Java 为什么可以';我似乎不能生成相同的基于密码的加密密钥吗?
我正在开发一些Java软件,它需要使用两个独立的软件对网络连接两端的信息进行加密和解密。为了简化这个过程,我有一个类,Cryptographer,处理数据加密。到目前为止,控制器(连接的一端)和代理(另一端)都使用此类根据两个程序之间共享的密码生成SecretKey 密钥是在Cryptographer类的此函数中生成的:Java 为什么可以';我似乎不能生成相同的基于密码的加密密钥吗?,java,encryption,secret-key,Java,Encryption,Secret Key,我正在开发一些Java软件,它需要使用两个独立的软件对网络连接两端的信息进行加密和解密。为了简化这个过程,我有一个类,Cryptographer,处理数据加密。到目前为止,控制器(连接的一端)和代理(另一端)都使用此类根据两个程序之间共享的密码生成SecretKey 密钥是在Cryptographer类的此函数中生成的: public SecretKey generateKey(String key) { this._paramSpec = new PBEParameterSpec(th
public SecretKey generateKey(String key) {
this._paramSpec = new PBEParameterSpec(this.SALT, this.ITERATION_COUNT);
PBEKeySpec spec = new PBEKeySpec(key.toCharArray());
SecretKeyFactory fac = null;
try {
fac = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
System.err.println("[ERR] Cryptographer could not create a SecretKeyFactory due to an unsupported algorithm.");
}
try {
if (fac == null)
return null;
return fac.generateSecret(spec);
} catch (InvalidKeySpecException ex) {
System.err.println("[ERR] Cryptographer could not generate a SecretKey due to an invalid Key Specification.");
ex.printStackTrace();
return null;
}
}
加密本身在加密函数中进行:
public byte[] encrypt(byte[] message) {
try {
this._cipher.init(Cipher.ENCRYPT_MODE, this._key, this._paramSpec);
} catch (InvalidKeyException ex) {
System.err.println("[ERR] Cryptographer could not encrypt a message because the provided key is invalid.");
ex.printStackTrace();
return new byte[0];
} catch (InvalidAlgorithmParameterException ex) {
System.err.println("[ERR] Cryptographer could not encrypt a message because the parameters are invalid.");
ex.printStackTrace();
return new byte[0];
}
try {
return this._cipher.doFinal(message);
} catch (IllegalBlockSizeException ex) {
System.err.println("[ERR] Cryptographer could not encrypt a message due to an illegal block size.");
ex.printStackTrace();
return new byte[0];
} catch (BadPaddingException ex) {
System.err.println("[ERR] Cryptographer could not encrypt a message due to bad padding.");
ex.printStackTrace();
return new byte[0];
}
}
public byte[] decrypt(byte[] message) {
try {
this._cipher.init(Cipher.DECRYPT_MODE, this._key, this._paramSpec);
} catch (InvalidKeyException ex) {
System.err.println("[ERR] Cryptographer could not decrypt a message because the provided key is invalid.");
return new byte[0];
} catch (InvalidAlgorithmParameterException ex) {
System.err.println("[ERR] Cryptographer could not decrypt a message because the parameters are invalid.");
}
try {
return this._cipher.doFinal(message);
} catch (IllegalBlockSizeException ex) {
System.err.println("[ERR] Cryptographer could not decrypt a message due to an illegal block size.");
return new byte[0];
} catch (BadPaddingException ex) {
System.err.println("[ERR] Cryptographer could not decrypt a message due to bad padding.");
return new byte[0];
}
}
然后通过decrypt函数对其进行解密:
public byte[] encrypt(byte[] message) {
try {
this._cipher.init(Cipher.ENCRYPT_MODE, this._key, this._paramSpec);
} catch (InvalidKeyException ex) {
System.err.println("[ERR] Cryptographer could not encrypt a message because the provided key is invalid.");
ex.printStackTrace();
return new byte[0];
} catch (InvalidAlgorithmParameterException ex) {
System.err.println("[ERR] Cryptographer could not encrypt a message because the parameters are invalid.");
ex.printStackTrace();
return new byte[0];
}
try {
return this._cipher.doFinal(message);
} catch (IllegalBlockSizeException ex) {
System.err.println("[ERR] Cryptographer could not encrypt a message due to an illegal block size.");
ex.printStackTrace();
return new byte[0];
} catch (BadPaddingException ex) {
System.err.println("[ERR] Cryptographer could not encrypt a message due to bad padding.");
ex.printStackTrace();
return new byte[0];
}
}
public byte[] decrypt(byte[] message) {
try {
this._cipher.init(Cipher.DECRYPT_MODE, this._key, this._paramSpec);
} catch (InvalidKeyException ex) {
System.err.println("[ERR] Cryptographer could not decrypt a message because the provided key is invalid.");
return new byte[0];
} catch (InvalidAlgorithmParameterException ex) {
System.err.println("[ERR] Cryptographer could not decrypt a message because the parameters are invalid.");
}
try {
return this._cipher.doFinal(message);
} catch (IllegalBlockSizeException ex) {
System.err.println("[ERR] Cryptographer could not decrypt a message due to an illegal block size.");
return new byte[0];
} catch (BadPaddingException ex) {
System.err.println("[ERR] Cryptographer could not decrypt a message due to bad padding.");
return new byte[0];
}
}
加密似乎工作正常,但当我尝试在接收端解密序列化对象时,会抛出InvalidKeyException。通过比较控制器和代理上独立生成的密钥,可以看出,尽管它们来源于相同的密码,但它们不会生成相同的密钥
现在,我还不熟悉Java中的加密,所以完全有可能我在这里做错了什么。似乎我遗漏了一个随机的元素。目标是让连接的每一端从相同的密码生成相同的密钥。那么我做的有什么明显的错误吗?如果您需要查看更多代码,请告诉我。我很乐意发布它。抛出的
InvalidKeyException
向我表明,我将查看密钥在接收端的使用情况。您是否将其存储在数据库或文件中?您确定它与用于加密数据的编码相同吗 也许您没有使用相同的salt?用于生成密钥的密码以明文形式存储,然后读入应用程序并通过密钥生成函数传递。