英文:
Encrypt with JAVA (jasypt) and Decrypt with PHP
问题
Encrypt with JAVA (jasypt) and Decrypt with PHP - Whats the less vulnerable Algorithm?
Im working on a legacy system that has the following tasks:
1) The Java Application saves some encrypted data on a mysql database. This happens very rarely. The data is saved once and rarely updated.
2) A PHP page loads that encrypted data from the mysql database and uses it for internal logic. This php page must be able to decrypt it internally, but not to encrypt it.
3) The java Application also loads the encrypted data from the mysql database and decrypts it for internal purposes.
In another words, I have a Java application that encrypts and decrypts data. And I have a php single page that must be able to decrypt the data.
Currently, I must re-do this with new crypto algorithms. I researched at stackoverflow and many are saying to stay away from MD5 and DES. As far as I understood, I must go with AES, So Ive came up with the following java CODE below. However:
a) Im unsure how to decrypt with php, I normally use openSSL but I dont know the equivalent algo name in php.
<?php
ini_set('display_errors', 1);
$salt = 'nXdHqFg74g22g4Vq';
$key = $salt;
$data = 'uVJ+m3FGkzFTCQXpZJysmo53rWh5+5L9dWzyyD8xues=';
$method = "AES-256-CFB";
echo openssl_decrypt($data, "AES-256-CFB", $key);
?>
b) Is this safe enough for general purposes? I dont need anything awesomely secure just enough since this data mostly travel through https.
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.iv.IvGenerator;
import org.jasypt.iv.StringFixedIvGenerator;
public class MyCryptoTest {
private static final byte[] key = {110, 88, 100, 72, 113, 70, 103, 55, 52, 103, 50, 50, 103, 52, 86, 113};
private static PooledPBEStringEncryptor textCryptor = new PooledPBEStringEncryptor();
public static void main(String args[]) throws Exception {
String input = "stackoverflow";
String x = encrypt(input);
String y = decrypt(x);
System.out.println(x);
System.out.println(y);
System.out.println("Test Result: " + input.equals(y));
}
static {
IvGenerator ivGenerator = new StringFixedIvGenerator("some_random_word?");
textCryptor.setPoolSize(2);
textCryptor.setPassword(new String(key));
textCryptor.setAlgorithm("PBEWithHMACSHA512AndAES_256");
textCryptor.setIvGenerator(ivGenerator);
}
public static String encrypt(String strClearText) throws Exception {
String strData = "";
try {
strData = textCryptor.encrypt(strClearText);
} catch (Exception ex) {
ex.printStackTrace();
throw new Exception(ex);
}
return strData;
}
public static String decrypt(String strEncrypted) throws Exception {
String strData = "";
try {
strData = textCryptor.decrypt(strEncrypted);
} catch (Exception ex) {
throw new Exception(ex);
}
return strData;
}
}
Important Quotes from the references:
Ideally you should move away from DES and since this padding is going to be a problem in PHP, why not see if you can change the encryption algorithm to something less troublesome and more secure?
To help you can show this page: http://www.ietf.org/rfc/rfc4772.txt, where it is succinctly expressed that DES is susceptible to brute force attacks, so has been deprecated and replaced with AES.
Community♦ 111 silver badge answered Dec 17 '13 at 17:15
James Black
Both MD5 and DES have known vulnerabilities and should not be used. – SLaks Apr 24 '12 at 14:45
MD5 is actually fine for key derivation, single DES is only fine for real time, short lived encryption purposes (which is basically never).
Both should be avoided of course, especially if you don't know what you are doing. – Maarten Bodewes Apr 25 '12 at 20:06
References:
https://stackoverflow.com/questions/10300185/decrypt-with-php-a-java-encryption-pbewithmd5anddes
https://stackoverflow.com/questions/9333504/how-can-i-list-the-available-cipher-algorithms
英文:
Encrypt with JAVA (jasypt) and Decrypt with PHP - Whats the less vulnerable Algorithm?
Im working on a legacy system that has the following tasks:
1) The Java Application saves some encrypted data on a mysql database. This happens very rarely. The data is saved once and rarely updated.
2) A PHP page loads that encrypted data from the mysql database and uses it for internal logic. This php page must be able to decrypt it internally, but not to encrypt it.
