9

我需要将带有 Rijandael 加密的 powershell 脚本翻译成 Java。这是源PowerShell代码:

[Reflection.Assembly]::LoadWithPartialName("System.Security")
Add-Type -AssemblyName System.Web

$sKy = "bbee9a3e8e44e28edb4539186d182aaa"  
$sIV  = "131a68dc13160766f37dc931d7e518aa"

$myRijndael = New-Object System.Security.Cryptography.RijndaelManaged
$myRijndael.KeySize = 256
$myRijndael.BlockSize = 256
$myRijndael.Mode = [System.Security.Cryptography.CipherMode]::CBC
$myRijndael.Padding = [System.Security.Cryptography.PaddingMode]::Zeros

[byte[]] $key = [Text.Encoding]::ASCII.GetBytes($sKy)
[byte[]] $IV = [Text.Encoding]::ASCII.GetBytes($sIV)

$encryptor = $myRijndael.CreateEncryptor($key, $IV)
$msEncrypt = new-Object IO.MemoryStream 
$csEncrypt = new-Object Security.Cryptography.CryptoStream $msEncrypt,$encryptor,"Write"

$toEncrypt = [Text.Encoding]::ASCII.GetBytes("TEST_TEXT_TO_ENCODE")

$csEncrypt.Write($toEncrypt, 0, $toEncrypt.Length)
$csEncrypt.FlushFinalBlock()
$encrypted = $msEncrypt.ToArray()

对于 Java 加密,我使用 bouncycastle 及其具有相同参数的 RijndaelEngine - CBC、256 块大小、零填充。这是我的java代码片段:

byte[] sessionKey = "bbee9a3e8e44e28edb4539186d182aaa".getBytes(); 
byte[] iv = "131a68dc13160766f37dc931d7e518aa".getBytes();
byte[] plaintext = "TEST_TEXT_TO_ENCODE".getBytes();

PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
    new CBCBlockCipher(new RijndaelEngine(256)), new ZeroBytePadding());

int keySize = 256 / 8;

CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(sessionKey, 0, keySize), iv, 0, keySize);

cipher.init(true, ivAndKey);
byte[] encrypted  = new byte[cipher.getOutputSize(plaintext.length)];
int oLen = cipher.processBytes(plaintext, 0, plaintext.length, encrypted, 0);
cipher.doFinal(encrypted, oLen);

密钥、初始向量和要加密的文本的字节数组完全相同:

secret key: [98, 98, 101, 101, 57, 97, 51, 101, 56, 101, 52, 52, 101, 50, 56, 101, 100, 98, 52, 53, 51, 57, 49, 56, 54, 100, 49, 56, 50, 97, 97, 97]
initial vector: [49, 51, 49, 97, 54, 56, 100, 99, 49, 51, 49, 54, 48, 55, 54, 54, 102, 51, 55, 100, 99, 57, 51, 49, 100, 55, 101, 53, 49, 56, 97, 97]
text to encrypt: [84, 69, 83, 84, 95, 84, 69, 88, 84, 95, 84, 79, 95, 69, 78, 67, 79, 68, 69]

但是 powershell 和 Java 的结果数组不同:

powershell: [241, 100, 194, 184, 166, 85, 15, 212, 186, 220, 85, 136, 16, 194, 93, 11, 243, 245, 230, 207, 224, 88, 255, 153, 185, 9, 43, 78, 219, 138, 7, 222]
java: [-15, 100, -62, -72, -90, 85, 15, -44, -70, -36, 85, -120, 16, -62, 93, 11, -13, -11, -26, -49, -32, 88, -1, -103, -71, 9, 43, 78, -37, -118, 7, -34]

拜托,有人可以帮我弄清楚我在 Java 中用 bouncycastle 做错了什么吗?我整天都在堆它...

4

1 回答 1

14

据我所知,你的结果一样的——只是在 Java 中,字节是有符号的。(这很恶心,但它不会影响你得到的实际位。)

如果将 256 添加到 Java 结果中的每个负值,您会看到它们与 .NET 代码相同:

.NET:      241  100  194  184  166

Java:      -15  100  -62  -72  -90

Java+256:  241  100  194  184  166
for -ve

(ETC)

或者,只需打印出两个字节数组的无符号十六进制表示 - 甚至对它们进行 base64 编码 - 你会发现它们是相同的。

于 2013-04-04T07:23:09.393 回答