我看过一些代码片段(例如,在 Ruby 中)
require 'openssl'
def encrypt_aes_256_cbc(plain_text, encrypt_key)
cipher = OpenSSL::Cipher::AES.new(256, :CBC)
cipher.encrypt
iv = cipher.random_iv
cipher.key = encrypt_key.ljust(cipher.key_len, '\0').slice(0, 32)
encrypted = cipher.update(plain_text) + cipher.final
(encrypted + iv).unpack('H*').first
end
def decrypt_aes_256_cbc(encrypted_text, encrypt_key)
cipher = OpenSSL::Cipher::AES.new(256, :CBC)
cipher.decrypt
raw_data = [encrypted_text].pack('H*')
cipher.iv = raw_data.slice(raw_data.length - 16, 16)
cipher.key = encrypt_key.ljust(cipher.key_len, '\0').slice(0, 32)
cipher.update(raw_data.slice(0, raw_data.length - 16)) + cipher.final
end
这种加密将 IV 暴露给结果,假设黑客得到 的结果encrypt_aes_256_cbc,那么他就得到了 IV,这是否意味着 CBC 模式变得毫无意义?
这个实现可以吗?