doudong3570 2014-07-30 12:26
浏览 78
已采纳

Java端的AES加密 - 在PHP端解密并选择单个密钥

I am using AES and I want to settle for a key which I can use on the Java side to encrypt a string, I hardcode the same key on php side and decrypt the string if the strings match I am authenticated to step inside.

Following is my code in Java: 

public class AESencrp {

     private static final String ALGO = "AES";
    private static final byte[] keyValue = 
        new byte[] { 'T', 'h', 'e', 'B', 'e', 's', 't',
'S', 'e', 'c', 'r','e', 't', 'K', 'e', 'y' };

public static String encrypt(String Data) throws Exception {
        Key key = generateKey();
        Cipher c = Cipher.getInstance(ALGO);
        c.init(Cipher.ENCRYPT_MODE, key);
        byte[] encVal = c.doFinal(Data.getBytes());
        String encryptedValue = new BASE64Encoder().encode(encVal);
        return encryptedValue;
    }

    public static String decrypt(String encryptedData) throws Exception {
        Key key = generateKey();
        Cipher c = Cipher.getInstance(ALGO);
        c.init(Cipher.DECRYPT_MODE, key);
        byte[] decordedValue = new BASE64Decoder().decodeBuffer(encryptedData);
        byte[] decValue = c.doFinal(decordedValue);
        String decryptedValue = new String(decValue);
        return decryptedValue;
    }
    private static Key generateKey() throws Exception {
        Key key = new SecretKeySpec(keyValue, ALGO);
        return key;
}

}

Here is the function I use in PHP: 

function fnDecrypt()
{
 // echo $_POST['key'];
 $sValue = $_POST['key']; 
 $sSecretKey = "TheBestSecretKey";
    return rtrim(
        mcrypt_decrypt(
            MCRYPT_RIJNDAEL_256, 
            $sSecretKey, 
            base64_decode($sValue), 
            MCRYPT_MODE_CBC,
            mcrypt_create_iv(
                mcrypt_get_iv_size(
                    MCRYPT_RIJNDAEL_256,
                    MCRYPT_MODE_CBC
                ), 
                MCRYPT_RAND
            )
        ), "\0"
    );
}

However it seems, that I always get different decrypted text on php side, I feel the issue is with the key, while as I am hard coding it, this behavior should not occur, any hints?

  • 写回答

2条回答 默认 最新

  • duandao7704 2014-07-30 14:00
    关注

    There seem to be a few things you are doing wrong, I'll go over these in order:

    Always specify "Algorithm/Mode/Padding" when creating an instance of Cipher in Java. Otherwise you never know which mode and padding will be used, which is especially problematic if you want to pass encrypted data between different platforms and programming languages, since they will probably have different defaults. (for example Java's default padding is PKCS1Padding where as PHP's mcrypt_decrypt() requires ZeroBytePadding)
    So initialize ALGO with:

    /* ZeroBytePadding should better not be used in practice */
private static final String ALGO = "AES/CBC/ZeroBytePadding";

    As Roland Jansen has already mentioned, is the Java AES the 128-bit version. So use in PHP:

    MCRYPT_RIJNDAEL_128

    Third, you must always specify a different random IV for every encryption (must not be secret). You then must use the same IV for decryption. So you will also have to generate an IV in java that you then pass to PHP and use for decryption there.

    byte[] iv = new byte[16]; // must be 16 bytes for AES-128
new SecureRandom().nextBytes(iv); // generate random bytes
IvParameterSpec ivSpec = new IvParameterSpec(iv);

/* create instance of Cipher and keys */

cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);

    As of now you also generate a random IV in PHP, which will obviously not lead to the desired plaintext. So do the following in php for decryption:

     $key = "{insert Java encryption key here}";
 $iv; = "{insert Java encryption IV here}";

 mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertext, MCRYPT_MODE_CBC, $iv);

    If it still does not work after these fixes, the problem is probably the encoding of the ciphertext- or the key/IV-Strings. Try to make sure that you pass exactly the same data to PHP which you receive from cipher.doFinal in Java then.

    I hope, I could help you.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 怎么获取下面的: glove_word2id.json和 glove_numpy.npy 这两个文件
  • ¥15 js调用html页面需要隐藏某个按钮
  • ¥15 ads仿真结果在圆图上是怎么读数的
  • ¥20 Cotex M3的调试和程序执行方式是什么样的?
  • ¥20 java项目连接sqlserver时报ssl相关错误
  • ¥15 一道python难题3
  • ¥15 牛顿斯科特系数表表示
  • ¥15 arduino 步进电机
  • ¥20 程序进入HardFault_Handler
  • ¥15 oracle集群安装出bug