我有以下 Java 代码:
public static void deriveKeyAndIV(String password)
throws Exception
{
SecureRandom random = new SecureRandom();
if (salt == null)
{
salt = new byte[HASH_BYTE_SIZE / 8]; // use salt size at least as long as hash
random.nextBytes(salt);
}
if (ivBytes == null)
{
ivBytes = new byte[HASH_BYTE_SIZE / 8];
random.nextBytes(ivBytes);
}
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, PBKDF2_ITERATIONS, HASH_BYTE_SIZE);
SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
keyBytes = skf.generateSecret(spec).getEncoded();
}
public static byte[] encrypt(byte[] message)
throws Exception
{
// wrap key data in Key/IV specs to pass to cipher
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
//IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
// create the cipher with the algorithm you choose
// see javadoc for Cipher class for more info, e.g.
Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5Padding");
GCMParameterSpec gps = new GCMParameterSpec(128, ivBytes);
cipher.init(Cipher.ENCRYPT_MODE, key, gps);
byte[] encrypted = new byte[cipher.getOutputSize(message.length)];
int enc_len = cipher.update(message, 0, message.length, encrypted, 0);
enc_len += cipher.doFinal(encrypted, enc_len);
return encrypted;
}
public static byte[] decrypt(byte[] cipher_text)
throws Exception
{
// wrap key data in Key/IV specs to pass to cipher
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
// create the cipher with the algorithm you choose
// see javadoc for Cipher class for more info, e.g.
Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5Padding");
GCMParameterSpec gps = new GCMParameterSpec(128, ivBytes);
cipher.init(Cipher.DECRYPT_MODE, key, gps);
byte[] decrypted = new byte[cipher.getOutputSize(cipher_text.length)];
int dec_len = cipher.update(cipher_text, 0, cipher_text.length, decrypted, 0);
dec_len += cipher.doFinal(decrypted, dec_len);
return decrypted;
}
public static void main(String[] args) {
String pass = "hello";
try {
deriveKeyAndIV(pass);
byte[] tmp = encrypt("world!".getBytes());
System.out.println(new String(Base64.getEncoder().encode(tmp)));
System.out.println(new String(tmp));
System.out.println("encrypted:\t" + bytesToHex(tmp));
System.out.println("key:\t" + bytesToHex(keyBytes));
System.out.println("iv:\t" + bytesToHex(ivBytes));
tmp = decrypt(tmp);
System.out.println("decrypted:\t" + bytesToHex(tmp));
} catch (Exception e) {
e.printStackTrace();
}
}
示例输出:
5xwfm037nXfGS06V5OKgW/oo6WDuow==
��M��w�KN���[�(�`�
encrypted: E71C1F9B4DFB9D77C64B4E95E4E2A05BFA28E960EEA3
key: 6D525D38BFF7F70AD25205E97368C197
iv: 060374643557ED8E2F6A215F1B6DBD0E
decrypted: 776F726C6421
我将 Base64 输出复制到文件中(测试),并尝试使用以下命令对其进行解密:
openssl enc -d -base64 -id-aes128-GCM -K 6D525D38BFF7F70AD25205E97368C197 -in ~/Desktop/test-in -out ~/Desktop/test-out -iv 060374643557ED8E2F6A215F1B6DBD0E
我收到解密错误错误消息(退出代码:1)。尝试不同的模式(id-aes192-GCM 和 id-aes256-GCM)结果相同。
我做错了什么?
最佳答案
I copied the Base64 output into a file (test-in), and tried decrypting it using the following command ...
经过身份验证的加密模式不适用于命令行工具。来自 openssl enc man page :
The enc program does not support authenticated encryption modes like CCM and GCM. The utility does not store or retrieve the authentication tag.
我知道文档最近根据上述声明进行了更新(大约 2014 年 5 月或 6 月)。触发它的邮件列表消息是 v1.0.1g command line gcm error .
我不知道这些工具的新版本(例如 1.0.2 或 1.1.0 中的 openssl enc)是否提供了有意义的错误消息,或者您是否只是得到解密失败。
What I'm doing wrong?
什么都没有。
关于java - 使用openssl解密用java加密的aes-gcm,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27561605/