我有一个旧脚本,该脚本已经将加密数据保存到数据库中。
使用以下代码使用Java进行加密/解密。
public class StringEncrypter {
Cipher ecipher;
Cipher dcipher;
/**
* Constructor used to create this object. Responsible for setting and
* initializing this object's encrypter and decrypter Chipher instances
* given a Pass Phrase and algorithm.
*
* @param passPhrase
* Pass Phrase used to initialize both the encrypter and
* decrypter instances.
*/
public StringEncrypter(String passPhrase) {
// 8-bytes Salt
byte[] salt = { (byte) 0xA9, (byte) 0x9B, (byte) 0xC8, (byte) 0x32,
(byte) 0x56, (byte) 0x34, (byte) 0xE3, (byte) 0x03 };
// Iteration count
int iterationCount = 19;
try {
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt,
iterationCount);
SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES")
.generateSecret(keySpec);
ecipher = Cipher.getInstance(key.getAlgorithm());
dcipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameters to the cipthers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt,
iterationCount);
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
} catch (InvalidAlgorithmParameterException e) {
System.out.println("EXCEPTION: InvalidAlgorithmParameterException");
} catch (InvalidKeySpecException e) {
System.out.println("EXCEPTION: InvalidKeySpecException");
} catch (NoSuchPaddingException e) {
System.out.println("EXCEPTION: NoSuchPaddingException");
} catch (NoSuchAlgorithmException e) {
System.out.println("EXCEPTION: NoSuchAlgorithmException");
} catch (InvalidKeyException e) {
System.out.println("EXCEPTION: InvalidKeyException");
}
}
/**
* Takes a single String as an argument and returns an Encrypted version of
* that String.
*
* @param str
* String to be encrypted
* @return <code>String</code> Encrypted version of the provided String
*/
public String encrypt(String str) {
try {
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
// Encode bytes to base64 to get a string
return new sun.misc.BASE64Encoder().encode(enc);
} catch (BadPaddingException e) {
} catch (IllegalBlockSizeException e) {
} catch (UnsupportedEncodingException e) {
} catch (IOException e) {
}
return null;
}
/**
* Takes a encrypted String as an argument, decrypts and returns the
* decrypted String.
*
* @param str
* Encrypted String to be decrypted
* @return <code>String</code> Decrypted version of the provided String
*/
public String decrypt(String str) {
try {
// Decode base64 to get bytes
byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");
} catch (BadPaddingException e) {
} catch (IllegalBlockSizeException e) {
} catch (UnsupportedEncodingException e) {
} catch (IOException e) {
}
return null;
}
}
这会将一个字符串像这样RX0qxgKAKmjQmS9xjNtFnw==
我需要能够使用PHP解密此数据。
我尝试从github使用以下脚本: https://github.com/KevinBusse/PBEWithMD5AndDES
但是只能得到bad magic number
这可能吗?如果是这样,任何方向将不胜感激!
答案 0 :(得分:1)
如果从Java代码获取以下设置,则可以使用Github代码进行解密:
A99BC8325634E303 19 示例:
Passphrase: MyPassphraseXYZ
Plaintext: The quick brown fox jumps over the lazy dog
Ciphertext from the Java code: xWnsqJJ4pqWTrm8kIwfyw1djD4lu0zig0wnohS+EtwDvHBgEP/BS25qyaE+QEdxd
密文可以使用以下PHP代码解密:
$data = "xWnsqJJ4pqWTrm8kIwfyw1djD4lu0zig0wnohS+EtwDvHBgEP/BS25qyaE+QEdxd";
$keystring = "MyPassphraseXYZ";
$salt = "A99BC8325634E303";
$iterationsMd5 = 19;
$decrypted = PbeWithMd5AndDes::decrypt($data, $keystring, $salt, $iterationsMd5);
print($decrypted . "\n");
必须考虑以下因素:PbeWithMd5AndDes已经过时,并且已经使用了多年,请参阅here。 Github代码本身使用其他已弃用的函数,例如mcrypt_module_XXX()和mcrypt_generic_YYY(),因此该代码只能在PHP <7.2以下的版本中执行。在PHP 7.1中,将显示已弃用的警告。仅对于PHP <7.1,该代码可以在没有警告的情况下执行。总而言之,算法和代码都是不安全的。