Bra*_*ord 8 ruby java encryption
我究竟做错了什么?我希望Java程序打印"私有".我的目标是尝试用Java编写MessageEncryptor.decrypt ruby方法.
Ruby加密(大多数代码来自MessageEncryptor,但未修改为Marshal),但我已经将其解压缩,以便更容易看到发生了什么:
require 'openssl'
require 'active_support/base64'
@cipher = 'aes-256-cbc'
d = OpenSSL::Cipher.new(@cipher)
@secret = OpenSSL::PKCS5.pbkdf2_hmac_sha1("password", "some salt", 1024, d.key_len)
cipher = OpenSSL::Cipher::Cipher.new(@cipher)
iv = cipher.random_iv
cipher.encrypt
cipher.key = @secret
cipher.iv = iv
encrypted_data = cipher.update("private")
encrypted_data << cipher.final
puts [encrypted_data, iv].map {|v| ::Base64.strict_encode64(v)}.join("--")
哪个印刷:
tzFUIVllG2FcYD7xqGPmHQ == - UAPvdm3oN3Hog9ND9HrhEA ==
Java代码:
package decryptruby;
import java.security.spec.KeySpec;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
public class DecryptRuby {
public static String decrypt(String encrypted, String pwd, byte[] salt)
throws Exception {
String[] parts = encrypted.split("--");
if (parts.length != 2) return null;
byte[] encryptedData = Base64.decodeBase64(parts[0]);
byte[] iv = Base64.decodeBase64(parts[1]);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(pwd.toCharArray(), salt, 1024, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKey aesKey = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, aesKey, new IvParameterSpec(iv));
byte[] result = cipher.doFinal(encryptedData);
return result.toString();
}
public static void main(String[] args) throws Exception {
String encrypted = "tzFUIVllG2FcYD7xqGPmHQ==--UAPvdm3oN3Hog9ND9HrhEA==";
System.out.println("Decrypted: " + decrypt(encrypted, "password", "some salt".getBytes()));
}
}
哪个印刷
解密:[B @ 432a0f6c
Jon*_*eet 20
这是问题 - 或者至少是一个问题:
byte[] result = cipher.doFinal(encryptedData);
return result.toString();
你正在调用toString()一个字节数组.数组不会覆盖toString().这根本不会给你你想要的东西 - 你可以看到.相反,你需要写一些像:
return new String(result, "UTF-8");
...但您需要知道在加密之前使用了什么编码将原始字符串转换为字节.从Ruby代码中我不清楚使用什么编码,但如果你能明确它(理想情况下使用UTF-8)它会让你的生活变得更轻松.
简而言之,我怀疑这个问题与加密毫无关系 - 它与在Ruby中将文本转换为字节然后将相同的字节序列转换回Java中的字符串有关.
当然加密可能也会失败,但这是另一回事.
| 归档时间: |
|
| 查看次数: |
2888 次 |
| 最近记录: |