


Error aesGCMOpen got password: Message authentication failed: golang decryption gcm
I'm trying to rewrite rails activesupport decryption to golang but getting this error
err aesGCMOpen got password: Message verification failed
This is rails code that actively supports decryption
class Crypton SECRET_KEY_BASE = ENV["SECRET_KEY_BASE"] class << self def encrypt text raise 'Encypt failed, secret_key_base not found' unless SECRET_KEY_BASE.present? text = text.to_s unless text.is_a? String len = ActiveSupport::MessageEncryptor.key_len salt = SecureRandom.hex len key = ActiveSupport::KeyGenerator.new(SECRET_KEY_BASE).generate_key salt, len crypt = ActiveSupport::MessageEncryptor.new key encrypted_data = crypt.encrypt_and_sign text "#{salt}$$#{encrypted_data}" end def decrypt text raise 'Decrypt failed, secret_key_base not found' unless SECRET_KEY_BASE.present? salt, data = text.split "$$" len = ActiveSupport::MessageEncryptor.key_len key = ActiveSupport::KeyGenerator.new(SECRET_KEY_BASE).generate_key salt, len crypt = ActiveSupport::MessageEncryptor.new key crypt.decrypt_and_verify data end end end
This is my golang code that I try to decrypt activesupport rewrite from rails
// DecryptGCM // reference on Rails 5.2-stable: // https://github.com/rails/rails/blob/5-2-stable/activesupport/lib/active_support/message_encryptor.rb#L183 func DecryptGCM(encryptedText string, secretKeyBase string) (string, error) { encryptText := strings.Split(encryptedText, "$$") saltHex := encryptText[0] encodedText := encryptText[1] splitEncodedText := strings.Split(encodedText, "--") encodedText = splitEncodedText[0] ivText := splitEncodedText[1] authTagText := splitEncodedText[2] decodeText, err := base64.StdEncoding.DecodeString(encodedText) if err != nil { return "", fmt.Errorf(`err b64 decode text got %v`, err) } ivDecodeText, err := base64.StdEncoding.DecodeString(ivText) if err != nil { return "", fmt.Errorf(`err b64 iv got %v`, err) } authTagTextDecoded, err := base64.StdEncoding.DecodeString(authTagText) if err != nil { return "", fmt.Errorf(`err b64 auth tag got %v`, err) } key := GenerateKey(secretKeyBase, saltHex) block, err := aes.NewCipher(key) if err != nil { return "", fmt.Errorf(`err aesNewCipher got %v`, err) } aesGCM, err := cipher.NewGCM(block) if err != nil { return "", fmt.Errorf(`err chipperNewGCM got %v`, err) } plaintext, err := aesGCM.Open(nil, ivDecodeText, decodeText, authTagTextDecoded) if err != nil { return "", fmt.Errorf(`err aesGCMOpen got %v`, err) } return string(plaintext), nil } func GenerateKey(secretKeyBase string, saltHex string) []byte { key := pbkdf2.Key([]byte(secretKeyBase), []byte(saltHex), 65536, 32, sha1.New) return key } func TestMain(t *testing.T) { encryptText := "7c7eb6202943398b0d0619d008d226372f1b3b341eb39500eab71c3b67b7f641$$hDJ5e+6QkoCjk4cqT+hAY9c7Jj7Hxg==--t9hrqWnzQeeJTffr--1bHoguSmIkYQrpI1cd/KRQ==" decrypted, err := DecryptGCM(encryptText, SECRET_KEY) if err != nil { fmt.Println("Error:", err) } else { fmt.Println("Decrypted:", decrypted) } }
The key is:
SECRET_KEY_BASE="3ae9b0ce19316f877554a0427044180e27267fb9798db9147feeb318865b3a52f79824201608f6e4e10dc8e3f29e5bf4b83e46c4103ff8d98b99903d054d720i"
I generated encrypted data from this rails command
Crypton.encrypt("hello, world")
If you find any solution please leave a comment,
Thanks
Can decrypt encrypted data from rails encryption
Correct answer
In Go code aesGCM.Open()
In the call, the ciphertext and authentication label are passed in the third and fourth parameters respectively. This is wrong. The two data must be concatenated and passed in the third parameter. The fourth parameter needs to be nil
. This parameter is used for additional data not used here.
Additionally, deserialization of decrypted data is missing from the Go code. To do this, an appropriate library must be applied, such as ruby-marshal.
Overall, the following changes are required:
import ( "bytes" rbmarshal "github.com/dozen/ruby-marshal" ... ) ... func DecryptGCM(encryptedText string, secretKeyBase string) (string, error) { ... plaintext, err := aesGCM.Open(nil, ivDecodeText, append(decodeText, authTagTextDecoded...), nil) // Fix 1 if err != nil { return "", fmt.Errorf(`err aesGCMOpen got %v`, err) } var v string rbmarshal.NewDecoder(bytes.NewReader(plaintext)).Decode(&v) // Fix 2 return string(v), nil }
With these changes, data encrypted using Rails code can be successfully decrypted using Go code.
The above is the detailed content of Error aesGCMOpen got password: Message authentication failed: golang decryption gcm. For more information, please follow other related articles on the PHP Chinese website!

Golangisidealforbuildingscalablesystemsduetoitsefficiencyandconcurrency,whilePythonexcelsinquickscriptinganddataanalysisduetoitssimplicityandvastecosystem.Golang'sdesignencouragesclean,readablecodeanditsgoroutinesenableefficientconcurrentoperations,t

Golang is better than C in concurrency, while C is better than Golang in raw speed. 1) Golang achieves efficient concurrency through goroutine and channel, which is suitable for handling a large number of concurrent tasks. 2)C Through compiler optimization and standard library, it provides high performance close to hardware, suitable for applications that require extreme optimization.

Reasons for choosing Golang include: 1) high concurrency performance, 2) static type system, 3) garbage collection mechanism, 4) rich standard libraries and ecosystems, which make it an ideal choice for developing efficient and reliable software.

Golang is suitable for rapid development and concurrent scenarios, and C is suitable for scenarios where extreme performance and low-level control are required. 1) Golang improves performance through garbage collection and concurrency mechanisms, and is suitable for high-concurrency Web service development. 2) C achieves the ultimate performance through manual memory management and compiler optimization, and is suitable for embedded system development.

Golang performs better in compilation time and concurrent processing, while C has more advantages in running speed and memory management. 1.Golang has fast compilation speed and is suitable for rapid development. 2.C runs fast and is suitable for performance-critical applications. 3. Golang is simple and efficient in concurrent processing, suitable for concurrent programming. 4.C Manual memory management provides higher performance, but increases development complexity.

Golang's application in web services and system programming is mainly reflected in its simplicity, efficiency and concurrency. 1) In web services, Golang supports the creation of high-performance web applications and APIs through powerful HTTP libraries and concurrent processing capabilities. 2) In system programming, Golang uses features close to hardware and compatibility with C language to be suitable for operating system development and embedded systems.

Golang and C have their own advantages and disadvantages in performance comparison: 1. Golang is suitable for high concurrency and rapid development, but garbage collection may affect performance; 2.C provides higher performance and hardware control, but has high development complexity. When making a choice, you need to consider project requirements and team skills in a comprehensive way.

Golang is suitable for high-performance and concurrent programming scenarios, while Python is suitable for rapid development and data processing. 1.Golang emphasizes simplicity and efficiency, and is suitable for back-end services and microservices. 2. Python is known for its concise syntax and rich libraries, suitable for data science and machine learning.


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment

mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

Atom editor mac version download
The most popular open source editor

VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft

Zend Studio 13.0.1
Powerful PHP integrated development environment