如何使用OpenSSL解密的Java AES加密的数据? [英] how to use OpenSSL to decrypt Java AES-encrypted data?
问题描述
我接口的一个遗留的Java应用程序(应用程序不能改变),这是使用AES加密的数据。这里是原始的Java code是如何实例化AES密码:
I'm interfacing to a legacy Java application (the app cannot be changed) which is encrypting data using AES. Here is how the original Java code is instantiating the AES cipher:
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec );
我是一个C / C ++开发者,而不是Java,但我可以告诉这个遗留Java code未指定模式,也不是初始化向量。任何人都知道发生了什么的Java将被默认使用,因为没有指定?
I'm a C/C++ developer, not Java, but from what I can tell this legacy Java code is not specifying the mode, nor the initialization vector. Anyone happen to know what Java would be using by default since it isn't specified?
我们需要新的C / C ++应用程序解密的Java加密的数据。但我在一个无所适从用于OpenSSL的初始化向量和链接模式,因为我不知道做什么的Java。
We need the new C/C++ app to decrypt the Java-encrypted data. But I'm at a loss as to what to use for OpenSSL's initialization vector and chaining mode since I don't know what java does.
推荐答案
找到可能的答案:
默认,Java的加密算法(至少在Sun的实现)在什么是被构造
所谓电子codebook(ECB)模式。
(来源: http://www.javamex.com/tutorials/cryptography/block_modes.shtml )
"By default, Java Ciphers (at least in Sun's implementations) are constructed in what is called Electronic Codebook (ECB) mode." (Source: http://www.javamex.com/tutorials/cryptography/block_modes.shtml)
因此,如果欧洲央行默认情况下使用,我想这意味着没有初始化向量,我可以使用OpenSSL的从下面的方法:
So if ECB is used by default, I guess that means no initialization vector, and I can use the following method from OpenSSL:
void AES_ecb_encrypt(*in, *out, *key, enc);
使用 AES_DECRYPT()我可以解密起源于Java端1000+字节的信息。因此,它看起来像Java确实默认为ECB模式,没有初始化向量。但是,我还是不能加密并发送一个新的消息的Java应用程序。调查仍在继续。
Using AES_decrypt() I can decrypt 1000+ byte messages that originated on the Java side. So it looks like Java does indeed default to ECB mode with no initialization vector. However, I still cannot encrypt and send a new message to the Java app. Investigation continues.
得到了所有的工作。感谢众多的提示。我可以在默认情况下确认Java使用 ECB 。所有填充字节被设置为加入字节(这被称为PKCS5-填充)的数量。 的Hello World - >被Java加密 - >使用OpenSSL看起来像解密的Hello World \\ 5 \\ 5 \\ 5 \\ 5 \\ 5 。
Got it all working. Thanks for the numerous hints. I can confirm Java uses ECB by default. All padding bytes are set to the number of bytes added (which is known as PKCS5-padding). "Hello World" -> encrypted by Java -> decrypted using OpenSSL will look like "Hello World\5\5\5\5\5".
这篇关于如何使用OpenSSL解密的Java AES加密的数据?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
