与Java和.net相比，Mcrypt Blowfish php的结果略有不同 [英] mcrypt blowfish php slightly different results when compared to java and .net

问题描述

下面是一些具有更改后的键值和有效负载的示例代码:

Here is some example code with altered key values and payload:

$key = '/4rTInjwg/H/nA==';
$key = base64_decode($key);

$data = 'val=100|val=200|val=300|val=400|val=500|val=600|val=700|val=800|val=900|';
$data.= 'val2=100|val2=200|val2=300|val2=400|val2=500|val2=600|val2=700|val2=800|val2=900|';
$data.= 'val3=100|val3=200|val3=300|val3=400|val3=500|val3=600|val3=700|val3=800|val3=900|';
$data.= 'val4=100|val4=200|val4=300|val4=400|val4=500|val4=600|val4=700|val4=800|val4=900|';

$result = base64_encode(mcrypt_ecb(MCRYPT_BLOWFISH,$key, $data, MCRYPT_ENCRYPT));

这在PHP中可以很好地进行加密和解密，但是Java和.NET具有不同的值，更糟糕的是，我无法解密Java或.NET的结果.当我尝试从Java解密值时，我得到了一个字符串，该字符串以正确的开头，但最终会导致一半的垃圾.万一有人怀疑，我正在Windows XP的5.3x中工作.

This encrypts and decrypts fine in PHP, but Java and .NET come up with different values, and what's worse, I can't decrypt the results from Java or .NET. When I attempt to decrypt the values from java, I get a string that starts out right, but ends up garbage half way through. I'm working in 5.3x in Windows XP in case anyone wondered.

在STFW程序中，我注意到几个线程，其中最后一个注释提到了有关base64由于键入问题而使结果混乱的问题，我想知道这是否是因为结果如此接近而导致的结果(前50个还是这样字符匹配，然后事情就转到@#$!.

While I STFW I've noticed several threads where the last comments mention things about base64 messing up the result due to typing problems, and I'm wondering if that's what's going on because the results get so close, the first 50 or so characters match, then things go to @#$!.

我也阅读了几个有关块大小和填充的线程，但是似乎没有人同意填充的内容.我真的需要知道Java是否填充文本，默认块大小是多少，填充是什么?见下文:

I've also read several threads about the block size and padding, but no-one can seem to agree on what the padding should be. I really need to know if Java is padding the text, what the default block size is, what the pad would be? See below:

Java开发人员正在这样做:

The java developer is doing:

    import org.apache.commons.codec.binary.Base64;
    import java.util.ResourceBundle;
    import com.sun.crypto.provider.SunJCE;

    ... snip ...

    StringBuffer ourTransferBuffer = new StringBuffer(s);
    byte abyte0[] = Base64.decodeBase64(encryptionKey);
    SunJCE sunjce = new SunJCE();
    Security.addProvider(sunjce);
    SecretKeySpec secretkeyspec = new SecretKeySpec(abyte0, "Blowfish");
    Cipher cipher = Cipher.getInstance("Blowfish");
    cipher.init(1, secretkeyspec);
    byte abyte1[] = cipher.doFinal(ourTransferBuffer.toString().getBytes());
    s = Base64.encodeBase64String(abyte1);
    return s;

    ... snip ...

我已经为此花了太多时间，有人在这里有什么想法吗?谢谢.

I've burned too much time on this already, anyone have any ideas here? Thanks.

推荐答案

弄清楚了，简单的pkcs5填充解决了该问题.

Figured it out, simple pkcs5 padding fixed the issue.

... snip  ...

$data = 'val=100|val=200|val=300|val=400|val=500|val=600|val=700|val=800|val=900|';
$data.= 'val2=100|val2=200|val2=300|val2=400|val2=500|val2=600|val2=700|val2=800|val2=900|';
$data.= 'val3=100|val3=200|val3=300|val3=400|val3=500|val3=600|val3=700|val3=800|val3=900|';
$data.= 'val4=100|val4=200|val4=300|val4=400|val4=500|val4=600|val4=700|val4=800|val4=900|';

$blocksize = mcrypt_get_block_size('blowfish', 'ecb'); // get block size
$pkcs = $blocksize - (strlen($data) % $blocksize); // get pkcs5 pad length
$data.= str_repeat(chr($pkcs), $pkcs); // append pkcs5 padding to the data

// encrypt and encode
$res = base64_encode(mcrypt_ecb(MCRYPT_BLOWFISH,$key, $data, MCRYPT_ENCRYPT));

这篇关于与Java和.net相比，Mcrypt Blowfish php的结果略有不同的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！