使用Java解密AES-256-ECB。

huangapple go评论87阅读模式
英文:

Decrypt using AES-256-ECB in Java

问题

我已经使用 AES-256-ECB 在 PHP 中加密了字符串。

$sString = "test";
$sEncryptionMethod = "AES-256-ECB";
$sEncryptionKey = "mysecretkey";

openssl_encrypt($sString, $sEncryptionMethod, $sEncryptionKey);

我想使用 Java/Scala 解密相同的内容。

String secret = "mysecretkey";
SecretKeySpec skeySpec = new SecretKeySpec(encKey.getBytes("UTF-8"), "AES");
byte[] decodedValue = Base64.getDecoder.decode(token);

Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
int decryptMode = Cipher.DECRYPT_MODE;
cipher.init(decryptMode, skeySpec);
new String(cipher.doFinal(decodedValue));

我遇到了以下错误。如何在 Java 中解密?注意:(在 PHP 中解密正常工作),但我想在 Java 中进行解密。

给定的最终块未正确填充。如果在解密过程中使用了错误的密钥,可能会出现此类问题。
英文:

I have encrypted the string in PHP using AES-256-ECB.

$sString   = "test"
$sEncryptionMethod = "AES-256-ECB";
$sEncryptionKey = "mysecretkey";

openssl_encrypt($sString, $sEncryptionMethod, $sEncryptionKey)

I would like to decrypt the same using Java/Scala?

 String secret = "mysecretkey";
 SecretKeySpec skeySpec = new SecretKeySpec(encKey.getBytes("UTF-8"), "AES");
 byte[] decodedValue = Base64.getDecoder.decode(token);

 Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
 int decryptMode = Cipher.DECRYPT_MODE;
 cipher.init(decryptMode, skeySpec);
 new String(cipher.doFinal(decodedValue));

I am seeing the following error? how can we decrypt the same using Java?
Note: (decryption in PHP is working as expected) but I want to do this in Java

Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

答案1

得分: 6

密钥必须恰好为256位。显然,PHP端正在对“mysecretkey”进行一些未指明的神秘操作,以获得256位密钥。与PHP不同,Java不会像PHP那样参与“用户似乎不知道他们在做什么,嗯,我会猜一个疯狂的想法”,这就是问题所在。

找出如何将“mysecretkey”转换为256位密钥,并在Java中复制该过程。

注:ECB非常不安全。听起来你对加密的了解不足,很难编写一个真正难以轻易破解的应用程序。

另注:PHP文档本身强烈建议“key”应为一些具有256位密码学派生安全源。实际上,当你提供一个错误的密钥时,openssl_encrypt确实会给你一个答案,这有些令人费解。请参阅PHP手册上关于openssl_encrypt的各种评论,这些评论清楚地强调了其中的一些怪事,但没有一个足够清楚地解释PHP在这里实际上在做什么。

英文:

The key has to be exactly 256 bit long. Clearly the PHP side is doing some unspecified magic voodoo to "mysecretkey" to obtain a 256 bit key. Java does not, as a rule, engage in 'the user does not appear to know what they are doing, eh, I'll take a wild stab in the dark', like PHP does, which is the problem here.

Figure out how "mysecretkey" is turned into a 256-bit key, and replicate that in java.

NB: ECB is extremely insecure. It sounds like you don't know enough about encryption to have any hope of producing an application that is actually hard to trivially break.

NB2: Note that the PHP documentation itself strongly suggests that 'key' should be some cryptographically derived secure source of 256 bits. The fact that openssl_encrypt actually gives you an answer when you provide a broken key is somewhat eyebrow raising. See the various comments at the PHP manual on openssl_encrypt which clearly highlight some weirdness is going on there but none are clear enough to actually explain what PHP is doing here.

huangapple
  • 本文由 发表于 2020年10月5日 11:04:46
  • 转载请务必保留本文链接:https://go.coder-hub.com/64201958.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定