在Android上我加密邮件并获取iv没有问题。
String Test = "Lorem ipsum dolor sit amet, ...";
String password = "test";
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(password.getBytes("UTF8"));
kgen.init(256, sr);
SecretKey skey = kgen.generateKey();
Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec skeySpec = new SecretKeySpec(skey.getEncoded(), "AES");
c.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] decrypted = c.doFinal(Test.getBytes());
decrypted = Base64.encodeBase64(decrypted);
byte[] iv = Base64.encodeBase64(c.getIV());
Log.d("encryptString", new String(decrypted));
Log.d("encryptString iv", new String(iv));
输出示例:
encryptString: 2NVoJzMkPphwUJc2h/4LfsmAwyJlejbWKGLG2ACNbaI=
encryptString iv: YX5SF+cFwzv1I4OiGrJk3A==
当我转到JavaScript端时,我首先将base64编码转换为字节。然后我通过CryptoJS AES Decrypt函数运行它。
var decrypt = CryptoJS.enc.Base64.parse("2NVoJzMkPphwUJc2h/4LfsmAwyJlejbWKGLG2ACNbaI=");
var iv = CryptoJS.enc.Base64.parse("YX5SF+cFwzv1I4OiGrJk3A==");
var password = "test";
var encrypted = CryptoJS.AES.decrypt(decrypt.toString(), password, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
输出始终为空。还有其他我在Android上缺少的东西,我还需要传递给CryptoJS吗?
答案 0 :(得分:3)
发现问题,这不是填充问题。
正如其他人所说,它与我使用SecureRandom.getInstance(“SHA1PRNG”)的事实有关。
我纠正了我的代码中的问题是在Android上生成了PBEKeySpec,在CryptoJS上生成了PBKDF2。然后按照相同的步骤:
String Test = "Lorem ipsum dolor sit amet, ...";
String password = "test";
byte[] salt = new String("12345678").getBytes("Utf8");
int iterationCount = 2048;
int keyStrength = 256;
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, keyStrength);
SecretKey tmp = factory.generateSecret(spec);
Log.d("encryptString Key: ", new String(Base64.encodeBase64(tmp.getEncoded())));
Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
c.init(Cipher.ENCRYPT_MODE, tmp);
byte[] decrypted = c.doFinal(Test.getBytes());
decrypted = Base64.encodeBase64(decrypted);
byte[] iv = c.getIV();
Log.d("encryptString: ", new String(decrypted));
Log.d("encryptString iv:", new String(Base64.encodeBase64(iv)));
Android上运行代码的示例输出:
encryptString Key:: ueTU6u4PXbm86zy+UtlQfeh55xZorA58W3fKKBypheM=
encryptString:: ii8UNoi4xG1zGC8RyzHKu6JMkxixkK7LTPxGMaCHGNk=
encryptString iv:: nwy2VHctPnXOd/rahPFiWg==
现在我们在JavaScript中生成相同的PBKDF2键,并将上面的输出输入到下面的示例代码中:
var salt = CryptoJS.enc.Utf8.parse("12345678");
var password = "test";
var keyBits = CryptoJS.PBKDF2(password, salt, {
hasher: CryptoJS.algo.SHA1,
keySize: 8,
iterations: 2048
});
var iv = CryptoJS.enc.Base64.parse("nwy2VHctPnXOd/rahPFiWg==");
var message = CryptoJS.enc.Base64.parse("ii8UNoi4xG1zGC8RyzHKu6JMkxixkK7LTPxGMaCHGNk=");
var encrypted = CryptoJS.AES.decrypt("ii8UNoi4xG1zGC8RyzHKu6JMkxixkK7LTPxGMaCHGNk=", keyBits, {
iv: iv,
padding: CryptoJS.pad.Pkcs7,
mode: CryptoJS.mode.CBC
});
console.log(encrypted.toString(CryptoJS.enc.Utf8));<!doctype html>
<html>
<head>
</head>
<body>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/pbkdf2.min.js"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/aes.min.js"></script>
</body>
</html>
JavaScript输出:
"Lorem ipsum dolor sit amet, ..."