dta38159
2013-04-09 12:20
浏览 173
已采纳

Java和PHP对称加密(DES)

I need to have a basic/simple String encryption (i.e. low security is good enough, I just want to avoid that the communication is human readable) between my Java client application and the PHP server.

I opted thus for the symmetric DES encryption as it doesn't require any key exchange (same key will be used on client and on server) + it doesn't require Java Security Policy updates for longer keys. I also encode/decode Base64 as the data gets sent by a Http post.

Unfortunately my code doesn't work as decrypted text doesn't match input.

My Java code to encrypt:

SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
DESKeySpec keySpecEncrypt = new DESKeySpec(ParamsProvider.SERVER_ECRYPTION_SECRETKEY2); //Secret key is a byte[8] = {1, 2, 3, 4, 5, 6, 7, 8}
SecretKey keyEncrypt = keyFactory.generateSecret(keySpecEncrypt);

// Create the cipher 
Cipher desCipher = Cipher.getInstance("DES/CFB8/NoPadding");

// Initialize the cipher for encryption
desCipher.init(Cipher.ENCRYPT_MODE, keyEncrypt);

// Encrypt the text
byte[] textEncrypted = desCipher.doFinal(data.getBytes("UTF-8"));

//B64 encoding and return
byte[] encryptedB64ByteArray = (new org.apache.commons.codec.binary.Base64()).encode(textEncrypted);
return new String(encryptedB64ByteArray, "UTF8");

My PHP code to decrypt:

function decrypt($message) {
    $secret_key = array(1, 2, 3, 4, 5, 6, 7, 8);
    $decodedMsg = base64_decode($message);
    return base64_decode(mcrypt_decrypt(MCRYPT_DES, $key, $decodedMsg, MCRYPT_MODE_CFB));
}

My best guess is that my Java and PHP en/decryption parameters are not equal (e.g. CFB8 mode) but I have no clue on how to solve this.

Any help or hint would be greatly appreciated (I already lost a few hours on this one), Cheers, Thomas

图片转代码服务由CSDN问答提供 功能建议

我需要一个基本/简单的字符串加密(即低安全性就足够了,我只是想避免这种情况 我的Java客户端应用程序和PHP服务器之间的通信是人类可读的。

因此我选择了对称DES加密,因为它不需要任何密钥交换(将使用相同的密钥) 在客户端和服务器上)+它不需要更长密钥的Java安全策略更新。 我也编码/解码Base64,因为数据是由Http帖子发送的。

不幸的是我的 代码不起作用,因为解密文本与输入不匹配。

我要加密的Java代码:

  SecretKeyFactory keyFactory = SecretKeyFactory。  getInstance(“DES”); 
DESKeySpec keySpecEncrypt = new DESKeySpec(ParamsProvider.SERVER_ECRYPTION_SECRETKEY2);  //密钥是一个字节[8] = {1,2,3,4,5,6,7,8} 
SecretKey keyEncrypt = keyFactory.generateSecret(keySpecEncrypt); 
 
 //创建密码
Cipher  desCipher = Cipher.getInstance(“DES / CFB8 / NoPadding”); 
 
 //初始化加密密码
desCipher.init(Cipher.ENCRYPT_MODE,keyEncrypt); 
 
 //加密文本
byte [  ] textEncrypted = desCipher.doFinal(data.getBytes(“UTF-8”)); 
 
 // B64编码并返回
byte [] encryptedB64ByteArray =(new org.apache.commons.codec.binary.Base64()  ).encode(textEncrypted); 
return new String(encryptedB64ByteArray,“UTF8”); 
   
 
 

我要解密的PHP代码:

  function decrypt($ message){
 $ secret_key = array(1,2,3,4,5,6,7,8); 
 $ decodingMsg = base64_decode($ message); 
  return base64_decode(mcrypt_decrypt(MCRYPT_DES,$ key,$ decodingMsg,MCRYPT_MODE_CFB)); 
} 
   
 
 

我最好的猜测是我的Java和PHP en / decryption参数 是不相等的(例如CFB8模式),但我不知道如何解决 这个。

我将非常感谢任何帮助或提示(我已经在这个问题上丢失了几个小时), 我们, Thomas

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

3条回答 默认 最新

  • doufu6130 2013-04-09 19:34
    已采纳

    Thanks for the hints.

    Unfortunately none of them worked out for me.

    I finally solved it based on this code: https://github.com/stevenholder/PHP-Java-AES-Encrypt

    Cheers, Thomas

    点赞 评论
  • douduan9391 2013-04-09 12:44

    You have too choose a padding method, read this With the php code at the link of @Jon you haveto choose the PKCS#5-padding:

    // Create the cipher 
    Cipher desCipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
    
    点赞 评论
  • douzhuozhu9544 2013-04-13 18:10

    I had the same problem in the context of RSA (java:encryption, php:decryption), solved my problem the following way: in the keyPair-generation in increased the 'initialize' value from 512 to 1024. and it works. the hint i followed was here: http://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html where it states that every java-implementation has to implement at least: ... RSA/ECB/PKCS1Padding (1024, 2048) ... so maybe the result of the keygeneration was not compatible

    点赞 评论

相关推荐 更多相似问题