AES CBC算法/填充在Java/Angular中

huangapple
go评论70阅读模式
英文:

AES CBC algorithm/padding in java/angular

问题

我已经在Angular中编写了这段代码以对字符串进行加密:

import { Injectable } from '@angular/core';
import * as CryptoJS from 'crypto-js';

@Injectable({
    providedIn: 'root',
})
export class CryptoService {

  encrypt(message: string, clef: string): string {

    const salt = CryptoJS.SHA256("123456789123");

    const key = CryptoJS.PBKDF2(clef, salt, {
      keySize: 128 / 32,
      iterations: 1000
    });

    let iv = CryptoJS.enc.Utf8.parse(clef);
    let encrypted = CryptoJS.AES.encrypt(CryptoJS.enc.Utf8.parse(message.toString()), key,
    {
        keySize: 128 / 8,
        iv: iv,
        mode: CryptoJS.mode.CBC,
        padding: CryptoJS.pad.Pkcs7
    });

    return encrypted.toString();
  }

  generateKey(): string {
      let result = '';
      const characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
      const charactersLength = characters.length;
      let counter = 0;
      while (counter < 16) {
        result += characters.charAt(Math.floor(Math.random() * charactersLength));
        counter += 1;
      }
      return result;
  }
}

我将密钥和加密后的消息传递到后端进行解密。

在Java中,我编写了以下代码:

import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Base64;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;

public class AESUtilService {

    protected static final String salt = "123456789123";

    public SecretKey getKeyFromPassword(String password)
        throws NoSuchAlgorithmException, InvalidKeySpecException {
        
        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
        KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(), 1000, 128/32);
        SecretKey secret = factory.generateSecret(spec);
        return secret;
    }

    public String decrypt(String cipherText, SecretKey key)
        throws NoSuchPaddingException, NoSuchAlgorithmException,
        InvalidAlgorithmParameterException, InvalidKeyException,
        BadPaddingException, IllegalBlockSizeException {
            
        String algorithm = "AES/CBC/PKCS7Padding";
        IvParameterSpec iv = new IvParameterSpec("MnTQLHcWumIKTXpQ".getBytes());
        
        Cipher cipher = Cipher.getInstance(algorithm);
        cipher.init(Cipher.DECRYPT_MODE, key, iv);
        byte[] plainText = cipher.doFinal(Base64.getDecoder().decode(cipherText));
        return new String(plainText);
    }
}

我的问题如下:
在Java中,如果我使用 String algorithm = "AES/CBC/PKCS7Padding"; 这一行代码会导致程序崩溃。但是如果我使用 String algorithm = "AES/CBC/PKCS5Padding"; 则会通过,但这时在Angular中会崩溃。 padding: CryptoJS.pad.Pkcs5

我找不到这个问题的解决方案,所以我请求您的帮助。

英文:

I have written this code in Angular to encrypt a string:

import { Injectable } from &#39;@angular/core&#39;;
import * as CryptoJS from &#39;crypto-js&#39;;

@Injectable({
    providedIn: &#39;root&#39;,
  })
export class CryptoService {
  
  encrypt(message: string, clef: string): string {

    const salt = CryptoJS.SHA256(&quot;123456789123&quot;);

    const key = CryptoJS.PBKDF2(clef, salt, {
      keySize: 128 / 32,
      iterations: 1000
  });

    // var key = CryptoJS.enc.Utf8.parse(clef);
    let iv = CryptoJS.enc.Utf8.parse(clef);
    let encrypted = CryptoJS.AES.encrypt(CryptoJS.enc.Utf8.parse(message.toString()), key,
    {
        keySize: 128 / 8,
        iv: iv,
        mode: CryptoJS.mode.CBC,
        padding: CryptoJS.pad.Pkcs7
    });


    // var encryptedMessage = CryptoJS.AES.encrypt(message.trim(), key).toString();

    return encrypted.toString();
  }

  generateKey(): string {
      let result = &#39;&#39;;
      const characters = &#39;ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789&#39;;
      const charactersLength = characters.length;
      let counter = 0;
      while (counter &lt; 16) {
      result += characters.charAt(Math.floor(Math.random() * charactersLength));
      counter += 1;
      }
      return result;
  }
}

I transfer my key and encriptedMessage to the back for the decryption.

