使用Java加密AES-128 [英] Encryption using AES-128 in Java

问题描述

我使用AES-128 / ecb / PKCS5Padding + base64对数据进行加密时有问题。我使用以下代码加密我的数据：

I have a problem with ecrypting data using AES-128/ecb/PKCS5Padding+base64. I am using the following code to encrypt my data:

String input = "{\"action\":\"getQuestion\"}";
String key = "4288f0b8060ca1b682bf795f2617cfdc";
byte[] data = input.getBytes();
byte[] encrypted = null;
byte[] keyBytes = new BigInteger(key, 16).toByteArray();
SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, keySpec);
encrypted = cipher.doFinal(data);
System.out.println(Base64.encodeBytes(encrypted));

我收到 6GuKXA6FFR + yMmO8ksAEOLL5e574a5tLob7tt5IG + jk = 加密之后，但是我无法使用PHP函数对服务器进行解密。

I receive 6GuKXA6FFR+yMmO8ksAEOLL5e574a5tLob7tt5IG+jk= after encryption but I can't decrypt on the server using a PHP function.

当我使用PHP函数对这些数据进行加密时：

When I encrypt this data using the PHP function:

function encrypt($encrypt, $key=null) 
{
   $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND);
   $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $encrypt, MCRYPT_MODE_ECB, $iv));
   return $encrypted;
}

我收到 6Wc3LPWvfJ7T86iG0igmdQaeZ8xs9qY419mAVWfNH + M = 我可以使用以下PHP函数成功地进行解密：

I receive 6Wc3LPWvfJ7T86iG0igmdQaeZ8xs9qY419mAVWfNH+M= and I can successfully do the decryption using the following PHP function:

function decrypt($decrypt, $key=null) 
{
   $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND);
   $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($decrypt), MCRYPT_MODE_ECB, $iv);
   return $decrypted;
}

使用base64加密和解密没有问题;我只使用AES-128进行加密时遇到问题。

With base64 encryption and decryption there are no problems; I only encounter the issue when encrypting using AES-128.

推荐答案

问题不在于IV或填充初步想了它是如何处理PHP代码中的关键。如果您使用实际的字符串 4288f0b8060ca1b682bf795f2617cfdc 作为密钥传递到 mcrypt_encrypt 和 mcrypt_decrypt 那么你没有使用与Java代码相同的键。您将需要将该十六进制字符串转换为字节。你可以这样做：

The problem isn't with the IV or the padding as I initially thought. It is with how you are handling the key in the PHP code. If you are using the actual string 4288f0b8060ca1b682bf795f2617cfdc as the key passed into mcrypt_encrypt and mcrypt_decrypt then you aren't using the same key as in the Java code. You will need to convert that hex string into bytes. You can do this in the following way:

$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, pack("H*", $key), base64_decode($decrypt), MCRYPT_MODE_ECB, $iv);

注意添加 pack（H *，$ key） / code>转换值。我发现此处对PHP bin2hex 函数的注释。这将解决当前的问题。使用不同长度的数据时，您可能会遇到填充问题，因为PHP不会执行PKCS5填充。请参阅此关于实现该缺失功能的评论。另外，由于欧洲央行的数据加密不适合和缺点，我建议考虑CBC而不是ECB。

Notice the addition of pack("H*", $key) to convert the value. I found that here in the comments for the PHP bin2hex function. This will fix the current problem. You may run into padding troubles when working with data of different lengths since PHP doesn't do PKCS5 padding. See this comment about implementing that missing function. Also, I'd recommend looking into CBC instead of ECB due to ECB's unsuitability and weaknesses for data encryption.

这篇关于使用Java加密AES-128的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！