C# 上有一个加密密码的服务器(方法encryptCSharp),android 应用程序接收加密密码、salt、passPhrase 和initVector。
我必须用 Java 解密该密码。
服务器人员在 C# 中向我发送了一个加密方法,我需要创建 encryptJava 和 decryptJava 方法,它们在 Java 中的工作方式与在 C# 中的工作方式相同。
要创建 Java 中不存在的 PasswordDeriveBytes
,我使用此处的示例 Encryption Diff Between Java and C#
那么,我的问题是,我的 Java 方法出了什么问题?两者都不起作用
更新:我对代码 fragment 进行了一些更改,现在一切正常!!
我调用该方法:
String encryptedText = encryptJava("12345", "100", "@.erf.net34", "@gugnet@gugnet77");//it works!!
String decryptedText = decryptJava(encryptedText, "100", "@.erf.net34", "@gugnet@gugnet77");//it doesn't work!!
这是我使用的 Java 方法和来自服务器的 C# 方法。
C#(我无法更改)
public static String encryptCSharp(String plainText, String saltValue, String passPhrase, String initVector) {
String hashAlgorithm = "SHA1";
int passwordIterations = 1;
int keySize = 256;
// Convert strings into byte arrays.
// Let us assume that strings only contain ASCII codes.
// If strings include Unicode characters, use Unicode, UTF7, or UTF8
// encoding.
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
// Convert our plaintext into a byte array.
// Let us assume that plaintext contains UTF8-encoded characters.
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
// First, we must create a password, from which the key will be derived.
// This password will be generated from the specified passphrase and
// salt value. The password will be created using the specified hash
// algorithm. Password creation can be done in several iterations.
PasswordDeriveBytes password = new PasswordDeriveBytes(
passPhrase,
saltValueBytes,
hashAlgorithm,
passwordIterations);
// Use the password to generate pseudo-random bytes for the encryption
// key. Specify the size of the key in bytes (instead of bits).
byte[] keyBytes = password.GetBytes(keySize / 8);
// Create uninitialized Rijndael encryption object.
RijndaelManaged symmetricKey = new RijndaelManaged();
// It is reasonable to set encryption mode to Cipher Block Chaining
// (CBC). Use default options for other symmetric key parameters.
symmetricKey.Mode = CipherMode.CBC;
// Generate encryptor from the existing key bytes and initialization
// vector. Key size will be defined based on the number of the key
// bytes.
ICryptoTransform encryptor = symmetricKey.CreateEncryptor(
keyBytes,
initVectorBytes);
// Define memory stream which will be used to hold encrypted data.
MemoryStream memoryStream = new MemoryStream();
// Define cryptographic stream (always use Write mode for encryption).
CryptoStream cryptoStream = new CryptoStream(memoryStream,
encryptor,
CryptoStreamMode.Write);
// Start encrypting.
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
// Finish encrypting.
cryptoStream.FlushFinalBlock();
// Convert our encrypted data from a memory stream into a byte array.
byte[] cipherTextBytes = memoryStream.ToArray();
// Close both streams.
memoryStream.Close();
cryptoStream.Close();
// Convert encrypted data into a base64-encoded string.
String cipherText = Convert.ToBase64String(cipherTextBytes);
// Return encrypted string.
return cipherText;
}
Java 加密消息,它有效,我得到了与 C# 中的方法相同的结果
private String encryptJava(String plainText, String saltValue, String passPhrase, String initVector) {//working!!!
String result = "";
byte[] initVectorBytes = initVector.getBytes(US_ASCII);
byte[] saltValueBytes = saltValue.getBytes(US_ASCII);
byte[] plainTextBytes = plainText.getBytes(UTF_8);
Cipher cipher;
try {
final com.gmail.example.PasswordDeriveBytes password = new com.gmail.example.PasswordDeriveBytes(passPhrase, saltValueBytes);
final byte[] keyBytes = password.getBytes(256 / Byte.SIZE);
SecretKeySpec secretKey = new SecretKeySpec(keyBytes, "AES");
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
try {
cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(initVectorBytes));
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
}
final byte[] ct = cipher.doFinal(plainTextBytes);
result = Base64.encodeToString(ct, Base64.DEFAULT);//**added this line!**
//result = new String(ct, "US-ASCII");**-- deleted this line!**
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
}
return result;
}
在 C# 中模拟相同方法的 Java 方法
public class PasswordDeriveBytes {
private final MessageDigest hash;
private final byte[] firstToLastDigest;
private final byte[] outputBuffer;
private int position = 0;
public PasswordDeriveBytes(String password, byte[] salt) {
try {
this.hash = MessageDigest.getInstance("SHA-1");
this.hash.update(password.getBytes(UTF_8));
this.hash.update(salt);
this.firstToLastDigest = this.hash.digest();
final int iterations = 1;//**changed from 100**
for (int i = 1; i < iterations - 1; i++) {
hash.update(firstToLastDigest);
hash.digest(firstToLastDigest, 0, firstToLastDigest.length);
}
this.outputBuffer = hash.digest(firstToLastDigest);
} catch (NoSuchAlgorithmException | DigestException e) {
throw new IllegalStateException("SHA-1 digest should always be available", e);
}
}
public byte[] getBytes(int requested) {
if (requested < 1) {
throw new IllegalArgumentException(
"You should at least request 1 byte");
}
byte[] result = new byte[requested];
int generated = 0;
try {
while (generated < requested) {
final int outputOffset = position % outputBuffer.length;
if (outputOffset == 0 && position != 0) {
final String counter = String.valueOf(position / outputBuffer.length);
hash.update(counter.getBytes(US_ASCII));
hash.update(firstToLastDigest);
hash.digest(outputBuffer, 0, outputBuffer.length);
}
final int left = outputBuffer.length - outputOffset;
final int required = requested - generated;
final int copy = Math.min(left, required);
System.arraycopy(outputBuffer, outputOffset, result, generated, copy);
generated += copy;
position += copy;
}
} catch (final DigestException e) {
throw new IllegalStateException(e);
}
return result;
}
}
最后是不起作用的 Java 方法,并尝试理解我做错了什么
private String decryptJava(String encryptedText, String saltValue, String passPhrase, String initVector) {
String result = "";
byte[] initVectorBytes = initVector.getBytes(US_ASCII);
byte[] saltValueBytes = saltValue.getBytes(US_ASCII);
byte[] encryptedTexttBytes = Base64.decode(encryptedText, Base64.DEFAULT);
Cipher cipher;
try {
final PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, saltValueBytes);
final byte[] keyBytes = password.getBytes(256 / Byte.SIZE);
SecretKeySpec secretKey = new SecretKeySpec(keyBytes, "AES");
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
try {
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(initVectorBytes));
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
}
final byte[] ct = cipher.doFinal(encryptedTexttBytes);
//result = Base64.encodeToString(ct, Base64.DEFAULT); - **deleted this line**
try {
result = new String(ct, "US-ASCII");//** added this line**
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
}
return result;
}
最佳答案
使用 PasswordDeriveBytes
永远不会曾经要求比底层哈希函数更多的字节。此函数实现 PBKDF1,它不能输出超过该位数的位数(在您的示例中,SHA-1 为 160)。
Microsoft 的实现允许更多的输出,但是实现被破坏到了极致(甚至可能重复输出!)。使用 Rfc2898DeriveBytes
代替,它实现了 PBKDF2,在 Java 中也可用。使用更大的散列,PBKDF2 可以生成比散列输出更多的字节,但代价是安全性。
关于java - C#和Java之间的加密/解密,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45898618/