我有一个PBE生成的密钥,我使用算法"PBEWithHmacSHA256AndAES_128"加密了一个字符串,但是我无法破译该字符串。
密钥生成:
private final static byte[] SALT = { (byte) 0xc9, (byte) 0x36, (byte) 0x78, (byte) 0x99, (byte) 0x52, (byte) 0x3e, (byte) 0xea,
(byte) 0xf2 };
PBEKeySpec keySpec = new PBEKeySpec(pwd.toCharArray(), SALT, 20 , 128);
try {
SecretKeyFactory kf = SecretKeyFactory.getInstance("PBEWithHmacSHA256AndAES_128");
PRIVATE_KEY = kf.generateSecret(keySpec);
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
e.printStackTrace();
}
加密字符串:
private static String cipherString(String string) {
PBEParameterSpec pbeParameterSpec = new PBEParameterSpec(SALT, 100);
Cipher cipher;
try {
cipher = Cipher.getInstance("PBEWithHmacSHA256AndAES_128");
cipher.init(Cipher.ENCRYPT_MODE, PRIVATE_KEY, pbeParameterSpec);
byte[] input = string.getBytes();
byte[] encryptedp = cipher.doFinal(input);
return encryptedp.toString();
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
解密字符串:
private static String decipherString(String string) {
Cipher c;
try {
c = Cipher.getInstance("PBEWithHmacSHA256AndAES_128");
c.init(Cipher.DECRYPT_MODE, PRIVATE_KEY);
byte[] input = string.getBytes();
byte[] encryptedp = c.doFinal(input);
return encryptedp.toString();
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
只需使用以下适用于 J2SE 的代码。由于算法PBEWithHmacSHA256AndAES_128内部在CBC模式下使用AES,我们还必须提供一个IV,这是我随机生成的示例。您必须使用相同的IV进行加密和解密。出于每次加密的安全原因,您应该使用新的随机 IV 并将其与加密文本一起保存。
SecureRandom rnd = new SecureRandom();
byte[] iv = new byte[16];
rnd.nextBytes(iv);
String password = "password";
byte[] plaintext = "plaintext".getBytes(StandardCharsets.UTF_8);
IvParameterSpec ivParamSpec = new IvParameterSpec(iv);
PBEParameterSpec pbeParamSpec = new PBEParameterSpec(SALT, 10000, ivParamSpec);
PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
try {
SecretKeyFactory kf = SecretKeyFactory.getInstance("PBEWithHmacSHA256AndAES_128");
SecretKey secretKey = kf.generateSecret(keySpec);
// On J2SE the SecretKeyfactory does not actually generate a key, it just wraps the password.
// The real encryption key is generated later on-the-fly when initializing the cipher
System.out.println(new String(secretKey.getEncoded()));
// Encrypt
Cipher enc = Cipher.getInstance("PBEWithHmacSHA256AndAES_128");
enc.init(Cipher.ENCRYPT_MODE, secretKey, pbeParamSpec);
byte[] encrypted = enc.doFinal(plaintext);
String encryptedBase64 = new BASE64Encoder().encode(encrypted);
System.out.println("Encrypted text: " + encryptedBase64);
// Decrypt
Cipher dec = Cipher.getInstance("PBEWithHmacSHA256AndAES_128");
dec.init(Cipher.DECRYPT_MODE, secretKey, pbeParamSpec);
byte[] decrypted = dec.doFinal(new BASE64Decoder().decode(encryptedBase64));
String message = new String(decrypted, StandardCharsets.UTF_8);
System.out.println(message);
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
e.printStackTrace();
}