Java AES 128加密与openssl不同 [英] Java AES 128 encrypting differently to openssl

问题描述

我们遇到了一个奇怪的情况，即使我们在Java中使用的加密方法对openssl产生不同的输出，尽管它们在配置中显示相同。

We've encountered a weird situation where the encryption method we're using in Java produces different output to openssl, despite them appearing identical in configuration.

使用相同的键和四，文本快速的BROWN狐狸跳过懒狗！加密到base64的字符串...

Using the same key and IV, the text "The quick BROWN fox jumps over the lazy dog!" encrypts to base64'd strings...

openssl： A8cMRIrDVnBYj2 + XEKaMOBQ1sufjptsAf58slR373JTeHGPWyRqJK + UQxvJ1B / 1L

Java： A8cMRIrDVnBYj2 + XEKaMOBQ1sufjptsAf58slR373JTEVySz5yJLGzGd7qsAkzuQ

#!/bin/bash

keySpec="D41D8CD98F00B2040000000000000000"
ivSpec="03B13BBE886F00E00000000000000000"
plainText="The quick BROWN fox jumps over the lazy dog!"

echo "$plainText">plainText

openssl aes-128-cbc -nosalt -K $keySpec -iv $ivSpec -e -in plainText -out cipherText

base64 cipherText > cipherText.base64

printf "Encrypted hex dump = "
xxd -p cipherText | tr -d '\n'

printf "\n\n"

printf "Encrypted base64 = "
cat cipherText.base64

这是我们的Java ...

And this is our Java...

private static void runEncryption() throws Exception
{
    String plainText = "The quick BROWN fox jumps over the lazy dog!";

    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

    SecretKeySpec keySpec = new SecretKeySpec(hexToBytes("D41D8CD98F00B2040000000000000000"), 0, 16, "AES");
    IvParameterSpec ivSpec = new IvParameterSpec(hexToBytes("03B13BBE886F00E00000000000000000"));

    cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);
    byte[] encrypted = cipher.doFinal(plainText.getBytes("UTF-8"));

    String encryptedHexDump = bytesToHex(encrypted);
    String encryptedBase64 = new String(DatatypeConverter.printBase64Binary(encrypted));

    System.out.println("Encrypted hex dump = " + encryptedHexDump);
    System.out.println("");
    System.out.println("Encrypted base64 = " + encryptedBase64);
}

private static byte[] hexToBytes(String s)
{
    int len = s.length();
    byte[] data = new byte[len / 2];

    for (int i = 0; i < len; i += 2)
        data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16));

    return data;
}

final protected static char[] hexArray = "0123456789abcdef".toCharArray();

public static String bytesToHex(byte[] bytes)
{
    char[] hexChars = new char[bytes.length * 2];
    for (int j = 0; j < bytes.length; j++)
    {
        int v = bytes[j] & 0xFF;
        hexChars[j * 2] = hexArray[v >>> 4];
        hexChars[j * 2 + 1] = hexArray[v & 0x0F];
    }
    return new String(hexChars);
}

oopenssl输出

oopenssl output

Encrypted hex dump = 03c70c448ac35670588f6f9710a68c381435b2e7e3a6db007f9f2c951dfbdc94de1c63d6c91a892be510c6f27507fd4b

Encrypted base64 = A8cMRIrDVnBYj2+XEKaMOBQ1sufjptsAf58slR373JTeHGPWyRqJK+UQxvJ1B/1L

Java输出

Java output

Encrypted hex dump = 03c70c448ac35670588f6f9710a68c381435b2e7e3a6db007f9f2c951dfbdc94c45724b3e7224b1b319deeab00933b90

Encrypted base64 = A8cMRIrDVnBYj2+XEKaMOBQ1sufjptsAf58slR373JTEVySz5yJLGzGd7qsAkzuQ

我们是否缺少一些明显的东西？还是有一些隐藏的复杂性？

Are we missing something obvious? Or is there some hidden complexity?

推荐答案

确实是提供字符串或文件的问题。如果您在Java代码的末尾放置\，结果将与openSSL相同。

It is indeed a problem of providing a string or a file. If you put a "\n" at the end of your Java code the result will be the same as in openSSL.

这篇关于Java AES 128加密与openssl不同的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！