doudong3570 2014-07-30 12:26
浏览 78
已采纳

Java端的AES加密 - 在PHP端解密并选择单个密钥

I am using AES and I want to settle for a key which I can use on the Java side to encrypt a string, I hardcode the same key on php side and decrypt the string if the strings match I am authenticated to step inside.

Following is my code in Java: 

public class AESencrp {

     private static final String ALGO = "AES";
    private static final byte[] keyValue = 
        new byte[] { 'T', 'h', 'e', 'B', 'e', 's', 't',
'S', 'e', 'c', 'r','e', 't', 'K', 'e', 'y' };

public static String encrypt(String Data) throws Exception {
        Key key = generateKey();
        Cipher c = Cipher.getInstance(ALGO);
        c.init(Cipher.ENCRYPT_MODE, key);
        byte[] encVal = c.doFinal(Data.getBytes());
        String encryptedValue = new BASE64Encoder().encode(encVal);
        return encryptedValue;
    }

    public static String decrypt(String encryptedData) throws Exception {
        Key key = generateKey();
        Cipher c = Cipher.getInstance(ALGO);
        c.init(Cipher.DECRYPT_MODE, key);
        byte[] decordedValue = new BASE64Decoder().decodeBuffer(encryptedData);
        byte[] decValue = c.doFinal(decordedValue);
        String decryptedValue = new String(decValue);
        return decryptedValue;
    }
    private static Key generateKey() throws Exception {
        Key key = new SecretKeySpec(keyValue, ALGO);
        return key;
}

}

Here is the function I use in PHP: 

function fnDecrypt()
{
 // echo $_POST['key'];
 $sValue = $_POST['key']; 
 $sSecretKey = "TheBestSecretKey";
    return rtrim(
        mcrypt_decrypt(
            MCRYPT_RIJNDAEL_256, 
            $sSecretKey, 
            base64_decode($sValue), 
            MCRYPT_MODE_CBC,
            mcrypt_create_iv(
                mcrypt_get_iv_size(
                    MCRYPT_RIJNDAEL_256,
                    MCRYPT_MODE_CBC
                ), 
                MCRYPT_RAND
            )
        ), "\0"
    );
}

However it seems, that I always get different decrypted text on php side, I feel the issue is with the key, while as I am hard coding it, this behavior should not occur, any hints?

  • 写回答

2条回答 默认 最新

  • duandao7704 2014-07-30 14:00
    关注

    There seem to be a few things you are doing wrong, I'll go over these in order:

    Always specify "Algorithm/Mode/Padding" when creating an instance of Cipher in Java. Otherwise you never know which mode and padding will be used, which is especially problematic if you want to pass encrypted data between different platforms and programming languages, since they will probably have different defaults. (for example Java's default padding is PKCS1Padding where as PHP's mcrypt_decrypt() requires ZeroBytePadding)
    So initialize ALGO with:

    /* ZeroBytePadding should better not be used in practice */
private static final String ALGO = "AES/CBC/ZeroBytePadding";

    As Roland Jansen has already mentioned, is the Java AES the 128-bit version. So use in PHP:

    MCRYPT_RIJNDAEL_128

    Third, you must always specify a different random IV for every encryption (must not be secret). You then must use the same IV for decryption. So you will also have to generate an IV in java that you then pass to PHP and use for decryption there.

    byte[] iv = new byte[16]; // must be 16 bytes for AES-128
new SecureRandom().nextBytes(iv); // generate random bytes
IvParameterSpec ivSpec = new IvParameterSpec(iv);

/* create instance of Cipher and keys */

cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);

    As of now you also generate a random IV in PHP, which will obviously not lead to the desired plaintext. So do the following in php for decryption:

     $key = "{insert Java encryption key here}";
 $iv; = "{insert Java encryption IV here}";

 mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertext, MCRYPT_MODE_CBC, $iv);

    If it still does not work after these fixes, the problem is probably the encoding of the ciphertext- or the key/IV-Strings. Try to make sure that you pass exactly the same data to PHP which you receive from cipher.doFinal in Java then.

