有一个服务器在C#上加密密码(方法encryptCSharp),android app接收加密密码,salt,passPhrase和initVector。
我必须用Java解密该密码。
Server-guy在C#中向我发送了一个加密方法,我需要创建encryptJava和decryptJava方法,这些方法在Java中与在C#中一样。
要创建Java中缺少的PasswordDeriveBytes,请使用此处的示例Encryption Diff Between Java and C#
所以,我的问题是,我的Java方法出了什么问题?两者都没有工作
更新:我对代码段进行了一些更改,现在一切正常!!
我调用了这些方法:
String encryptedText = encryptJava("12345", "100", "@.erf.net34", "@gugnet@gugnet77");//it works!!
String decryptedText = decryptJava(encryptedText, "100", "@.erf.net34", "@gugnet@gugnet77");//it doesn't work!!
以下是我使用的Java方法和服务器的C#方法。
C#(我无法改变)
public static String encryptCSharp(String plainText, String saltValue, String passPhrase, String initVector) {
String hashAlgorithm = "SHA1";
int passwordIterations = 1;
int keySize = 256;
// Convert strings into byte arrays.
// Let us assume that strings only contain ASCII codes.
// If strings include Unicode characters, use Unicode, UTF7, or UTF8
// encoding.
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
// Convert our plaintext into a byte array.
// Let us assume that plaintext contains UTF8-encoded characters.
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
// First, we must create a password, from which the key will be derived.
// This password will be generated from the specified passphrase and
// salt value. The password will be created using the specified hash
// algorithm. Password creation can be done in several iterations.
PasswordDeriveBytes password = new PasswordDeriveBytes(
passPhrase,
saltValueBytes,
hashAlgorithm,
passwordIterations);
// Use the password to generate pseudo-random bytes for the encryption
// key. Specify the size of the key in bytes (instead of bits).
byte[] keyBytes = password.GetBytes(keySize / 8);
// Create uninitialized Rijndael encryption object.
RijndaelManaged symmetricKey = new RijndaelManaged();
// It is reasonable to set encryption mode to Cipher Block Chaining
// (CBC). Use default options for other symmetric key parameters.
symmetricKey.Mode = CipherMode.CBC;
// Generate encryptor from the existing key bytes and initialization
// vector. Key size will be defined based on the number of the key
// bytes.
ICryptoTransform encryptor = symmetricKey.CreateEncryptor(
keyBytes,
initVectorBytes);
// Define memory stream which will be used to hold encrypted data.
MemoryStream memoryStream = new MemoryStream();
// Define cryptographic stream (always use Write mode for encryption).
CryptoStream cryptoStream = new CryptoStream(memoryStream,
encryptor,
CryptoStreamMode.Write);
// Start encrypting.
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
// Finish encrypting.
cryptoStream.FlushFinalBlock();
// Convert our encrypted data from a memory stream into a byte array.
byte[] cipherTextBytes = memoryStream.ToArray();
// Close both streams.
memoryStream.Close();
cryptoStream.Close();
// Convert encrypted data into a base64-encoded string.
String cipherText = Convert.ToBase64String(cipherTextBytes);
// Return encrypted string.
return cipherText;
}
爪哇 加密消息,它工作,我得到与C#
中的方法相同的结果private String encryptJava(String plainText, String saltValue, String passPhrase, String initVector) {//working!!!
String result = "";
byte[] initVectorBytes = initVector.getBytes(US_ASCII);
byte[] saltValueBytes = saltValue.getBytes(US_ASCII);
byte[] plainTextBytes = plainText.getBytes(UTF_8);
Cipher cipher;
try {
final com.gmail.example.PasswordDeriveBytes password = new com.gmail.example.PasswordDeriveBytes(passPhrase, saltValueBytes);
final byte[] keyBytes = password.getBytes(256 / Byte.SIZE);
SecretKeySpec secretKey = new SecretKeySpec(keyBytes, "AES");
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
try {
cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(initVectorBytes));
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
}
final byte[] ct = cipher.doFinal(plainTextBytes);
result = Base64.encodeToString(ct, Base64.DEFAULT);//**added this line!**
//result = new String(ct, "US-ASCII");**-- deleted this line!**
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
}
return result;
}
在C#中模拟相同方法的Java方法
public class PasswordDeriveBytes {
private final MessageDigest hash;
private final byte[] firstToLastDigest;
private final byte[] outputBuffer;
private int position = 0;
public PasswordDeriveBytes(String password, byte[] salt) {
try {
this.hash = MessageDigest.getInstance("SHA-1");
this.hash.update(password.getBytes(UTF_8));
this.hash.update(salt);
this.firstToLastDigest = this.hash.digest();
final int iterations = 1;//**changed from 100**
for (int i = 1; i < iterations - 1; i++) {
hash.update(firstToLastDigest);
hash.digest(firstToLastDigest, 0, firstToLastDigest.length);
}
this.outputBuffer = hash.digest(firstToLastDigest);
} catch (NoSuchAlgorithmException | DigestException e) {
throw new IllegalStateException("SHA-1 digest should always be available", e);
}
}
public byte[] getBytes(int requested) {
if (requested < 1) {
throw new IllegalArgumentException(
"You should at least request 1 byte");
}
byte[] result = new byte[requested];
int generated = 0;
try {
while (generated < requested) {
final int outputOffset = position % outputBuffer.length;
if (outputOffset == 0 && position != 0) {
final String counter = String.valueOf(position / outputBuffer.length);
hash.update(counter.getBytes(US_ASCII));
hash.update(firstToLastDigest);
hash.digest(outputBuffer, 0, outputBuffer.length);
}
final int left = outputBuffer.length - outputOffset;
final int required = requested - generated;
final int copy = Math.min(left, required);
System.arraycopy(outputBuffer, outputOffset, result, generated, copy);
generated += copy;
position += copy;
}
} catch (final DigestException e) {
throw new IllegalStateException(e);
}
return result;
}
}
最后是Java方法,它不起作用并试图理解我做错了什么
private String decryptJava(String encryptedText, String saltValue, String passPhrase, String initVector) {
String result = "";
byte[] initVectorBytes = initVector.getBytes(US_ASCII);
byte[] saltValueBytes = saltValue.getBytes(US_ASCII);
byte[] encryptedTexttBytes = Base64.decode(encryptedText, Base64.DEFAULT);
Cipher cipher;
try {
final PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, saltValueBytes);
final byte[] keyBytes = password.getBytes(256 / Byte.SIZE);
SecretKeySpec secretKey = new SecretKeySpec(keyBytes, "AES");
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
try {
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(initVectorBytes));
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
}
final byte[] ct = cipher.doFinal(encryptedTexttBytes);
//result = Base64.encodeToString(ct, Base64.DEFAULT); - **deleted this line**
try {
result = new String(ct, "US-ASCII");//** added this line**
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
}
return result;
}
答案 0 :(得分:1)
PasswordDeriveBytes永远不会 要求比基础哈希函数更多的字节。此函数实现了PBKDF1,它不能输出超过该位数(在您的示例中为SHA-1为160)。
Microsoft实现允许更多输出,但实现被打破到极致(它甚至可能重复输出!)。使用Rfc2898DeriveBytes代替实现PBKDF2,也可用Java实现。使用较大的散列,PBKDF2可以生成多于散列输出的字节数,但仅以安全为代价。
答案 1 :(得分:1)
最后,我找到了编码和解除方法的解决方案: (这样不增加代码量,我在上面的代码片段中进行了更改)
在encryptJava方法中,我更改了一行,
在PasswordDeriveBytes中我将迭代次数从100更改为1
在decryptJava方法中我添加了一行并删除了一行。