drlnsli18864734
2018-07-16 07:19 浏览 122
已采纳

河豚GoLang加密和Java解密

Unable to decrypt the cipher text in Java which is ecrypted in GoLang using Blowfish.

Encryption

import (
    "testing"
    "golang.org/x/crypto/blowfish"
    "github.com/andreburgaud/crypt2go/ecb"
    "github.com/andreburgaud/crypt2go/padding"
    "fmt"
    "encoding/base64"
)

func TestEncrypt(t *testing.T) {

    bytes := []byte("cap")
    key := []byte("1c157d26e2db9a96a556e7614e1fbe36")

    encByte := encrypt(bytes, key)
    enc := base64.StdEncoding.EncodeToString(encByte)
    fmt.Printf("ENC - %s
", enc)
}

func encrypt(pt, key []byte) []byte {
    block, err := blowfish.NewCipher(key)
    if err != nil {
        panic(err.Error())
    }
    mode := ecb.NewECBEncrypter(block)
    padder := padding.NewPkcs5Padding()
    pt, err = padder.Pad(pt) // padd last block of plaintext if block size less than block cipher size
    if err != nil {
        panic(err.Error())
    }
    ct := make([]byte, len(pt))
    mode.CryptBlocks(ct, pt)
    return ct
}

// Output
// ENC - AP9atM49v8o=

Decryption

import lombok.SneakyThrows;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

import static java.util.Base64.getDecoder;
import static java.util.Base64.getEncoder;

public class UserAuthenticationFilter {

    public static void main(String[] args) throws Exception {
        String key = "1c157d26e2db9a96a556e7614e1fbe36";
        System.out.println(decrypt(getDecoder().decode("AP9atM49v8o="), key));

        // encryption and decryption verification
        // String plainText = "cap";
        // String cipher = encrypt(plainText, key);
        // String decrypted = decrypt(getDecoder().decode(enc), key);
        // assert decrypted.equals(plainText);
    }

    @SneakyThrows
    public static String encrypt(String plainText, String key) {
        byte[] myKeyByte = hexToBytes(key);
        SecretKeySpec skeySpec = new SecretKeySpec(myKeyByte, "Blowfish");
        Cipher ecipher = Cipher.getInstance("Blowfish/ECB/PKCS5Padding");
        ecipher.init(Cipher.ENCRYPT_MODE, skeySpec);

        byte[] src = ecipher.doFinal(plainText.getBytes("ISO-8859-1"));
        return getEncoder().encodeToString(src);
    }

    @SneakyThrows
    public static String decrypt(byte[] cipherContent, String key) {
        byte[] myKeyByte = hexToBytes(key);
        SecretKeySpec skeySpec = new SecretKeySpec(myKeyByte, "Blowfish");
        Cipher dcipher = Cipher.getInstance("Blowfish/ECB/NoPadding");
        dcipher.init(2, skeySpec);
        byte[] dcontent = dcipher.doFinal(cipherContent);
        return (new String(dcontent, "ISO-8859-1")).trim();
    }

    private static byte[] hexToBytes(String str) {
        if (str == null) {
            return null;
        } else if (str.length() < 2) {
            return null;
        } else {
            int len = str.length() / 2;
            byte[] buffer = new byte[len];

            for(int i = 0; i < len; ++i) {
                buffer[i] = (byte)Integer.parseInt(str.substring(i * 2, i * 2 + 2), 16);
            }

            return buffer;
        }
    }

}

// Output
// BY x³

As per the outputs, encryption in GoLang and decryption in Java doesn't produce the same plain text. Initially, thought the problem might be related to golang's byte (0 to 255) and java's byte (-128 to 127) involved in base64 encoding and decoding. But poking in Java's decryption code, it's handled correctly with value & 255.

Decryption of the same cipher text in golang works perfectly. Also encryption and decryption in Java works perfectly. But not the encryption in one and decryption in other.

I think the encryption and decryption logic were correct. Only guess might be there's some language specific ??? is missing when the cipher text is ported to other language for decryption.

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答 默认 最新

  • 已采纳
    duanpin2034 duanpin2034 2018-07-16 08:06
    key := []byte("1c157d26e2db9a96a556e7614e1fbe36")
    

    I believe this piece of code returns byte array of the string itself, not hex decoded value. To get a valid key you may try to use hex decoding

    点赞 评论 复制链接分享

相关推荐