在PHP上使用长密钥,而不是Java

时间:2017-03-07 07:50:34

标签: java php cryptography 3des

我正在尝试将Java的DESede解密转换为PHP的版本。但是,使用相同的输入,PHP无法提供相同的输出。

爪哇:

public class ThreeDES {

    private KeySpec             keySpec;
    private SecretKeyFactory    keyFactory;
    private Cipher              cipher;
    public ThreeDES( String encryptionScheme, String encryptionKey )
                throws EncryptionException {
        try {
            byte[] keyAsBytes = encryptionKey.getBytes("UTF-8");
            keySpec = new DESedeKeySpec(keyAsBytes);
            keyFactory = SecretKeyFactory.getInstance(encryptionScheme);
            cipher = Cipher.getInstance(encryptionScheme);
        } catch (InvalidKeyException e)
        {
            throw new EncryptionException( e );
        }
        catch (UnsupportedEncodingException e)
        {
            throw new EncryptionException( e );
        }
        catch (NoSuchAlgorithmException e)
        {
            throw new EncryptionException( e );
        }
        catch (NoSuchPaddingException e)
        {
            throw new EncryptionException( e );
        }
    }

    public String decrypt( String encryptedString ) throws EncryptionException {
        try {
            SecretKey key = keyFactory.generateSecret( keySpec );
            cipher.init( Cipher.DECRYPT_MODE, key );
            BASE64Decoder base64decoder = new BASE64Decoder();
            byte[] cleartext = base64decoder.decodeBuffer(encryptedString);
            byte[] ciphertext = cipher.doFinal(cleartext);
            return bytes2String( ciphertext );
        } 
        catch (Exception e)
        {
            throw new EncryptionException( e );
        }
    }

    private static String bytes2String( byte[] bytes )
    {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < bytes.length; i++)
        {
            stringBuffer.append( (char) bytes[i] );
        }
        return stringBuffer.toString();
    }
}

PHP:

function decrypt($key, $data) {
    $mcrypt_module = mcrypt_module_open(MCRYPT_TRIPLEDES, '', MCRYPT_MODE_ECB, '');
    $mcrypt_iv     = mcrypt_create_iv(mcrypt_enc_get_iv_size($mcrypt_module), MCRYPT_RAND);
    $decrypted     = mcrypt_decrypt(MCRYPT_TRIPLEDES, $key, base64_encode($data), MCRYPT_MODE_ECB, $mcrypt_iv);
    mcrypt_module_close($mcrypt_module);
    return pkcs5_unpad($decrypted);
}

function pkcs5_unpad($text) {
    $pad = ord($text{strlen($text)-1});
    if ($pad > strlen($text)) return false;
    if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
    return substr($text, 0, -1 * $pad);
}

鉴于以下输入参数,PHP无法提供相同的输出:

$key = 'ASDFasdf12348983jklasdfJ2Jaf8';
$encrypted_data = 'cPap7+JIPS4=';

应解密为:

  

COREF = 3

Java的测试代码如下:

try {
    String encryptedStr = encrypted_data; // same value as PHP's $encrypted_data
    String decryptedString = "";
    ThreeDES desedeEncrypter = new ThreeDES("DSEede", key); // same value as PHP's $key
    decryptedString = desedeEncrypter.decrypt(encryptedStr);
    System.out.println(decryptedString);
} catch (ThreeDES.EncryptionException e) {
    e.printStackTrace();
}

输出:coRef=3。但是,以下PHP代码会引发有关密钥长度的警告。 

echo decrypt($key, $encrypted_data);
  

此算法不支持29号密钥。只有大小为24的键支持...

如何修改代码以使用超过24个字符的密钥?

1 个答案:

答案 0 :(得分:1)

好吧,这很奇怪,

Triple Des只接受24个字节作为密钥

  

每个DES密钥名义上存储或传输为8个字节,每个字节   奇数奇偶校验,[12]所以一个密钥包需要24个字节用于选项1,16为   选项2,或选项3的8。

所以我认为问题出在here

DESedeKeySpec对象:

/**
     * Uses the first 24 bytes in <code>key</code> as the DES-EDE key.
     * <p>
     * The bytes that constitute the DES-EDE key are those between
     * <code>key[0]</code> and <code>key[23]</code> inclusive
     *
     * @param key the buffer with the DES-EDE key material.
     * @exception InvalidKeyException if the given key material is shorter
     * than 24 bytes.
*/

所以我认为DESedeKeySpec有点修剪你的29长度键到24符合tribledes要求。

编辑另一个重要说明,mcrypt_*扩展程序已被弃用。

  

此功能自PHP 7.1.0起已废弃。依靠这个   功能非常沮丧。

相关问题
最新问题