在 Java 中从 node.js 中解密字符串?
我在 node.js 中运行了以下简单的加密代码:
I have the following simple encryption code running in node.js:
var crypto = require('crypto');
var encKey = "FOO"; // Not the real key. Assume it works though.
var encrypt = function(str) {
var cipher = crypto.createCipher('aes-256-cbc', encKey);
var crypted = cipher.update(str, 'utf-8', 'hex');
crypted += cipher.final('hex');
return crypted;
};
我也可以解密如下:
var crypto = require('crypto');
var encKey = "FOO"; // Not the real key. Assume it works though.
var decrypt = function(str) {
var decipher = crypto.createDecipher('aes-256-cbc', encKey);
var decrypted = decipher.update(str, 'hex', 'utf-8');
decrypted += decipher.final('utf-8');
return decrypted;
};
这一切都很好.字符串按预期加密和解密.但现在我面临着用 Java 从这个 node.js 代码中解密加密字符串的任务.这就是事情出错的地方,我不知道为什么.
This all works fine. Strings are encrypting and decrypting as expected. But now I am faced with task of decrypting encrypted strings from this node.js code, in Java. And that is where things are going wrong and I am not sure why.
对于解密,我的 Java 代码如下所示:
For decryption, My Java code looks like this:
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.security.MessageDigest;
import java.util.Arrays;
private static final String encKey = "FOO";
private static SecretKeySpec secretKey;
private static byte[] key;
public static String decrypt(String str) throws Exception {
String hexDecodedStr = new String(Hex.decodeHex(str.toCharArray()));
setKey(encKey);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
return new String(cipher.doFinal(hexDecodedStr.getBytes()));
}
private static void setKey(String myKey) throws Exception {
MessageDigest sha = null;
try {
key = myKey.getBytes("UTF-8");
sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
secretKey = new SecretKeySpec(key, "AES");
}
catch (Exception e) {
throw e;
}
}
而且它不起作用.似乎无论我尝试什么,我最终都会在 cipher.doFinal() 调用中遇到一些异常,或者我得到的字符串是完全错误的.我知道 node.js 代码使用的是 aes-256-cbc,而 Java 代码使用的是 AES/ECB/PKCS5Padding 而不是 AES/CBC/PKCS5Padding,但是当我尝试使用 AES/CBC/PKCS5Padding 时,它需要一个我在 node.js 中没有的 InitVector,所以我不确定如何继续.如果没有提供一个 InitVector,节点是否会在后台创建一个 InitVector?我是否遗漏了一些非常明显的东西?
And it doesn't work. It seems like no matter what I try, I end up with some exception on the cipher.doFinal() call, or the String I get back is totally wrong. I know the node.js code is using aes-256-cbc, while the Java code is using AES/ECB/PKCS5Padding instead of AES/CBC/PKCS5Padding, but when I tried to use AES/CBC/PKCS5Padding, it was requiring an InitVector which I didn't have in node.js so I was unsure of how to proceed. Is node making an InitVector under the hood if not provided with one? Am I missing something totally obvious?
推荐答案
你似乎和其他人有同样的问题 OpenSSL 加密失败解密C#
You seems to have the same issue as others OpenSSL encryption failing to decrypt C#
据我了解文档,加密库使用 openssl.openssl 使用其 EVP_BytesToKey 函数和随机盐(不仅仅是哈希)从密码创建 IV 和密钥.正如 dave 指出的那样,加密库不使用盐.
As far I understood the docs, the crypto libeary uses openssl. The openssl creates IV and key from the password using its EVP_BytesToKey function and random salt (not just hash). As dave pointed out, the crypto library uses no salt.
openssl 的输出是 Salted_{8 bytes salt}{ciphertext} 所以检查密码的输出是什么(我现在做不到)
我写了一篇小文章如何加密在Java中正确
I wrote a small article how to encrypt properly in Java
相关文章