AES加密与解密的OpenSSL用java [英] AES encrypt with openssl decrypt using java
问题描述
我在使用OpenSSL的命令行或C API加密的XML文件。的输出应为Base64。
I have to encrypt an xml file using openssl command line or a C api. The output shall be Base64.
一个java PROGRAMM将被用于解密。此PROGRAMM由客户提供的,并且不能被改变(他们使用此code代表遗留应用)。正如你可以在code看到下面的客户提供了一个密码所以关键将使用SecretKeySpec方法产生。
A java programm will be used for decrypting. This programm is provided by the customer and cannot be changed (they are using this code for legacy applications). As you can see in the code below the customer provides a passphrase so the key will be generated using the SecretKeySpec method.
Java的code:
Java code:
// Passphrase
private static final byte[] pass = new byte[] { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0','1', '2', '3', '4', '5' };
public static String encrypt(String Data) throws Exception {
Key key = generateKey();
Cipher c = Cipher.getInstance("AES/ECB/PKCS5Padding");
c.init(Cipher.ENCRYPT_MODE, key);
byte[] encVal = c.doFinal(Data.getBytes());
String encryptedValue = new BASE64Encoder().encode(encVal);
return encryptedValue;
}
public static String decrypt(String encryptedData) throws Exception {
Key key = generateKey();
Cipher c = Cipher.getInstance("AES/ECB/PKCS5Padding");
c.init(Cipher.DECRYPT_MODE, key);
byte[] decordedValue = new BASE64Decoder().decodeBuffer(encryptedData);
byte[] decValue = c.doFinal(decordedValue);
String decryptedValue = new String(decValue);
return decryptedValue;
}
private static Key generateKey() throws Exception {
Key key = new SecretKeySpec(pass, "AES");
return key;
}
我已经测试了几个命令,如:
I have tested several commands like:
openssl enc -aes-128-ecb -a -salt -in file.xml -out file_enc.xml -pass pass:123456789012345
openssl enc -aes-128-ecb -a -nosalt -in file.xml -out file_enc.xml -pass pass:123456789012345
不过,非指定的输出是用java successfuly解密。出于测试目的我用给定的Java code用于加密和结果当然是比OpenSSL的一个不同。
But non of the given outputs is successfuly decrypted using java. For testing purposes I used the given java code for encrypting and the result is of course different than the one from openssl.
有没有使用OpenSSL C API或命令行对数据进行加密,以便它可以成功的方式使用给定的Java code解密?
Is there a way to use openssl C api or command line to encrypt data so it could be successful decrypted using the given java code?
推荐答案
Java的 SecretKeySpec 使用密码ASCII直接字节的关键字节,而OpenSSL的 -pass传:... 方法的提炼出来使用的密钥推导函数以密码变换到密钥以安全方式。你可以尝试做Java中的密钥派生(你也许不能,如果我间preT你的问题正确哪种),或者使用OpenSSL的 -K 选项传递在一个键(如十六进制字节!)代替密码
Java's SecretKeySpec uses the password ASCII bytes directly as key bytes, while OpenSSL's -pass pass:... method derives a key from the password using a key derivation function to transform the password into a key in a secure fashion. You can either try to do the same key derivation in Java (which you probably cannot if I interpret your question correctly), or use OpenSSL's -K option to pass in a key (as hex bytes!) instead of a password.
这篇关于AES加密与解密的OpenSSL用java的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
