用Golang解密用Java加密的内容（无iv）

Wenn I try to decrypt a string, encrypted in Java I get an error: "cipher: message authentication failed".

Does java inputOffset from AESCipher.engineDoFinal(byte[] input, int inputOffset, int inputLen) meens the same as the Go nonceSize in my code?

And is "NewGCMWithNonceSize" a right one decoder for my issue?

Thanks for help. Working solution:

JAVA

public static String encryptGCM(String data) throws CryptException {
    try {
        SecureRandom random = SecureRandom.getInstanceStrong();
        byte[] iv = new byte[12];
        random.nextBytes(iv);
        log.trace("IV: {}", Arrays.toString(iv));
        Key key = generateGcmKey();
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        GCMParameterSpec spec = new GCMParameterSpec(128, iv);
        cipher.init(Cipher.ENCRYPT_MODE, key, spec);
        byte[] cipherText = cipher.doFinal(data.getBytes("UTF-8"));
        log.trace("encrypted: {}", Arrays.toString(cipherText));
        byte[] result = new byte[cipherText.length + iv.length];
        System.arraycopy(iv, 0, result, 0, iv.length);
        System.arraycopy(cipherText, 0, result, iv.length, cipherText.length);
        log.trace("Not encoded result: {}", Arrays.toString(result));
        return Base64.getEncoder().encodeToString(result);
    } catch (Exception ex) {
        log.error("Failure occured while encrypt text value!", ex);
        throw new CryptException(data, ex);
    }
}

private static Key generateGcmKey() throws CryptException {
    try {
        SecretKey originalKey = new SecretKeySpec(KEY.getBytes(), 0, KEY.getBytes().length, ALGO);
        log.trace("Encoded key: {}", Base64.getEncoder().encodeToString(originalKey.getEncoded()));
        return originalKey;
    } catch (Exception ex) {
        log.error("Failure occured while generate key!", ex);
        throw new CryptException("Failure occured while generate key!", ex);
    }
}

func decode(data string) (string, error) {
  ciphertext, _ := base64.StdEncoding.DecodeString(data)
  key, _ := base64.URLEncoding.DecodeString(decodeKey)
  c, err := aes.NewCipher([]byte(key))
  if err != nil {
    return "", err
  }

  gcm, err := cipher.NewGCM(c)
  if err != nil {
    return "", err
  }

   nonceSize := 12
   if len(ciphertext) < nonceSize {
     return  "", errors.New("ciphertext too short")
   }

   nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:]

   result, err := gcm.Open(nil, nonce, ciphertext, nil)
   if err != nil {
     return "", err
   }
   return string(result), nil
 }

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douzhao2047 2018-06-28 09:15
关注
As noted in the comments to the question the follwing code is not secure since it uses the ECB mode of operation for encryption which should not be considered secure.

The problem is that GCM expects the underlying encrypted data to contain authentification information. This information is not supplied by your Java implementation.

Instead you can use your created AES cipher directly to loop over the blocks of the message. This could look like this:

func decode(data string) (string, error) { ciphertext, err := base64.StdEncoding.Decode(data) if err != nil { return "", err } c, err := aes.NewCipher([]byte(DECODE_KEY)) if err != nil { return "", err } result := make([]byte, len(ciphertext)) for i := 0; i < len(ciphertext); i += aes.BlockSize { c.Decrypt(result[i:], ciphertext[i:]) } return string(result), nil }

Each call to c.Decrypt decrypts one block from ciphertext into result as noted in the documentation. Also notice that the increment between loop iterations is the block size of the AES cipher.

The last block may contain padding, which you still need to remove.
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

用Golang解密用Java加密的内容（无iv） java
2018-06-28 07:39

回答 1 已采纳 As noted in the comments to the question the follwing code is not secure since it uses the ECB mod
使用golang解密使用php openssl_encrypt加密的文件 php
2018-04-13 06:29

回答 1 已采纳 Let's take a step back and simplify: // encrypt.php <?php $iv = base64_decode("AJf3QItKM7+Lkh
缺少前16个字符：Java AES CBC加密和golang解密 java
2017-05-20 01:57

回答 1 已采纳 From the Go code you shared in your playground: // The IV needs to be unique, but not secure. The
使用golang AES加密 java解密遇到的问题
2022-03-07 18:11

bannana119的博客前两天，准备写一个文件打标程序，设想的是使用golang在文件的末尾添加一串加密的内容，然后使用java读取文件中加密的内容并解密，为了安全使用的是AES加密。代码部分golang：加密解密 package util import ...
如何使用Golang解密AES加密的传输流段？
2018-01-02 07:56

回答 1 已采纳 Your iv is indeed too short so the openssl just padded zero for you: openssl aes-128-cbc -d -in e
Golang解密使用Node.js加密的字符串 node.js
2015-10-22 13:57

回答 1 已采纳 In OpenSSL 'aes256' is equivalent to 'aes-256-cbc'. So your use of NewCFBDecrypter seems off. Othe
AES CBC：JavaScript / CryptoJS加密-> Golang解密 javascript
2019-03-22 21:30

回答 2 已采纳 I'm still not totally sure why previous attempts have failed. It could have been one of many the d
Golang Java 互转AES加密
2023-03-21 18:39

谱写的博客 Golang Java 互转AES加密
在Golang中解密在Python AES CFB中加密的内容 python
2017-06-30 15:27

回答 1 已采纳 Try encrypting from Python like this. The result can then be unencrypted from Go successfully.
使用AES 256 CTR在Node JS中加密和在Golang中解密 node.js
2017-12-08 19:21

回答 1 已采纳 It is your NodeJS code that is incorrect. CTR mode requires an IV, calling crypto.createCipher is
如何解密在nodejs中加密的golang中的AES256位密码？ node.js
2017-06-12 11:50

回答 1 已采纳 I solved this problem with help from @osgx These are the things that I needed to change to decryp
Golang里的AES加密、解密
2022-10-20 15:33

杰哥的技术杂货铺的博客 Golang里的AES加密、解密
从PHP到Golang的aes-256-gcm解密 php
2018-10-01 22:45

回答 1 已采纳 Normally an encrypted message looks like IV+ciphertext+tag, not ciphertext+IV+tag. When one deviat
Golang AES加密解密
2022-07-21 19:04

beyond阿亮的博客 GolangAES加密解密
Java和go加密，解密，Base64失败
2020-11-04 15:27

陳英傑的博客在客户端和go后台对接口的时候，加解密出现了问题记录。问题主要出现在base64上，刚开始Android使用 import android.util.Base64; public class AesUtil { public static String encryptEcb(String content, ...
没有解决我的问题, 去提问

悬赏问题

¥15 drone 推送镜像时候 purge: true 推送完毕后没有删除对应的镜像,手动拷贝到服务器执行结果正确在样才能让指令自动执行成功删除对应镜像，如何解决？
¥15 求daily translation（DT）偏差订正方法的代码
¥15 js调用html页面需要隐藏某个按钮
¥15 ads仿真结果在圆图上是怎么读数的
¥20 Cotex M3的调试和程序执行方式是什么样的？
¥20 java项目连接sqlserver时报ssl相关错误
¥15 一道python难题3
¥15 牛顿斯科特系数表表示
¥15 arduino 步进电机
¥20 程序进入HardFault_Handler

用Golang解密用Java加密的内容（无iv）

1条回答 默认 最新

悬赏问题

1条回答默认最新