Java CryptoJs解密函数的加密函数
下面的代码是从正确答案中复制的: 如何用Java编写加密函数?我试过类似的方法,但不起作用:Java CryptoJs解密函数的加密函数,java,encryption,aes,salt,cryptojs,Java,Encryption,Aes,Salt,Cryptojs,下面的代码是从正确答案中复制的: 如何用Java编写加密函数?我试过类似的方法,但不起作用: public static String encrypt(String plainText) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeExcep
public static String encrypt(String plainText) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
MessageDigest md5 = MessageDigest.getInstance("MD5");
final byte[][] keyAndIV = generateKeyAndIV(32, 16, 1, getNextSalt(), secret.getBytes(StandardCharsets.UTF_8), md5);
SecretKeySpec skeySpec = new SecretKeySpec(keyAndIV[0], "AES");
IvParameterSpec iv = new IvParameterSpec(keyAndIV[1]);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(plainText.getBytes());
return Base64.getEncoder().encodeToString(encrypted);
}
public static byte[] getNextSalt() {
byte[] salt = new byte[8];
RANDOM.nextBytes(salt);
return salt;
}
encrypt
-方法必须以OpenSSL格式返回数据,该格式包括Salted_uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu的ASCII编码,然后是随机生成的8字节salt和实际的密文,因此数据
但是,请注意,用于OpenSSL格式的密钥派生函数是不安全的,并且不是标准的。encrypt
方法的一个可能扩展是:
public static String encrypt(String plainText) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
byte[] salt = getNextSalt();
MessageDigest md5 = MessageDigest.getInstance("MD5");
final byte[][] keyAndIV = generateKeyAndIV(32, 16, 1, salt, secret.getBytes(StandardCharsets.UTF_8), md5);
SecretKeySpec skeySpec = new SecretKeySpec(keyAndIV[0], "AES");
IvParameterSpec iv = new IvParameterSpec(keyAndIV[1]);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(plainText.getBytes());
byte[] prefix = "Salted__".getBytes(StandardCharsets.US_ASCII);
byte[] prefixSaltEncrypted = new byte[prefix.length + salt.length + encrypted.length];
System.arraycopy(prefix, 0, prefixSaltEncrypted, 0, prefix.length);
System.arraycopy(salt, 0, prefixSaltEncrypted, prefix.length, salt.length);
System.arraycopy(encrypted, 0, prefixSaltEncrypted, prefix.length + salt.length, encrypted.length);
return Base64.getEncoder().encodeToString(prefixSaltEncrypted);
}
encrypt
必须以OpenSSL格式返回数据,即前8个字节是Salted\uuuu
的ASCII编码,然后是8个字节salt,然后是实际的密文,所有内容在串联后都是Base64编码的。盐是随机产生的。据我所知,您的encrypt
-方法缺少到这种OpenSSL格式的转换。顺便说一句,OpenSSL格式是不安全的,不是标准的。你能用代码写下你的答案吗?我会给你正确的答案。非常感谢。
public static String encrypt(String plainText) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
byte[] salt = getNextSalt();
MessageDigest md5 = MessageDigest.getInstance("MD5");
final byte[][] keyAndIV = generateKeyAndIV(32, 16, 1, salt, secret.getBytes(StandardCharsets.UTF_8), md5);
SecretKeySpec skeySpec = new SecretKeySpec(keyAndIV[0], "AES");
IvParameterSpec iv = new IvParameterSpec(keyAndIV[1]);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(plainText.getBytes());
byte[] prefix = "Salted__".getBytes(StandardCharsets.US_ASCII);
byte[] prefixSaltEncrypted = new byte[prefix.length + salt.length + encrypted.length];
System.arraycopy(prefix, 0, prefixSaltEncrypted, 0, prefix.length);
System.arraycopy(salt, 0, prefixSaltEncrypted, prefix.length, salt.length);
System.arraycopy(encrypted, 0, prefixSaltEncrypted, prefix.length + salt.length, encrypted.length);
return Base64.getEncoder().encodeToString(prefixSaltEncrypted);
}