Java 中 PKCS#5 PBKDF1 的算法名称是什么? [英] What is the algorithm name for PKCS#5 PBKDF1 in Java?

问题描述

我在使用密码学方面有几个问题.我正在使用 AES.

I have a couple of questions in using cryptography. I am using AES.

问题 1:

我正在尝试在 .我正在尝试获取与 PBKDF1 PKCS#5 相关的实例.我是密码学的新手.我在网上试过，但我找不到任何这样的算法.是否支持它.我想要这样的东西.

I am trying to Use the SecretKeyFactory class in . I am trying to get instance related to PBKDF1 PKCS#5. I am new to cryptography. I tried online but Iam not able to find any such algorithm. Does support it. I want some thing like this.

SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF1Pkcs#5");
KeySpec spec = new PBEKeySpec(password, salt, 1, 128);

问题 2:

以上两行代码是否与Crypto++代码中的以下代码行做同样的事情?

Does the above two lines of code do the same thing as the below lines of code in Crypto++ code?

PKCS5_PBKDF1 <MD5> fn;
fn.DeriveKey(key, MD5::DIGESTSIZE, 0, key.getBytes(), salt.getBytes(), salt.size(), PBKDF1_ITERATIONS, time_in_seconds);

如果不能，有人可以给出一些可以模仿上述 C++ 代码行的内容.

If not can some one give some thing in which can mimic what the above lines of c++ code do.

谢谢

推荐答案

回复:问题 1

根据 SecretKeyFactory 的 Java 6 API 文档，

应用程序开发人员应参考其提供商的文档，以了解 generateSecret 和 getKeySpec 方法支持哪些关键规范.例如，SunJCE"提供者提供的 DES 密钥工厂支持 DESKeySpec 作为 DES 密钥的透明表示，而该提供者的三重 DES 密钥的秘密密钥工厂支持 DESedeKeySpec 作为三重 DES 密钥的透明表示.

Application developers should refer to their provider's documentation to find out which key specifications are supported by the generateSecret and getKeySpec methods. For example, the DES secret-key factory supplied by the "SunJCE" provider supports DESKeySpec as a transparent representation of DES keys, and that provider's secret-key factory for Triple DES keys supports DESedeKeySpec as a transparent representation of Triple DES keys.

如果我们查看 SunJCE 提供程序文档 对于 PKCS，我们看到...

If we look at the SunJCE provider documentation for PKCS, we see...

PBEWithMD5AndDES:基于密码的加密算法，定义在:RSA 实验室，PKCS #5:基于密码的加密标准"，1.5 版，1993 年 11 月.请注意，该算法暗示 CBC 作为密码模式，PKCS5Padding 作为填充方案，不能与任何其他密码模式或填充方案一起使用.

PBEWithMD5AndDES: The password-based encryption algorithm as defined in: RSA Laboratories, "PKCS #5: Password-Based Encryption Standard," version 1.5, Nov 1993. Note that this algorithm implies CBC as the cipher mode and PKCS5Padding as the padding scheme and cannot be used with any other cipher modes or padding schemes.

回复:问题 2

在同一文档的使用基于密码的加密部分中，您将找到以下示例代码.请记住，示例代码使用静态盐，但安全实现会在用户每次更改密码时使用生成随机盐.

In the same document, in the section Using Password-Based Encryption, you will find the following sample code. Keep in mind that the sample code uses a static salt, but a secure implementation would use generate a random salt each time the user changes their password.

PBEKeySpec pbeKeySpec;
PBEParameterSpec pbeParamSpec;
SecretKeyFactory keyFac;

// Salt
byte[] salt = {
    (byte)0xc7, (byte)0x73, (byte)0x21, (byte)0x8c,
    (byte)0x7e, (byte)0xc8, (byte)0xee, (byte)0x99
};

// Iteration count
int count = 20;

// Create PBE parameter set
pbeParamSpec = new PBEParameterSpec(salt, count);

// Prompt user for encryption password.
// Collect user password as char array (using the
// "readPasswd" method from above), and convert
// it into a SecretKey object, using a PBE key
// factory.
System.out.print("Enter encryption password:  ");
System.out.flush();
pbeKeySpec = new PBEKeySpec(readPasswd(System.in));
keyFac = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);

// Create PBE Cipher
Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");

// Initialize PBE Cipher with key and parameters
pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);

// Our cleartext
byte[] cleartext = "This is another example".getBytes();

// Encrypt the cleartext
byte[] ciphertext = pbeCipher.doFinal(cleartext);

其他算法

再次，来自同一页面.真的，我建议您通读全文，因为它也可能会回答您的其他问题

Again, from the same page. Really, I recommend you read through the whole thing, as it will probably answer other questions you have, as well

PBEWith<digest>和<encryption>或 PBEWith<prf>And<encryption>:用于 PKCS #5 基于密码的加密的密钥工厂，其中 <digest>是消息摘要，<prf>是一个伪随机函数，并且<encryption>是一种加密算法.示例:PBEWithMD5AndDES(PKCS #5，v 1.5)和 PBEWithHmacSHA1AndDESede(PKCS #5，v 2.0).注意:它们都只使用每个密码字符的低 8 位.

PBEWith<digest>And<encryption> or PBEWith<prf>And<encryption>: Secret-key factory for use with PKCS #5 password-based encryption, where <digest> is a message digest, <prf> is a pseudo-random function, and <encryption> is an encryption algorithm. Examples: PBEWithMD5AndDES (PKCS #5, v 1.5) and PBEWithHmacSHA1AndDESede (PKCS #5, v 2.0). Note: These both use only the low order 8 bits of each password character.

这篇关于Java 中 PKCS#5 PBKDF1 的算法名称是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！