解密 java 中使用 AES 在 php 中加密的字符串
Decrypt string in java which was encrypted using AES in php
<?php
# --- ENCRYPTION ---
# the key should be random binary, use scrypt, bcrypt or PBKDF2 to
# convert a string into a key
# key is specified using hexadecimal
$length = 16;
$key = openssl_random_pseudo_bytes($length);
// echo $key;
// $key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");
echo $key."<br/>";
echo "<br/>";
# show key size use either 16, 24 or 32 byte keys for AES-128, 192
# and 256 respectively
$key_size = strlen($key);
echo "Key size: " . $key_size;
echo "<br/>";
$plaintext = "This string was AES-256 / CBC / ZeroBytePadding encrypted.";
# create a random IV to use with CBC encoding
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
# creates a cipher text compatible with AES (Rijndael block size = 128)
# to keep the text confidential
# only suitable for encoded input that never ends with value 00h
# (because of default zero padding)
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key,
$plaintext, MCRYPT_MODE_CBC, $iv);
# prepend the IV for it to be available for decryption
$ciphertext = $iv . $ciphertext;
# encode the resulting cipher text so it can be represented by a string
$ciphertext_base64 = base64_encode($ciphertext);
echo "ENCRYPTED DATA =". $ciphertext_base64;
echo "<br/>";
# === WARNING ===
# Resulting cipher text has no integrity or authenticity added
# and is not protected against padding oracle attacks.
# --- DECRYPTION ---
$ciphertext_dec = base64_decode($ciphertext_base64);
# retrieves the IV, iv_size should be created using mcrypt_get_iv_size()
$iv_dec = substr($ciphertext_dec, 0, $iv_size);
# retrieves the cipher text (everything except the $iv_size in the front)
$ciphertext_dec = substr($ciphertext_dec, $iv_size);
# may remove 00h valued characters from end of plain text
$plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key,
$ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);
echo "DECRYPTED TEXT = ".$plaintext_dec;
?>
JAVA :-
public static String decryptWithIV(byte[] key, String encrypted)
throws GeneralSecurityException {
if (key.length != 16) {
throw new IllegalArgumentException("Invalid key size.");
}
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(
new byte[16]));
byte[] original = cipher.doFinal(Base64.decodeBase64(encrypted
.getBytes()));
return new String(original);
}
当我 运行 PHP 代码时,我得到以下 2 个详细信息,我将其复制到我的 java 代码中。
public static final String KEY = "œ8[,#BÌüïmÕe-<Æ 1^Ž—½R™t3§¡ÚI";
public static final String ENCRYPTED_DATA = "ASfLnSMyfp9vHN2UTO4TRilUIRywzVfJfrfkrp4gPsP0+lENwEHJ3/YzstfuIESgVFfpkxHGTxuiO+aWZObG5aPoZfrcoIDQLVXeRiysA4s=";
问题是我的密钥已经在字节中(当在本地主机上 运行 时),但在我的 java 代码中它再次尝试将其转换为字节。我想知道如何初始化字节数组,因为我现在有本地主机的密钥。
您的代码存在一些问题。
- 您在 Java 中的密钥只有 31 个字符长,而不是 32 个字符。字节不能总是表示为字符串,因为有时会有不可打印的字符。您可以使用
bin2hex() 将您的密钥打印为十六进制或使用 base64_encode() 作为 base64 并在 Java 中反转过程,例如 this (hex) 或 Base64.decodeBase64().
