0

我正在我的 android 应用程序上使用 AES 加密,但我遇到了问题。我希望我的应用程序使用 Aes_256_Cbc 算法加密密码。每次加密的字符串都必须不同,这就是为什么我每次都需要一个真正随机的 iv。我必须加密这个词的代码是:

import android.content.Context;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class Encryptor
{
Context context;
private static final String WORD = "aefbjolpigrschnx";
private static final String KEY = "kumyntbrvecwxasqertyplmqazwsxedc";
private final static String HEX = "0123456789ABCDEF";


public Encryptor(Context c)
{
    context = c;
}

public String getEncryptedPasswd()
{
    String ivHex = "";
    String encryptedHex = "";

    try 
    {
        SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
        byte[] iv = new byte[16];
        random.nextBytes(iv);
        ivHex = toHex(iv);
        IvParameterSpec ivspec = new IvParameterSpec(iv);
        SecretKeySpec skeySpec = new SecretKeySpec(KEY.getBytes("UTF-8"), "AES");


        Cipher encryptionCipher = Cipher.getInstance("AES/CBC");
        encryptionCipher.init(Cipher.ENCRYPT_MODE, skeySpec, ivspec);
        byte[] encryptedText = encryptionCipher.doFinal(WORD.getBytes("UTF-8"));
        encryptedHex = toHex(encryptedText);
    } 
    catch (Exception e) 
    {
    }
    return ivHex + encryptedHex;
}

public static String toHex(byte[] buf) 
{
    if (buf == null)
    {
        return "";
    }       
    StringBuffer result = new StringBuffer(2 * buf.length);
    for (int i = 0; i < buf.length; i++)
    {
            result.append(HEX.charAt((buf[i]>>4)&0x0f)).append(HEX.charAt(buf[i]&0x0f));

    }
    return result.toString();

}

getEncryptedPasswd()我的应用程序多次调用该函数,每次它按预期提供不同的十六进制输出。然后它将加密的密码发送到我的代码必须在 C++ 中的服务器。但是当我尝试使用 openssl 解密密码时,我没有得到正确的输出。谁能帮我?我在服务器上的代码是:

#include <iostream>
#include <string>
#include <vector>
#include <cstdlib>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <unistd.h>
#include <openssl/aes.h>

#define KEY "kumyntbrvecwxasqertyplmqazwsxedc"

using namespace std;

unsigned int hex2bin(char *ibuf, unsigned char *obuf, unsigned int ilen)
{
unsigned int i;
unsigned int j;
unsigned int by = 0;
unsigned char ch;

// process the list of characaters
for (i = 0; i < ilen; i++)
{
        ch = toupper(*ibuf++);
    // do the conversion
        if(ch >= '0' && ch <= '9')
    {
        by = (by << 4) + ch - '0';
    }    
    else if(ch >= 'A' && ch <= 'F')
    {
            by = (by << 4) + ch - 'A' + 10;
    }
        else
    {
        memcpy(obuf, "ERROR", 5);
            return 0;
        }

        // store a byte for each pair of hexadecimal digits
        if (i & 1) 
    {
            j = ((i + 1) / 2) - 1;
            obuf[j] = by & 0xff;
        }
}
return (j+1);
}

string iv_str = auth.substr(0, 16);
string enc_str = auth.substr(16);

char *iv_buf = new char [iv_str.length() + 1];
strcpy(iv_buf, iv_str.data());
char *enc_buf = new char [enc_str.length() + 1];
strcpy(enc_buf, enc_str.data());

unsigned long ilen;
unsigned char iv[16];
unsigned char enc_word[16]; // hex decrypt output
unsigned char word[16]; // decrypt output
unsigned char enc_key[] = KEY;
AES_KEY aeskeyDec;

    AES_set_decrypt_key(enc_key, 256, &aeskeyDec);

    ilen = hex2bin(enc_buf, enc_word, (int) strlen(enc_buf));
hex2bin(iv_buf, iv, (int) strlen(iv_buf));

    AES_cbc_encrypt(enc_word, word, ilen, &aeskeyDec, iv, AES_DECRYPT);
4

1 回答 1

0

我是一个 C++ 人,而不是 java,所以我不能评论你的这一行,只能说它看起来可以满足你的需要:

Cipher encryptionCipher = Cipher.getInstance("AES/CBC");

但以防万一,请注意我可以确认 Java 默认使用 ECB 模式。和你一样,我也必须用 C++ AES 解密一些用 Java 加密的文本。我花了一段时间才弄清楚发生了什么: 如何使用 OpenSSL 解密 Java AES 加密的数据?

于 2013-03-07T04:25:22.637 回答