1

这是在 ECB 和 CBC 中执行 AES 的红宝石代码:


require 'openssl'
require 'base64'
def encrypt(data, key, cipher_type)
  aes = OpenSSL::Cipher::Cipher.new(cipher_type)
  key = key.ljust(32, "\0")
  aes.encrypt
  aes.key = key
  Base64.encode64(aes.update(data) + aes.final).tr("\n","")
end


puts encrypt("XJ5QJSVMKZGBOQO7HMSIJO5BERW2OYWDVNPM3BH32NLSWUCNJ4FIP3BML7EKUBNO", "000000", 'AES-256-ECB')
puts encrypt("XJ5QJSVMKZGBOQO7HMSIJO5BERW2OYWDVNPM3BH32NLSWUCNJ4FIP3BML7EKUBNO", "000000", 'AES-256-CBC')

这是Java等价物:


import org.apache.commons.codec.binary.Base64;

import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

public class AESTest 
{ 
    public static void main(String [] args)
    {
        System.out.println(AESEncryptToBase64("AES/ECB/PKCS5padding", "000000", "XJ5QJSVMKZGBOQO7HMSIJO5BERW2OYWDVNPM3BH32NLSWUCNJ4FIP3BML7EKUBNO"));
        System.out.println(AESEncryptToBase64("AES/CBC/PKCS5padding", "000000", "XJ5QJSVMKZGBOQO7HMSIJO5BERW2OYWDVNPM3BH32NLSWUCNJ4FIP3BML7EKUBNO"));
    }

    /**
     * 
     * @param secret
     * @param cleartext
     * @return encrypted b64 string
     */
    public static String AESEncryptToBase64(String cypher, String secret, String clearText) {
        byte[] rawKey = new byte[32];
        java.util.Arrays.fill(rawKey, (byte) 0);
        byte[] secretBytes = secret.getBytes();
        for(int i = 0; i < secretBytes.length; i++){
            rawKey[i] = secretBytes[i];
        }

        SecretKeySpec skeySpec = new SecretKeySpec(rawKey, "AES");
        try{ 
            Cipher cipher = Cipher.getInstance(cypher);
            cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
            byte[] encryptedData = cipher.doFinal(clearText.getBytes());
            if(encryptedData == null) return null;
            // return "l";
            return Base64.encodeBase64String(encryptedData);
        } catch (Exception e){
            e.printStackTrace();
        }
        return null;      

    }
}

编译:commons jar:http : //apache.mirrors.pair.com//commons/codec/binaries/commons-codec-1.7-bin.zip


 $ javac -cp .:commons-codec-1.7.jar AESTest.java 



$ ruby aestest.rb 
hYnClaUD9brJfNpEp4YDH0l1Y/QBlGkclnVN8MObNZFsvykd2da8iT2pcwLftNfox1HK/KFWrdfXt0qhP0Aq/fudP1FPIhF3vUTOEDzJbiY=
hYnClaUD9brJfNpEp4YDH5xcdKI4W5soPmWMpU+NikmAEKGSZkDP3KaJVSqRyOHt3JlcoyQzPbuoHxPV6kw6GH/4atDrcmCwV5LacTp+mBg=

$ java -cp .:commons-codec-1.7.jar AESTest
hYnClaUD9brJfNpEp4YDH0l1Y/QBlGkclnVN8MObNZFsvykd2da8iT2pcwLftNfox1HK/KFWrdfXt0qhP0Aq/fudP1FPIhF3vUTOEDzJbiY=
kZZNkbxis/W9UtEgRkxakGH28QetvK4lbf/SxBLrNDYPkGnf3w4MwonOCsoi9FjLAQ34aElOJ3KUjm62fiYLWxwNiE/wls7AcQnXLD19ano=

请注意,ECB 模式完全适用于两者。但CBC模式不同。我也在 C 上运行它,结果证明 Ruby 是正确的,Java 不是。

我在 Java 中做错了什么?

4

1 回答 1

3

对于 CBC,您需要提供一个初始化向量,例如:

cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new byte[16]));

在您的代码中有一个 if 语句和两个不同的 init。欧洲央行的那个很好,这个欧洲央行不行。

于 2012-12-07T17:37:01.680 回答