AES算法中的128位密钥问题Java / Java Script [英] 128 bit key issue in AES algorithm Java/ Java Script
问题描述
我需要使用用户选择密钥对Java代码中的值进行加密,并解密Java脚本模块中的值。
下面是加密值的Java代码。这里我从用户选择键生成128位密钥值,同样用于加密值。
String plainText = Hello,World!这是一个Java / Javascript AES测试。
try {
byte [] rawKey = getRawKey(12345.getBytes());
SecretKey key = new SecretKeySpec(rawKey,AES);
AlgorithmParameterSpec iv = new IvParameterSpec(
Base64.decodeBase64(5D9r9ZVzEYYgha93 / aUK2w ==));
密码密码= Cipher.getInstance(AES / CBC / PKCS5Padding);
cipher.init(Cipher.ENCRYPT_MODE,key,iv);
System.out.println(Base64.encodeBase64String(cipher
.doFinal(plainText.getBytes(UTF-8))));
} catch(Exception e){
e.printStackTrace();
System.out.println(加密中的异常);
}
public static byte [] getRawKey(byte [] seed)throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance(AES);
SecureRandom sr = SecureRandom.getInstance(SHA1PRNG);
sr.setSeed(seed);
kgen.init(128,sr); // 192和256位可能不可用
SecretKey skey = kgen.generateKey();
byte [] raw = skey.getEncoded();
String s = new String(raw);
System.out.println(raw key ..+ raw);
返回原始;
}
以上代码打印以下值:
raw key .. [B @ 45b9ce4b
vN2GouJcVli / rFMDHEwCNZejraO5cQxBtlo5D64qkaRTkxxRTIo + Vm38H4fUZp7ABxj7ul0Ha6bO5aFxMzMY0g ==
当我使用上述值在JS代码中解密时,我没有得到任何回应。
< HTML>
< head>
< script src =http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js>< / script>
< script>
var encrypted = CryptoJS.enc.Base64.parse('vN2GouJcVli / rFMDHEwCNZejraO5cQxBtlo5D64qkaRTkxxRTIo + Vm38H4fUZp7ABxj7ul0Ha6bO5aFxMzMY0g ==');
var key = CryptoJS.enc.Base64.parse('[B @ 45b9ce4b');
var iv = CryptoJS.enc.Base64.parse('5D9r9ZVzEYYgha93 / aUK2w ==');
document.write(CryptoJS.enc.Utf8.stringify(CryptoJS.AES.decrypt(
{ciphertext:encrypted),
key,
{mode:CryptoJS.mode.CBC ,padding:CryptoJS.pad.Pkcs7,iv:iv,})));
< / script>
< / head>
< body>
< h1> hsd h< / h1>
< / body>
< / html>
请指出我如果有任何遗漏的代码,或者建议我,如果有任何替代产生相同的
您的密钥在您的JS代码中不正确。在您的Java代码中,您使用 byte [] 作为参数,调用 System.out.println()给你有意义的输出。 [B @ 45b9ce4b 无效的Base64数据。
要解决这个问题,您需要使用 byte [] 表示密钥,Base64将其编码成字符串,然后打印字符串。
关于密钥生成的评论: p>
您应避免使用随机数生成器从用户输入(即密码)导出密钥材料。从用户输入创建密钥材料的正确方法是使用按键拉伸算法。
您应该绝对使用标准算法,例如 PBKDF2 。在Java中,您可以通过 SecretKeyFactory.getInstance(PBKDF2WithHmacSHA1)获取关键工厂;
I need to encrypt values in my Java code with user choice key and decrypt the values in Java script module.
Below is my Java code to encrypt the values. Here I am generating 128 bit key value from the user choice key and same is using to encrypt the values.
String plainText = "Hello, World! This is a Java/Javascript AES test.";
try {
byte[] rawKey = getRawKey("12345".getBytes());
SecretKey key = new SecretKeySpec(rawKey, "AES");
AlgorithmParameterSpec iv = new IvParameterSpec(
Base64.decodeBase64("5D9r9ZVzEYYgha93/aUK2w=="));
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key, iv);
System.out.println(Base64.encodeBase64String(cipher
.doFinal(plainText.getBytes("UTF-8"))));
} catch (Exception e) {
e.printStackTrace();
System.out.println("Exception in crypto...");
}
public static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(128, sr); // 192 and 256 bits may not be available
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
String s = new String(raw);
System.out.println("raw key.." + raw);
return raw;
}
Above code printing the below values:
raw key..[B@45b9ce4b
vN2GouJcVli/rFMDHEwCNZejraO5cQxBtlo5D64qkaRTkxxRTIo+Vm38H4fUZp7ABxj7ul0Ha6bO5aFxMzMY0g==
When I use the above values to decrypt in JS code , I am not getting any response.
<html>
<head>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script >
var encrypted = CryptoJS.enc.Base64.parse('vN2GouJcVli/rFMDHEwCNZejraO5cQxBtlo5D64qkaRTkxxRTIo+Vm38H4fUZp7ABxj7ul0Ha6bO5aFxMzMY0g==');
var key = CryptoJS.enc.Base64.parse('[B@45b9ce4b');
var iv = CryptoJS.enc.Base64.parse('5D9r9ZVzEYYgha93/aUK2w==');
document.write(CryptoJS.enc.Utf8.stringify(CryptoJS.AES.decrypt(
{ ciphertext: encrypted },
key,
{ mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, iv: iv, })));
</script>
</head>
<body>
<h1>hsd h </h1>
</body>
</html>
Please point me If there's anything missing from my code or please suggest me if any alternative to produce the same result.
Your key is incorrect in your JS code. In your Java code you called System.out.println() using a byte[] as an argument which will not give you meaningful output. [B@45b9ce4b is not valid Base64 data.
To fix this you need take the byte[] representing the key and Base64 encode it into a String and then print the string.
A comment on key generation:
You should avoid using a random number generator to derive key material from user input (i.e. a password). The correct way to create key material from user input is by using a key stretching algorithm.
You should absolutely use a standard algorithm for this such as PBKDF2. In Java you can get a key factory for this via SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
这篇关于AES算法中的128位密钥问题Java / Java Script的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