- 使用与 PHP 中相同的操作和填充模式。即使用
"AES/CBC/NoPadding"。由于PHP使用了ZeroPadding,解密后需要去掉末尾的零字节。
- IV 被添加到 PHP 中的密文,但您不会在 Java 中将 IV 切掉。此外,您提供零字节 IV。
public static String decryptWithIV(byte[] key, String encrypted)
throws GeneralSecurityException {
if (key.length != 16) {
throw new IllegalArgumentException("Invalid key size.");
}
byte[] ciphertextBytes = Base64.decodeBase64(encrypted.getBytes());
IvParameterSpec iv = new IvParameterSpec(ciphertextBytes, 0, 16);
ciphertextBytes = Arrays.copyOfRange(ciphertextBytes, 16,
ciphertextBytes.length);
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] original = cipher.doFinal(ciphertextBytes);
// remove zero bytes at the end
int lastLength = original.length;
for (int i = original.length - 1; i > original.length - 16; i--) {
if (original[i] == (byte) 0) {
lastLength--;
} else {
break;
}
}
return new String(original, 0, lastLength);
}
<?php
# --- ENCRYPTION ---
# the key should be random binary, use scrypt, bcrypt or PBKDF2 to
# convert a string into a key
# key is specified using hexadecimal
$length = 16;
$key = openssl_random_pseudo_bytes($length);
// echo $key;
// $key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");
echo $key."<br/>";
echo "<br/>";
# show key size use either 16, 24 or 32 byte keys for AES-128, 192
# and 256 respectively
$key_size = strlen($key);
echo "Key size: " . $key_size;
echo "<br/>";
$plaintext = "This string was AES-256 / CBC / ZeroBytePadding encrypted.";
# create a random IV to use with CBC encoding
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
# creates a cipher text compatible with AES (Rijndael block size = 128)
# to keep the text confidential
# only suitable for encoded input that never ends with value 00h
# (because of default zero padding)
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key,
$plaintext, MCRYPT_MODE_CBC, $iv);
# prepend the IV for it to be available for decryption
$ciphertext = $iv . $ciphertext;
# encode the resulting cipher text so it can be represented by a string
$ciphertext_base64 = base64_encode($ciphertext);
echo "ENCRYPTED DATA =". $ciphertext_base64;
echo "<br/>";
# === WARNING ===
# Resulting cipher text has no integrity or authenticity added
# and is not protected against padding oracle attacks.
# --- DECRYPTION ---
$ciphertext_dec = base64_decode($ciphertext_base64);
# retrieves the IV, iv_size should be created using mcrypt_get_iv_size()
$iv_dec = substr($ciphertext_dec, 0, $iv_size);
# retrieves the cipher text (everything except the $iv_size in the front)
$ciphertext_dec = substr($ciphertext_dec, $iv_size);
# may remove 00h valued characters from end of plain text
$plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key,
$ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);
echo "DECRYPTED TEXT = ".$plaintext_dec;
?>
JAVA :-
public static String decryptWithIV(byte[] key, String encrypted)
throws GeneralSecurityException {
if (key.length != 16) {
throw new IllegalArgumentException("Invalid key size.");
}
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(
new byte[16]));
byte[] original = cipher.doFinal(Base64.decodeBase64(encrypted
.getBytes()));
return new String(original);
}
当我 运行 PHP 代码时,我得到以下 2 个详细信息,我将其复制到我的 java 代码中。
public static final String KEY = "œ8[,#BÌüïmÕe-<Æ 1^Ž—½R™t3§¡ÚI";
public static final String ENCRYPTED_DATA = "ASfLnSMyfp9vHN2UTO4TRilUIRywzVfJfrfkrp4gPsP0+lENwEHJ3/YzstfuIESgVFfpkxHGTxuiO+aWZObG5aPoZfrcoIDQLVXeRiysA4s=";
问题是我的密钥已经在字节中(当在本地主机上 运行 时),但在我的 java 代码中它再次尝试将其转换为字节。我想知道如何初始化字节数组,因为我现在有本地主机的密钥。
您的代码存在一些问题。
- 您在 Java 中的密钥只有 31 个字符长,而不是 32 个字符。字节不能总是表示为字符串,因为有时会有不可打印的字符。您可以使用
bin2hex()将您的密钥打印为十六进制或使用base64_encode()作为 base64 并在 Java 中反转过程,例如 this (hex) 或Base64.decodeBase64(). - 使用与 PHP 中相同的操作和填充模式。即使用
"AES/CBC/NoPadding"。由于PHP使用了ZeroPadding,解密后需要去掉末尾的零字节。 - IV 被添加到 PHP 中的密文,但您不会在 Java 中将 IV 切掉。此外,您提供零字节 IV。
public static String decryptWithIV(byte[] key, String encrypted)
throws GeneralSecurityException {
if (key.length != 16) {
throw new IllegalArgumentException("Invalid key size.");
}
byte[] ciphertextBytes = Base64.decodeBase64(encrypted.getBytes());
IvParameterSpec iv = new IvParameterSpec(ciphertextBytes, 0, 16);
ciphertextBytes = Arrays.copyOfRange(ciphertextBytes, 16,
ciphertextBytes.length);
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] original = cipher.doFinal(ciphertextBytes);
// remove zero bytes at the end
int lastLength = original.length;
for (int i = original.length - 1; i > original.length - 16; i--) {
if (original[i] == (byte) 0) {
lastLength--;
} else {
break;
}
}
return new String(original, 0, lastLength);
}