    I hope, I could help you.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

  • java 文件aes加密解密,java实现AES加密解密 -- 对文件的加密解密
    2021-04-22 18:37
    yannqing的博客 对文件的加密解密但是这样写的工具类Cipher ,会出现一个异常,在Linux中会解密失败,具体解决办法,见另一篇博客:https://blog..net/weixin_43276786/article/details/90381086工具类:package cn.com.dh.util;...
  • xxtea/aes加密解密工具
    2019-03-07 15:14
    总结来说,XXtea/aes加密解密工具结合了XXtea和AES两种加密算法,利用OpenSSL库提供强大的加密能力,同时支持lua语言集成,适用于游戏开发和数据保护场景。通过使用这样的工具,开发者可以更便捷地对文件和数据进行...
  • php-使用php开发的cipher加密算法之MonoAlphabeticCipher-加密算法实现.zip
    2024-03-01 06:13
    通过研究这些文件,你可以深入理解MonoAlphabetic Cipher的PHP实现,并可能了解到如何自定义密钥、处理大写字母和小写字母、以及如何解密等扩展功能。 总的来说,MonoAlphabetic Cipher虽然在安全性上不敌现代加密...
  • php-使用php开发的cipher加密算法之MorseCode-加密算法实现.zip
    2024-03-01 06:16
    虽然它的安全性可能不如现代加密标准如AES(高级加密标准),但它作为一个有趣的练习,可以帮助开发者了解加密的基本原理,以及如何在PHP中实现自定义加密算法。通过学习和实践这样的项目,可以提升编程技巧,增强对...
  • java AES 加密工具类,以及CBC和ECB的区别
    2025-04-29 14:20
    有糖就会笑的孩的博客 以下是一个基于Java实现的AES加密解密工具类,支持CBC和ECB模式,包含Base64编码转换和异常处。
  • CryptoJS中AES实现前后通用加解密技术
    2020-10-17 15:09
    在前后加密解密过程中可能会遇到的问题之一是块大小异常(IllegalBlockSizeException)。这通常发生在解密数据时,如果数据长度不是块大小(AES加密通常块大小为16字节)的整数倍时就会抛出此异常。为了解决这个...
  • 128位AES加密算法C语言实现
    2020-11-26 23:30
    用C语言实现的128位AES加密算法,可以运行在JAVA的JNI 中AIS加密算法c语言实现代码 nt cnt for(ent =0: cnt< 8: cnt++) BvtcToBit(*(ch+cnt), bit+(ent<<3)) return /将二进制位串转为长度为8的字符串水 ...
  • Java】全网最详细的对称加密AES详解
    2024-08-21 14:08
    你住过的屋檐的博客 AES(Advanced Encryption Standard,高级加密标准)是一种对称加密算法,用于加密电子数据。它是由比利时密码学家Joan Daemen和Vincent Rijmen设计的,并于2001年由美国国家标准与技术研究院(NIST)采纳为官方标准...
  • Java中实现数据加密和解密
    2024-06-26 14:49
    微赚淘客系统@聚娃科技的博客 在实际应用中,建议将加密解密逻辑封装为独立的服务或模块,通过合适的包管理工具(如Maven或Gradle)引入依赖,确保代码的模块化和安全性。通过上述示例,我们可以看到如何在Java中使用AES和RSA算法进行数据加密和...
  • 使用weixin-java-miniapp配置进行单个小程序的配置详解
    2020-10-17 05:52
    在开发微信小程序的后接口时,`weixin-java-miniapp` 是一个非常有用的 Java 库,它提供了方便的 SDK,使得与小程序交互变得更加简单。本文将深入介绍如何使用 `weixin-java-miniapp` 配置来设置单个小程序。 ...
  • 没有解决我的问题, 去提问