Why do Go and Pycrypto produce different ciphertexts when using AES-CFB, and how can this be resolved?-Golang-php.cn

Home

Backend Development

Golang

Why do Go and Pycrypto produce different ciphertexts when using AES-CFB, and how can this be resolved?

Susan Sarandon

Dec 07, 2024 pm 03:37 PM

Why do Go and Pycrypto produce different ciphertexts when using AES-CFB, and how can this be resolved?

Different Results in Go and Pycrypto When Using AES-CFB

The issue presented here involves encrypting data using AES-CFB with Go and Pycrypto, resulting in different ciphertexts. The provided Python and Go samples use identical keys, IVs, and plaintexts yet produce vastly distinct encrypted data:

Python: dbf6b1877ba903330cb9cf0c4f530d40bf77fe2bf505820e993741c7f698ad6b
Go: db70cd9e6904359cb848410bfa38d7d0a47b594f7eff72d547d3772c9d4f5dbe

Each language can decrypt its own ciphertext but fails to decrypt the other's output, hindering interoperability.

Resolution

The disparity stems from the different bit segment sizes used for CFB mode by Python and Go. Python utilizes CFB8, where data is processed in 8-bit segments, while Go's default implementation processes data in 128-bit blocks.

To resolve the issue and ensure Go can decrypt ciphertexts encrypted using Pycrypto's AES-CFB settings, one must modify Go's CFBEncrypter / CFBDecrypter to be compatible with 8-bit segments. The provided Go sample relies on the code within these functions to perform CFB encryption.

This customization involves:

Implementing a custom NewCFBDecrypter function that sets the segment size to 8:

func NewCFBDecrypter(block cipher.Block, iv []byte) cipher.Stream {
 if len(block.BlockSize()) != aes.BlockSize {
     panic("cipher: NewCFBDecrypter: invalid block size")
 }
 cfb := cfbDecrypter{
     blockSize:  block.BlockSize(),
     iv:         iv,
     segmentSize: 8,
     enc:        block,
     ofb:        copyBlock(block),
 }
 resetOfb(&cfb)
 return &cfb
}

Modifying the XORKeyStream function to process data in 8-bit chunks instead of 128-bit blocks:

func (x *cfbDecrypter) XORKeyStream(dst, src []byte) {
 dst = dst[:len(src)]
 switch {
 case len(src) == 0:
     return
 case len(src) = x.blockSize {
             x.segI = 0
         }
     }
     n := len(src) - len(src)%x.segmentSize
     x.segBuf[0:len(src[n:])] = src[n:]
     x.segPos = len(src[n:])
 }
}

With these changes, the Go sample should produce the same ciphertext as the Python implementation:

payload, err1 := hex.DecodeString("abababababababababababababababababababababababababababababababab")
password, err2 := hex.DecodeString("0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF")
iv, err3 := hex.DecodeString("00000000000000000000000000000000")

if err1 != nil {
    fmt.Printf("error 1: %v", err1)
    return
}

if err2 != nil {
    fmt.Printf("error 2: %v", err2)
    return
}

if err3 != nil {
    fmt.Printf("error 3: %v", err3)
    return
}

aesBlock, err4 := aes.NewCipher(password)
iv = iv[0:aes.BlockSize] // Trim the IV if it's longer than the AES block size

fmt.Printf("IV length:%v\n", len(iv))
fmt.Printf("password length:%v\n", len(password))

if err4 != nil {
    fmt.Printf("error 4: %v", err4)
    return
}

cfbDecrypter := cipher.NewCFBDecrypter(aesBlock, iv)
cfbDecrypter.XORKeyStream(payload, payload)

fmt.Printf("%v\n", hex.EncodeToString(payload)) // dbf6b1877ba903330cb9cf0c4f530d40bf77fe2bf505820e993741c7f698ad6b

The above is the detailed content of Why do Go and Pycrypto produce different ciphertexts when using AES-CFB, and how can this be resolved?. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Learn Go Byte Slice Manipulation: Working with the 'bytes' PackageMay 16, 2025 am 12:14 AM

ThebytespackageinGoisessentialformanipulatingbytesliceseffectively.1)Usebytes.Jointoconcatenateslices.2)Employbytes.Bufferfordynamicdataconstruction.3)UtilizeIndexandContainsforsearching.4)ApplyReplaceandTrimformodifications.5)Usebytes.Splitforeffici

How to use the 'encoding/binary' package to encode and decode binary data in Go (step-by-step)May 16, 2025 am 12:14 AM

Tousethe"encoding/binary"packageinGoforencodinganddecodingbinarydata,followthesesteps:1)Importthepackageandcreateabuffer.2)Usebinary.Writetoencodedataintothebuffer,specifyingtheendianness.3)Usebinary.Readtodecodedatafromthebuffer,againspeci

How do you use the 'encoding/binary' package to encode and decode binary data in Go?May 16, 2025 am 12:13 AM

The encoding/binary package provides a unified way to process binary data. 1) Use binary.Write and binary.Read functions to encode and decode various data types such as integers and floating point numbers. 2) Custom types can be handled by implementing the binary.ByteOrder interface. 3) Pay attention to endianness selection, data alignment and error handling to ensure the correctness and efficiency of the data.

Go strings package: is it complete for every use case?May 16, 2025 am 12:09 AM

Go's strings package is not suitable for all use cases. It works for most common string operations, but third-party libraries may be required for complex NLP tasks, regular expression matching, and specific format parsing.

What are the limits of the go string package?May 16, 2025 am 12:05 AM

The strings package in Go has performance and memory usage limitations when handling large numbers of string operations. 1) Performance issues: For example, strings.Replace and strings.ReplaceAll are less efficient when dealing with large-scale string replacements. 2) Memory usage: Since the string is immutable, new objects will be generated every operation, resulting in an increase in memory consumption. 3) Unicode processing: It is not flexible enough when handling complex Unicode rules, and may require the help of other packages or libraries.

String Manipulation in Go: Mastering the 'strings' PackageMay 14, 2025 am 12:19 AM

Mastering the strings package in Go language can improve text processing capabilities and development efficiency. 1) Use the Contains function to check substrings, 2) Use the Index function to find the substring position, 3) Join function efficiently splice string slices, 4) Replace function to replace substrings. Be careful to avoid common errors, such as not checking for empty strings and large string operation performance issues.

Go 'strings' package tips and tricksMay 14, 2025 am 12:18 AM

You should care about the strings package in Go because it simplifies string manipulation and makes the code clearer and more efficient. 1) Use strings.Join to efficiently splice strings; 2) Use strings.Fields to divide strings by blank characters; 3) Find substring positions through strings.Index and strings.LastIndex; 4) Use strings.ReplaceAll to replace strings; 5) Use strings.Builder to efficiently splice strings; 6) Always verify input to avoid unexpected results.

'strings' Package in Go: Your Go-To for String OperationsMay 14, 2025 am 12:17 AM

ThestringspackageinGoisessentialforefficientstringmanipulation.1)Itofferssimpleyetpowerfulfunctionsfortaskslikecheckingsubstringsandjoiningstrings.2)IthandlesUnicodewell,withfunctionslikestrings.Fieldsforwhitespace-separatedvalues.3)Forperformance,st

See all articles