duanouyong4228
2017-03-07 07:50 阅读 60
已采纳

在PHP上使用长密钥,而不是Java

I am trying to convert Java's DESede decryption to PHP's version. However with the same input, PHP cannot provide the identical output.

Java:

public class ThreeDES {

    private KeySpec             keySpec;
    private SecretKeyFactory    keyFactory;
    private Cipher              cipher;
    public ThreeDES( String encryptionScheme, String encryptionKey )
                throws EncryptionException {
        try {
            byte[] keyAsBytes = encryptionKey.getBytes("UTF-8");
            keySpec = new DESedeKeySpec(keyAsBytes);
            keyFactory = SecretKeyFactory.getInstance(encryptionScheme);
            cipher = Cipher.getInstance(encryptionScheme);
        } catch (InvalidKeyException e)
        {
            throw new EncryptionException( e );
        }
        catch (UnsupportedEncodingException e)
        {
            throw new EncryptionException( e );
        }
        catch (NoSuchAlgorithmException e)
        {
            throw new EncryptionException( e );
        }
        catch (NoSuchPaddingException e)
        {
            throw new EncryptionException( e );
        }
    }

    public String decrypt( String encryptedString ) throws EncryptionException {
        try {
            SecretKey key = keyFactory.generateSecret( keySpec );
            cipher.init( Cipher.DECRYPT_MODE, key );
            BASE64Decoder base64decoder = new BASE64Decoder();
            byte[] cleartext = base64decoder.decodeBuffer(encryptedString);
            byte[] ciphertext = cipher.doFinal(cleartext);
            return bytes2String( ciphertext );
        } 
        catch (Exception e)
        {
            throw new EncryptionException( e );
        }
    }

    private static String bytes2String( byte[] bytes )
    {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < bytes.length; i++)
        {
            stringBuffer.append( (char) bytes[i] );
        }
        return stringBuffer.toString();
    }
}

PHP:

function decrypt($key, $data) {
    $mcrypt_module = mcrypt_module_open(MCRYPT_TRIPLEDES, '', MCRYPT_MODE_ECB, '');
    $mcrypt_iv     = mcrypt_create_iv(mcrypt_enc_get_iv_size($mcrypt_module), MCRYPT_RAND);
    $decrypted     = mcrypt_decrypt(MCRYPT_TRIPLEDES, $key, base64_encode($data), MCRYPT_MODE_ECB, $mcrypt_iv);
    mcrypt_module_close($mcrypt_module);
    return pkcs5_unpad($decrypted);
}

function pkcs5_unpad($text) {
    $pad = ord($text{strlen($text)-1});
    if ($pad > strlen($text)) return false;
    if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
    return substr($text, 0, -1 * $pad);
}

Given the following input parameters, PHP is unable to provide identical output:

$key = 'ASDFasdf12348983jklasdfJ2Jaf8';
$encrypted_data = 'cPap7+JIPS4=';

which should decrypt to:

coRef=3

Test codes for Java are as follow:

try {
    String encryptedStr = encrypted_data; // same value as PHP's $encrypted_data
    String decryptedString = "";
    ThreeDES desedeEncrypter = new ThreeDES("DSEede", key); // same value as PHP's $key
    decryptedString = desedeEncrypter.decrypt(encryptedStr);
    System.out.println(decryptedString);
} catch (ThreeDES.EncryptionException e) {
    e.printStackTrace();
}

which outputs: coRef=3. However, the following PHP code raises a warning about key length.

echo decrypt($key, $encrypted_data);

Key of size 29 not supported by this algorithm. Only keys of size 24 supported in...

How do I modify my code to use a key longer than 24 characters?

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

1条回答 默认 最新

  • 已采纳
    douan9541 douan9541 2017-03-07 09:02

    well, this is weird ,

    Triple Des only accepts 24 bytes as it's key

    Each DES key is nominally stored or transmitted as 8 bytes, each of odd parity,[12] so a key bundle requires 24 bytes for option 1, 16 for option 2, or 8 for option 3.

    so i think that the problem is in here

    DESedeKeySpec object :

    /**
         * Uses the first 24 bytes in <code>key</code> as the DES-EDE key.
         * <p>
         * The bytes that constitute the DES-EDE key are those between
         * <code>key[0]</code> and <code>key[23]</code> inclusive
         *
         * @param key the buffer with the DES-EDE key material.
         * @exception InvalidKeyException if the given key material is shorter
         * than 24 bytes.
    */
    

    so i think that DESedeKeySpec is kind of trimming your 29 length key to 24 to fit it with the tribledes requirements .

    EDIT another important note that mcrypt_* extension has been deprecated .

    This function has been DEPRECATED as of PHP 7.1.0. Relying on this function is highly discouraged.

    点赞 评论 复制链接分享

相关推荐