問題描述

我在 node.js 中運行了以下簡單的加密代碼:

I have the following simple encryption code running in node.js:

var crypto = require('crypto');

var encKey = "FOO"; // Not the real key. Assume it works though.

var encrypt = function(str) {
  var cipher = crypto.createCipher('aes-256-cbc', encKey);
  var crypted = cipher.update(str, 'utf-8', 'hex');
  crypted += cipher.final('hex');
  return crypted;
};

我也可以解密如下:

var crypto = require('crypto');

var encKey = "FOO"; // Not the real key. Assume it works though.

var decrypt = function(str) {
  var decipher = crypto.createDecipher('aes-256-cbc', encKey);
  var decrypted = decipher.update(str, 'hex', 'utf-8');
  decrypted += decipher.final('utf-8');
  return decrypted;
};

這一切都很好.字符串按預期加密和解密.但現在我面臨著用 Java 從這個 node.js 代碼中解密加密字符串的任務.這就是事情出錯的地方，我不知道為什么.

This all works fine. Strings are encrypting and decrypting as expected. But now I am faced with task of decrypting encrypted strings from this node.js code, in Java. And that is where things are going wrong and I am not sure why.

對于解密，我的 Java 代碼如下所示:

For decryption, My Java code looks like this:

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

import java.security.MessageDigest;
import java.util.Arrays;

private static final String encKey = "FOO";
private static SecretKeySpec secretKey;
private static byte[] key;

public static String decrypt(String str) throws Exception {
  String hexDecodedStr = new String(Hex.decodeHex(str.toCharArray()));
  setKey(encKey);
  Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
  cipher.init(Cipher.DECRYPT_MODE, secretKey);
  return new String(cipher.doFinal(hexDecodedStr.getBytes()));
}

private static void setKey(String myKey) throws Exception {
  MessageDigest sha = null;
  try {
    key = myKey.getBytes("UTF-8");
    sha = MessageDigest.getInstance("SHA-1");
    key = sha.digest(key);
    key = Arrays.copyOf(key, 16); 
    secretKey = new SecretKeySpec(key, "AES");
  } 
  catch (Exception e) {
    throw e;
  } 
}

而且它不起作用.似乎無論我嘗試什么，我最終都會在 cipher.doFinal() 調用中遇到一些異常，或者我得到的字符串是完全錯誤的.我知道 node.js 代碼使用的是 aes-256-cbc，而 Java 代碼使用的是 AES/ECB/PKCS5Padding 而不是 AES/CBC/PKCS5Padding，但是當我嘗試使用 AES/CBC/PKCS5Padding 時，它需要一個我在 node.js 中沒有的 InitVector，所以我不確定如何繼續.如果沒有提供一個 InitVector，節點是否會在后臺創建一個 InitVector?我是否遺漏了一些非常明顯的東西?

And it doesn't work. It seems like no matter what I try, I end up with some exception on the cipher.doFinal() call, or the String I get back is totally wrong. I know the node.js code is using aes-256-cbc, while the Java code is using AES/ECB/PKCS5Padding instead of AES/CBC/PKCS5Padding, but when I tried to use AES/CBC/PKCS5Padding, it was requiring an InitVector which I didn't have in node.js so I was unsure of how to proceed. Is node making an InitVector under the hood if not provided with one? Am I missing something totally obvious?

推薦答案

你似乎和其他人有同樣的問題 OpenSSL 加密失敗解密C#

You seems to have the same issue as others OpenSSL encryption failing to decrypt C#

據我了解文檔，加密庫使用 openssl.openssl 使用其 EVP_BytesToKey 函數和隨機鹽(不僅僅是哈希)從密碼創建 IV 和密鑰.正如 dave 指出的那樣，加密庫不使用鹽.

As far I understood the docs, the crypto libeary uses openssl. The openssl creates IV and key from the password using its EVP_BytesToKey function and random salt (not just hash). As dave pointed out, the crypto library uses no salt.

openssl 的輸出是 Salted_{8 bytes salt}{ciphertext} 所以檢查密碼的輸出是什么(我現在做不到)

我寫了一篇小文章如何加密在Java中正確

I wrote a small article how to encrypt properly in Java

這篇關于在 Java 中從 node.js 中解密字符串?的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！