1

我已将基于 C# 的解密函数翻译成 Java。它工作正常,可用于解密已由 C# 程序加密的密码。这是源代码:

import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;

public class TestDecrpt {
    public static void main(String[] args) throws Exception {
        String data = "encrypted data";
        String sEncryptionKey = "encryption key";
        byte[] rawData = new Base64().decode(data);
        byte[] salt = new byte[8];
        System.arraycopy(rawData, 0, salt, 0, salt.length);

        Rfc2898DeriveBytes keyGen = new Rfc2898DeriveBytes(sEncryptionKey, salt);

        byte[] IV = keyGen.getBytes(128 / 8);
        byte[] keyByte = keyGen.getBytes(256 / 8);

        Key key = new SecretKeySpec(keyByte, "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(IV));
        int pureDataLength = rawData.length - 8;
        byte[] pureData = new byte[pureDataLength];
        System.arraycopy(rawData, 8, pureData, 0, pureDataLength);
        String plaintext = new String(cipher.doFinal(pureData), "UTF-8").replaceAll("\u0000", "");
        System.out.println(plaintext);
    }
}

我按照它的算法来编写加密函数。代码是:

import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
import java.security.SecureRandom;


public class testEncrypt {
    public static void main(String[] args) throws Exception {
        String data = "Welcome2012~1@Welcome2012~1@Welcome2012~1@Welcome2012~1@Welcome2012~1@";
        String sEncryptionKey = "encryption key"; # the same key
        byte[] rawData = new Base64().decode(data);
        SecureRandom random = new SecureRandom();
        byte[] salt = new byte[8];
        random.nextBytes(salt);
        Rfc2898DeriveBytes keyGen = new Rfc2898DeriveBytes(sEncryptionKey, salt);

        byte[] IV = keyGen.getBytes(128 / 8);
        byte[] keyByte = keyGen.getBytes(256 / 8);

        Key key = new SecretKeySpec(keyByte, "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(IV));
        byte[] out2 = cipher.doFinal(rawData);

        byte[] out = new byte[8 + out2.length];
        System.arraycopy(salt, 0, out, 0, 8);
        System.arraycopy(out2, 0, out, 8, out2.length);
        //String outStr=new String(out,"UTF-8");
        String outStr = new Base64().encodeToString(out);
        System.out.println(outStr);
        System.out.print(outStr.length());

    }
}

但是加密后的数据无法正确解密,总是返回垃圾码,比如

ꉜ뙧巓妵峩枢纽펶땝ꉜ뙧巓妵峩枢纽펶땝ꉜ뙧巓。</p>

加密功能有问题吗?

==================================================== =============================== [更新] 改代码后

byte[] rawData = data.getBytes("UTF-8");

数据可以成功加密和解密。但是,在 Java 中加密的数据无法在 C# 中正确解密。这是C#版本的解密函数:

using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;


namespace Test
{
    class Program
    {
        public static void Main(string[] args)
        {
                string data="EncryptedData";
                string sEncryptionKey="EncryptionKey";

                byte[] rawData = Convert.FromBase64String(data);
                byte[] salt = new byte[8];
                for (int i = 0; i < salt.Length; i++)
                    salt[i] = rawData[i];

                Rfc2898DeriveBytes keyGenerator = new Rfc2898DeriveBytes(sEncryptionKey, salt);
                Rijndael aes = Rijndael.Create();
                aes.IV = keyGenerator.GetBytes(aes.BlockSize / 8);
                aes.Key = keyGenerator.GetBytes(aes.KeySize / 8);

                using (MemoryStream memoryStream = new MemoryStream())
                using (CryptoStream cryptoStream = new CryptoStream(memoryStream, aes.CreateDecryptor(), CryptoStreamMode.Write))
                {
                    cryptoStream.Write(rawData, 8, rawData.Length - 8);
                    cryptoStream.Close();

                    byte[] decrypted = memoryStream.ToArray();
                    Console.Out.WriteLine(Encoding.Unicode.GetString(decrypted));
                    Console.In.ReadLine();
                }

        }
    }
}

我发现原始代码使用“Unicode”作为输出格式,

Encoding.Unicode.GetString(decrypted)

所以我将我的 Java 代码更改为“Unicode”。

在 Java 中解密:

String plaintext = new String(cipher.doFinal(pureData), "Unicode");
System.out.println(plaintext);

对于 Java 中的加密:

byte[] rawData = data.getBytes("Unicode");

但是用C#代码解密已经被Java程序加密的数据还是会遇到垃圾代码。

我该如何解决这个问题?有什么神奇的技巧吗?

[上次更新] 使用“UTF-16LE”而不是“UTF-8”后,问题消失了。似乎“UTF-16LE”是Java相当于C#的“Unicode”。

4

1 回答 1

3

这就是问题:

String data = "Welcome2012~1@Welcome2012~1@Welcome2012~1@Welcome2012~1@Welcome2012~1@";
byte[] rawData = new Base64().decode(data);

该文本并不意味着是 base64 编码的二进制数据。这只是文字。您为什么要尝试将其解码为 base64 数据?

你要:

byte[] rawData = data.getBytes("UTF-8");

这样,当您稍后编写时:

String plaintext = new String(cipher.doFinal(pureData), "UTF-8")
                                    .replaceAll("\u0000", "");

你正在做相反的动作。(诚​​然,您可能不需要replaceAll电话,但那是另一回事。)

对于这样的事情,你需要确保你在“出去”的路上所采取的步骤与在“进来”的路上所采取的步骤相反。所以在正确的代码中,你有:

Unencrypted text data => unencrypted binary data (encode via UTF-8)
Unencrypted binary data => encrypted binary data (encrypt with AES)
Encrypted binary data => encrypted text data (encode with base64)

所以要反转,我们这样做:

Encrypted text data => encrypted binary data (decode with base64)
Encrypted binary data => unencrypted binary data (decrypt with AES)
Unencrypted binary data => unencrypted text data (decode via UTF-8)
于 2012-08-07T03:42:51.637 回答