Java AES并使用我自己的密钥 [英] Java AES and using my own Key
问题描述
我想用自己的密钥使用AES加密字符串。但我的密钥位长有问题。你能查看我的代码,看看我需要修改/更改的内容。
public static void main(String [] args)throws例外{
String username =bob@google.org;
String password =Password1;
String secretID =BlahBlahBlah;
字符串SALT2 =味道鲜美;
//获取Key
byte [] key =(SALT2 + username + password).getBytes();
System.out.println((SALT2 +用户名+密码).getBytes()。length);
//需要为AES
填充密钥// TODO:最佳方式?
//生成密钥规范。
SecretKeySpec secretKeySpec = new SecretKeySpec(key,AES);
//实例化密码
Cipher cipher = Cipher.getInstance(AES);
cipher.init(Cipher.ENCRYPT_MODE,secretKeySpec);
byte [] encrypted = cipher.doFinal((secrectID).getBytes());
System.out.println(加密字符串:+ asHex(加密));
cipher.init(Cipher.DECRYPT_MODE,secretKeySpec);
byte [] original = cipher.doFinal(encrypted);
String originalString = new String(original);
System.out.println(原始字符串:+ originalString +\ nOriginal string(Hex):+ asHex(original));
}
现在我收到异常无效的AES密钥长度:86字节。我需要填上钥匙吗?我应该怎么做?
我还需要为ECB或CBC设置任何东西吗?
谢谢
您应该使用SHA-1从密钥生成散列并将结果修剪为128位(16字节)。 / p>
此外,不要通过 getBytes()从字符串生成字节数组,它使用平台默认的Charset。因此密码blaöä会在不同平台上产生不同的字节数组。
byte [] key =(SALT2 +用户名+密码).getBytes( UTF-8);
MessageDigest sha = MessageDigest.getInstance(SHA-1);
key = sha.digest(key);
key = Arrays.copyOf(key,16); //仅使用前128位
SecretKeySpec secretKeySpec = new SecretKeySpec(key,AES);
编辑:
如果您需要256位密钥大小,则需要下载Java密码学扩展(JCE)无限强度管辖权政策文件 Oracle下载链接,使用SHA-256作为哈希并删除 Arrays.copyOf 行。
ECB是默认的密码模式,PKCS5Padding是默认的填充。
您可以使用以下格式通过 Cipher.getInstance 字符串使用不同的密码模式和填充模式:密码/模式/填充
对于使用CTS和PKCS5Padding的AES,字符串为:AES / CTS / PKCS5Padding
I want to encrypt a string using AES with my own key. But I'm having trouble with the bit length of the key. Can you review my code and see what I need to fix/change.
public static void main(String[] args) throws Exception {
String username = "bob@google.org";
String password = "Password1";
String secretID = "BlahBlahBlah";
String SALT2 = "deliciously salty";
// Get the Key
byte[] key = (SALT2 + username + password).getBytes();
System.out.println((SALT2 + username + password).getBytes().length);
// Need to pad key for AES
// TODO: Best way?
// Generate the secret key specs.
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
// Instantiate the cipher
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
byte[] encrypted = cipher.doFinal((secrectID).getBytes());
System.out.println("encrypted string: " + asHex(encrypted));
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
byte[] original = cipher.doFinal(encrypted);
String originalString = new String(original);
System.out.println("Original string: " + originalString + "\nOriginal string (Hex): " + asHex(original));
}
Right now I get an exception "Invalid AES key length: 86 bytes". Do I need to pad my key? How should I do it?
Also do I need to set anything for ECB or CBC?
Thanks
You should use SHA-1 to generate a hash from your key and trim the result to 128 bit (16 bytes).
Additionally don't generate byte arrays from Strings through getBytes() it uses the platform default Charset. So the password "blaöä" results in different byte array on different platforms.
byte[] key = (SALT2 + username + password).getBytes("UTF-8");
MessageDigest sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16); // use only first 128 bit
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
Edit: If you need 256 bit as key sizes you need to download the "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" Oracle download link, use SHA-256 as hash and remove the Arrays.copyOf line. "ECB" is the default Cipher Mode and "PKCS5Padding" the default padding. You could use different Cipher Modes and Padding Modes through the Cipher.getInstance string using following format: "Cipher/Mode/Padding"
For AES using CTS and PKCS5Padding the string is: "AES/CTS/PKCS5Padding"
这篇关于Java AES并使用我自己的密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