3) The java Application also loads the encrypted data from the mysql database and decrypts it for internal purposes.
In another words, I have a Java application that encrypts and decrypts data. And I have a php single page that must be able to decrypt the data.
Currently, I must re-do this with new crypto algorithms. I researched at stackoverflow and many are saying to stay away from MD5 and DES. As far as I understood, I must go with AES, So Ive came up with the following java CODE below. However:
a) Im unsure how to decrypt with php, I normally use openSSL but I dont know the equivalent algo name in php.
<?php
ini_set('display_errors', 1);
$salt = 'nXdHqFg74g22g4Vq';
$key = $salt; // ? not sure
$data = 'uVJ+m3FGkzFTCQXpZJysmo53rWh5+5L9dWzyyD8xues=';
$method = "AES-256-CFB"; //not sure which
//openssl_decrypt ( string $data , string $method , string $key [, int $options = 0 [, string $iv = "" [, string $tag = "" [, string $aad = "" ]]]] ) : string
echo openssl_decrypt($data, "AES-256-CFB", $key);
?>
b) Is this safe enough for general purposes? I dont need anything awesomely secure just enough since this data mostly travel through https.
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.iv.IvGenerator;
import org.jasypt.iv.StringFixedIvGenerator;
public class MyCryptoTest {
//private static final byte[] key = "nXdHqFg74g22g4Vq".getBytes();
private static final byte[] key = {110, 88, 100, 72, 113, 70, 103, 55, 52, 103, 50, 50, 103, 52, 86, 113};
private static PooledPBEStringEncryptor textCryptor = new PooledPBEStringEncryptor();
public static void main(String args[]) throws Exception {
//System.out.println(Arrays.toString(key));
//System.out.println(Arrays.toString("nXdHqFg74g22g4Vq".getBytes(Charset.forName("UTF-8"))));
String input = "stackoverflow";
String x = encrypt(input);
String y = decrypt(x);
System.out.println(x);
System.out.println(y);
System.out.println("Test Result: " + input.equals(y));
}
static {
IvGenerator ivGenerator = new StringFixedIvGenerator("some_random_word?");
textCryptor.setPoolSize(2);
textCryptor.setPassword(new String(key));
textCryptor.setAlgorithm("PBEWithHMACSHA512AndAES_256");
textCryptor.setIvGenerator(ivGenerator);
}
public static String encrypt(String strClearText) throws Exception {
String strData = "";
try {
strData = textCryptor.encrypt(strClearText);
} catch (Exception ex) {
ex.printStackTrace();
throw new Exception(ex);
}
return strData;
}
public static String decrypt(String strEncrypted) throws Exception {
String strData = "";
try {
//System.out.println(strEncrypted);
strData = textCryptor.decrypt(strEncrypted);
} catch (Exception ex) {
throw new Exception(ex);
}
return strData;
}
}
Important Quotes from the references:
> Ideally you should move away from DES and since this padding is going
> to be a problem in PHP, why not see if you can change the encryption
> algorithm to something less troublesome and more secure?
>
> To help you can show this page: http://www.ietf.org/rfc/rfc4772.txt,
> where it is succinctly expressed that DES is susceptible to brute
> force attacks, so has been deprecated and replaced with AES.
>
>
> Community♦ 111 silver badge answered Dec 17 '13 at 17:15
>
> James Black
> Both MD5 and DES have known vulnerabilities and should not be used. –
> SLaks Apr 24 '12 at 14:45
>
>
> MD5 is actually fine for key derivation, single DES is only fine for
> real time, short lived encryption purposes (which is basically never).
