0

我想使用 PBE 生成其他加密密钥。

public SecretKey generateKey(String Ags) throws Exception {
    // make password
    PBEKeySpec keySpec = new PBEKeySpec(this.password.toCharArray(),this.salt,20,56);

    SecretKeyFactory keyFactory = SecretKeyFactory
            .getInstance("PBE");
    SecretKey key = keyFactory.generateSecret(keySpec);
    System.out.println();

    /*
    KeyGenerator kg = KeyGenerator.getInstance("AES");
    kg.init(k);
    //
    SecretKey FINAL_key = new SecretKeySpec(key.getEncoded(), "AES");
    */
    return null;
}

我的基本想法是先使用PBEKeySpecandSecretKeyFactory生成 PBE 密钥,然后获取前几个字节,比如说 10 个字节,来生成 AES 密钥。但是,在网上搜索后,我仍然不知道如何获得最终的密钥作为byte[]. key.getEncoded()只会给我输入密码。我如何获得最终的密钥byte[]

4

1 回答 1

0

据我通过阅读文档了解,我了解如果要创建 AES 密钥,则需要为算法提供至少 128 位的密钥。

SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");

所以要生成密钥为什么你坚持从 PBE 密钥中获取 128 位,而不是你可以使用

byte[] key = (Password+Username).getBytes("UTF-8"); // depends on your implementation
MessageDigest sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16); // AES uses 16 byte of key as a parameter (?)

您还可以使用 PBE 密钥来提供 SHA 并以这种方式获取字节。好的,让我们转向您的问题,这是我的安全文件夹中的完整工作代码,我记得这对我有用,请随时提出任何问题。在下面的代码中,如果您检查,您会看到密钥是使用pbeKeySpec生成的, 但是当我查看代码时,我看不出您的错误是什么。

public void testPBEWithSHA1AndAES() throws Exception {
        String password = "test";
        String message = "Hello World!";

        byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };
        byte[] iv = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99,
                (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };

        int count = 1024;
        // int keyLength = 256;
        int keyLength = 128;

        String cipherAlgorithm = "AES/CBC/PKCS5Padding";
        String secretKeyAlgorithm = "PBKDF2WithHmacSHA1";
        SecretKeyFactory keyFac = SecretKeyFactory
                .getInstance(secretKeyAlgorithm);
        PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt,
                count, keyLength);
        SecretKey tmp = keyFac.generateSecret(pbeKeySpec);
        SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
        Cipher ecipher = Cipher.getInstance(cipherAlgorithm);
        ecipher.init(Cipher.ENCRYPT_MODE, secret, new IvParameterSpec(iv));

        // decrypt
        keyFac = SecretKeyFactory.getInstance(secretKeyAlgorithm);
        pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, count,
                keyLength);
        tmp = keyFac.generateSecret(pbeKeySpec);
        secret = new SecretKeySpec(tmp.getEncoded(), "AES");
        // AlgorithmParameters params = ecipher.getParameters();
        // byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
        Cipher dcipher = Cipher.getInstance(cipherAlgorithm);
        dcipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));

        byte[] encrypted = ecipher.doFinal(message.getBytes());
        byte[] decrypted = dcipher.doFinal(encrypted);
        assertEquals(message, new String(decrypted));

        ByteArrayOutputStream out = new ByteArrayOutputStream();
        CipherOutputStream cipherOut = new CipherOutputStream(out, ecipher);
        cipherOut.write(message.getBytes());
        StreamUtils.closeQuietly(cipherOut);
        byte[] enc = out.toByteArray();

        ByteArrayInputStream in = new ByteArrayInputStream(enc);
        CipherInputStream cipherIn = new CipherInputStream(in, dcipher);
        ByteArrayOutputStream dec = new ByteArrayOutputStream();
        StreamUtils.copy(cipherIn, dec);
        assertEquals(message, new String(dec.toByteArray()));
    }
于 2012-12-07T20:48:45.143 回答