将Ruby加密代码转换为Java [英] Translating Ruby encryption code to Java

问题描述

我有一个ruby中的旧代码，使用OpenSSL进行加密。
但是，我想用Java翻译这个代码，而且我丢失了。
到目前为止，我最大的拦截器正在找出如何根据这段代码生成IV。
任何帮助将不胜感激

  def func_enc（data，key）
 cipher = OpenSSL :: Cipher :: Cipher.new（aes-256-cbc）
 cipher.encrypt 
 cipher.pkcs5_keyivgen（key）
 cipher.update（data）
 encrypted_data<<< cipher.final 
 return encryptedData 
 end 
  

编辑

为了澄清，我想用这个Java Crypto。这是我到目前为止的代码：

  SecretKeyFactory factory = SecretKeyFactory.getInstance（PBKDF2WithMD5And256AES-CBC ）; 
 KeySpec spec = new PBEKeySpec（Password.toCharArray（），null，2048,256）; 
 SecretKey tmp = factory.generateSecret（spec）; 
 SecretKey secret = new SecretKeySpec（tmp.getEncoded（），AES）; 
密码密码= Cipher.getInstance（AES / CBC / PKCS5Padding）; 
 cipher.init（Cipher.ENCRYPT_MODE，secret）; 
 AlgorithmParameters params = cipher.getParameters（）; 
 byte [] iv = params.getParameterSpec（IvParameterSpec.class）.getIV（）; 
  

但PBKDF2WithMD5And256AES-CBC有任何提供者，我得到NoSuchAlgorithm异常。

  java.security.NoSuchAlgorithmException：PBKDF2WithMD5And256AES-CBC SecretKeyFactory不可用
  

另外，缺省情况下 pkcs5_keyivgen 使用的盐为空！我不知道Java是否允许我使用无效盐。

如何生成正确的IV？

解决方案

关于此文档页面的警告表明，与AES一起使用时，不建议使用的pkcs5_keyivgen方法会执行非标准的操作。首先，它使用PBKDF1而不是PBKDF2。

可能很难复制它的功能，并且实现加密算法通常是不合适的，除非你确切知道你是什么，重新做 - 甚至专家经常搞错。

I have a legacy code in ruby that does the encryption using OpenSSL
However, I would like to translate this in Java and I am lost. so far my biggest blocker is figuring out how to generate the IV based on this code. Any help would be greatly appreciated

    def func_enc(data, key)
        cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
        cipher.encrypt
        cipher.pkcs5_keyivgen(key)
        cipher.update(data)
        encrypted_data << cipher.final
        return encryptedData
    end

EDIT
Just to clarify, I would like to use Java Crypto for this. This is the code I came up with so far:

    SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithMD5And256AES-CBC");
    KeySpec spec = new PBEKeySpec("Password".toCharArray(), null, 2048, 256);
    SecretKey tmp = factory.generateSecret(spec);
    SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    cipher.init(Cipher.ENCRYPT_MODE, secret);
    AlgorithmParameters params = cipher.getParameters();
    byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();

but "PBKDF2WithMD5And256AES-CBC" does not have any provider and I get NoSuchAlgorithm exception.

    java.security.NoSuchAlgorithmException: PBKDF2WithMD5And256AES-CBC SecretKeyFactory not available

Also the salt that pkcs5_keyivgen uses by default is null!! I am not sure if Java lets me use a null salt.

How can I generate the correct IV ?

解决方案

The warning on this documentation page suggests that the deprecated pkcs5_keyivgen method does something non-standard when used together with AES. First of all, it uses PBKDF1, not PBKDF2.

It might be difficult to replicate what it does, and implementing cryptographic algorithms is generally inadvisable unless you know exactly what you're doing – even experts often get it wrong.

这篇关于将Ruby加密代码转换为Java的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！