> Both should be avoided of course, especially if you don't know what
> you are doing. – Maarten Bodewes Apr 25 '12 at 20:06
References:
https://stackoverflow.com/questions/10300185/decrypt-with-php-a-java-encryption-pbewithmd5anddes
https://stackoverflow.com/questions/9333504/how-can-i-list-the-available-cipher-algorithms
答案1
得分: 2
关于 Jasypt 代码,需要考虑以下内容:
-
PBEWithHMACSHA512AndAES_256使用 PBKDF2,即通过摘要、密码、盐和迭代次数派生加密/解密密钥,因此这些参数在解密时也是必需的。算法和摘要可以直接派生:AES-256 和 SHA-512。作为操作模式,应用了 CBC。 -
发布的代码由于随机生成的盐,每次生成不同的密文。可以通过类似于 IV 的方式将用户定义的盐传递给
PooledPBEStringEncryptor实例textCryptor:textCryptor.setSaltGenerator(new StringFixedSaltGenerator(<YourSalt>)); -
Jasypt 使用块大小(AES 为 16 字节)作为盐的大小。较小的盐会引发异常,较大的盐会被简单截断。
-
IV 的处理与盐类似:较小的 IV 会引发异常,较大的 IV 会被截断。
-
如果未使用
PooledPBEStringEncryptor#setKeyObtentionIterations(<iteration count>)显式设置迭代次数,默认使用1000。 -
Jasypt 期望密码为 ASCII 字符串(仅供完整性参考,因为这也适用于发布的代码)。
使用盐 A16bytesSalt_012,Jasypt 代码提供以下密文:Lg01eeYnujbof0Wy9rs3XQ==。可以使用 PHP 使用 hash_pbkdf2 对其进行解密,示例如下:
<?php
$salt = 'A16bytesSalt_012'; // Jasypt 代码中使用的盐的前 16 字节
$iv = 'some_random_word'; // Jasypt 代码中使用的 IV 的前 16 字节
$iterations = 1000; // Jasypt 默认值
$password = array(110, 88, 100, 72, 113, 70, 103, 55, 52, 103, 50, 50, 103, 52, 86, 113); // Jasypt 代码中使用的密码
$password = implode(array_map("chr", $password));
$key = hash_pbkdf2("sha512", $password, $salt, $iterations, 32, TRUE);
$data = 'Lg01eeYnujbof0Wy9rs3XQ=='; // 来自 Jasypt 代码的密文
$method = "aes-256-cbc"; // Jasypt 代码中使用的算法和模式
echo openssl_decrypt($data, $method, $key, 0, $iv);
?>
英文:
Concerning the Jasypt code the following has to be considered:
-
PBEWithHMACSHA512AndAES_256uses PBKDF2, i.e. by means of digest, password, salt and iteration count the encryption / decryption key is derived, i.e. these parameters are also needed for decryption. Algorithm and digest can be derived directly: AES-256 and SHA-512. As mode of operation CBC is applied. -
The posted code generates a different ciphertext each time due to a randomly generated salt. A user defined salt can be passed to the
PooledPBEStringEncryptorinstancetextCryptoranalogous to the IV with:textCryptor.setSaltGenerator(new StringFixedSaltGenerator(<YourSalt>)); -
Jasypt uses the blocksize (16 bytes for AES) as salt size. Smaller salts cause an exception, larger salts are simply truncated.
-
The processing of the IV is analogous to the salt: Smaller IVs cause an exception, larger IVs are truncated.
-
If the iteration count isn't set explicitly with
PooledPBEStringEncryptor#setKeyObtentionIterations(<iteration count>),1000is used by default. -
Jasypt expects an ASCII-string as password (just for completeness, as this is true for the posted code).
With the Salt A16bytesSalt_012 the Jasypt code provides the following ciphertext: Lg01eeYnujbof0Wy9rs3XQ==. This ciphertext can be decrypted with PHP using hash_pbkdf2 as follows:
<?php
$salt = 'A16bytesSalt_012'; // First 16 bytes of the salt used in Jasypt code
$iv = 'some_random_word'; // First 16 bytes of the IV used in Jasypt code
$iterations = 1000; // Jasypt default
$password = array(110, 88, 100, 72, 113, 70, 103, 55, 52, 103, 50, 50, 103, 52, 86, 113); // Password used in Jasypt code
$password = implode(array_map("chr", $password));
$key = hash_pbkdf2("sha512", $password, $salt, $iterations, 32, TRUE);
$data = 'Lg01eeYnujbof0Wy9rs3XQ=='; // Ciphertext from Jasypt code
$method = "aes-256-cbc"; // Algorithm and mode used in Jasypt code
echo openssl_decrypt($data, $method, $key, 0, $iv);
?>
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论