I code dat on java:

import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Base64;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;

public class AESUtilService {
	
	protected static final String salt = &quot;123456789123&quot;;
	
	public SecretKey getKeyFromPassword(String password)
		throws NoSuchAlgorithmException, InvalidKeySpecException {
	    
	    SecretKeyFactory factory = SecretKeyFactory.getInstance(&quot;PBKDF2WithHmacSHA256&quot;);
	    KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(), 1000, 128/32);
	    SecretKey secret = factory.generateSecret(spec);
	    return secret;
	}
    public String decrypt(String cipherText, SecretKey key)
		throws NoSuchPaddingException, NoSuchAlgorithmException,
		InvalidAlgorithmParameterException, InvalidKeyException,
		BadPaddingException, IllegalBlockSizeException {
		    
		String algorithm = &quot;AES/CBC/PKCS7Padding&quot;;
		IvParameterSpec iv = new IvParameterSpec(&quot;MnTQLHcWumIKTXpQ&quot;.getBytes());
		
		Cipher cipher = Cipher.getInstance(algorithm);
		cipher.init(Cipher.DECRYPT_MODE, key, iv);
		byte[] plainText = cipher.doFinal(Base64.getDecoder().decode(cipherText));
		return new String(plainText);
	}
	
}

My issue is the following.
The part of the code Cipher cipher = Cipher.getInstance(algorithm); crashes in java, if I use String algorithm = &quot;AES/CBC/PKCS7Padding&quot;;
However it would pass with String algorithm = &quot;AES/CBC/PKCS5Padding&quot;;, but this time it's angular that would crash. padding: CryptoJS.pad.Pkcs5

I can't find a solution for this problem, and that's why I ask for your help.

答案1

得分: 1

根据您的代码,似乎存在与PBEKeySpec和密钥长度规范有关的问题。
**JAVA**:您必须使用"AES/CBC/PKCS5Padding"而不是"AES/CBC/PKCS7Padding"
**Angular**:在密钥长度和PBEKeySpec上进行更改
  let encrypted = CryptoJS.AES.encrypt(CryptoJS.enc.Utf8.parse("hasan test"), key,
  {
      keySize: 16,
      iv: iv,
      mode: CryptoJS.mode.CBC,
      padding: CryptoJS.pad.Pkcs7
  }).toString();
英文:

As per your code seems like, There is a issue with your PBEKeySpec and key length specification.
JAVA: you must need to use "AES/CBC/PKCS5Padding" instead of "AES/CBC/PKCS7Padding"
Angular: Make changes on key length and PBEKeySpec
let encrypted = CryptoJS.AES.encrypt(CryptoJS.enc.Utf8.parse("hasan test"), key,
{
keySize: 16,
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
}).toString();

答案2

得分: 0

我终于找到一篇帖子说 Java 中的 PKCS5 与 Angular 中的 PKCS7 是相同的 --> 填充(128)。
来源:https://crypto.stackexchange.com/questions/9043/what-is-the-difference-between-pkcs5-padding-and-pkcs7-padding

英文:

I finaly find a post who sayd they pkcs5 in java are the same as pkcs7 in angular
-->padding (128)

source:
https://crypto.stackexchange.com/questions/9043/what-is-the-difference-between-pkcs5-padding-and-pkcs7-padding

huangapple
  • 本文由 发表于 2023年2月10日 16:56:28
  • 转载请务必保留本文链接:https://go.coder-hub.com/75408841.html
  • aes
  • algorithm
  • angular
  • cbc-mode
  • java
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定