFGNLY4jyNou4Bl5GEK6sxg0zraUCZTgvfuuvBpKWFcFhPvYf8eJGoI3dOWTRWyRnS6e4j3bg=="
key := "KBlgcIOrad7EYpiz9LNNTMSg98QoqSVK"
e, _ := base64.StdEncoding.DecodeString(encrypted)
k := []byte(key)
dst, err := decryptAES(e, k)
if err != nil {
panic(err)
}
fmt.Println(string(dst))
}
func decryptAES(ciphertext []byte, key []byte) ([]byte, error) {
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
if len(ciphertext) < aes.BlockSize {
return nil, fmt.Errorf("ciphertext is too short")
}
iv := ciphertext[:aes.BlockSize]
ciphertext = ciphertext[aes.BlockSize:]
stream := cipher.NewCFBDecrypter(block, iv)
plaintext := make([]byte, len(ciphertext))
stream.XORKeyStream(plaintext, ciphertext)
return plaintext, nil
}
And the result: �9�������ff��ܱ�������jTY:���SV�PZLDw%�z��0���&���j@’��_H��0+����b�8�b}�;Yڸ�d���0�^P얿L�aC�3�2�m��d�h�
-��%Z(0��c�v�r�:�=�>}���b��n������g�lu}�������&�3�.�%|M���fxdGW27z�D��J���”(�[D�+<��n�z�4:�����
��iZs�ix��G�$��.= �3J��5{“g��#z ���Z�#���@���Xs��#�ZR;���VI������ ��w�X/�bp�r
��
Quick try: https://goplay.tools/snippet/QooAajJ4ky0
Please help me decrypt that data using Go or fix my code. Thank u <3
As @Topaco‘s clearely mentioned in the comment,
According to CryptoJS Documentation, The default mode is CBC. So your cipher text is encrypted in CBC mode.
But in your go code, You have used CFB mode by using cipher.NewCFBDecrypter(block, iv) to decrypt the cipher text which is obviously not the correct mode.
Instead of NewCFBDecrypter you have to use NewCBCDecrypter
I could successfully decrypt using https://github.com/Luzifer/go-openssl package.
package main
import (
"fmt"
"github.com/Luzifer/go-openssl"
)
func main() {
data := "U2FsdGVkX19dGrnVQb3BYZ9SWtQBCt2XZDeWFBEfWoi3qnSHg26aQnADUKjTDtSgpPUDzXc59XrIBsTZp9IRg4dYy9Lo0/GjSVn8qlINhE8NJXozQvUNPJSs6nvWSiivCsh9KHGsWFEusMeTefM9V2hKRpQHnFp5VHDLPgGImjHXOQO71eO4qFoQ3ESqUdnDO94nlTjcJU8AP+GabRMjHP08OVz87uyV4SfvT7AZhAYuOPOumHbJaV5nHz2ouqBZgXR3OK07AUk6V+Faz43BT3Qd2+xGLyz8C+teekmudVhmGlnzvMK/VUs0bNDUttdVVnkz/VbXVOj++07uhDsJoMKzZQYTNLkIl9HnuXDmhKOrLSYs2EYpNrH9T/2ZP3nwqJaI7bbLBCfCpNFGNLY4jyNou4Bl5GEK6sxg0zraUCZTgvfuuvBpKWFcFhPvYf8eJGoI3dOWTRWyRnS6e4j3bg=="
secret := "KBlgcIOrad7EYpiz9LNNTMSg98QoqSVK"
o := openssl.New()
dec, err := o.DecryptBytes(secret, []byte(data))
if err != nil {
fmt.Printf("An error occurred: %s\n", err)
}
fmt.Printf("Decrypted text: %s\n", string(dec))
}
Output
Decrypted text: [{"file":"https://eno.tendoloads.com/_v6/71f87b4028d27b3ba749bd2029f3248245618a740ca81a9a9863f257784436f85c939482f4d306945639b935dc612f232173cae4f207297dea8798f69741cdadcf03986938ae645355b02ac49101bd99d26dbcacac3e6ab00b678324a21474728d09a70cb4b5086fbc36943efb9f1695c522b23382b639d8f473c8ce9a528151/master.m3u8","type":"hls"}]
OR If you want to use CFB in CryptoJS, Then you have to specify the mode explicitly.
var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
mode: CryptoJS.mode.CFB,
});
CryptoJS uses the CBC mode by default and – if the key material is passed as string – a key derivation function (
EVP_BytesToKey()). On the Go side, neither the key derivation function nor the correct mode (CFB instead) is used. The decryption must therefore fail.