使用 openssl 命令行工具进行 AES 加密,并在 Java

AES encrypt with openssl command line tool, and decrypt in Java(使用 openssl 命令行工具进行 AES 加密,并在 Java 中解密)

本文介绍了使用 openssl 命令行工具进行 AES 加密,并在 Java 中解密的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个使用 openssl 工具进行加密的 bash 脚本.

I have a bash script that uses the openssl tool to encrypt.

#!/bin/bash

key128="1234567890123456"
iv="1234567890123456"
openssl enc -aes-128-cbc -in test -out test.enc -K $key128 -iv $iv

以及尝试解密脚本生成的文件的 Java 代码.

And Java code that tries to decrypt the file produced by the script.

public class crypto {

    public static void main( String[] args )
    {
        try {
            File f = new File("test.enc");
            Cipher c;
            Key k;
            String secretString = "01020304050607080900010203040506";
            String ivString = "01020304050607080900010203040506";
            byte[] secret = hexStringToByteArray(secretString);
            byte[] iv = hexStringToByteArray(ivString);

            c = Cipher.getInstance("AES/CBC/PKCS5Padding");
            k = new SecretKeySpec(secret, "AES");
            c.init(Cipher.DECRYPT_MODE, k, new IvParameterSpec(iv));

            CipherInputStream cis = new CipherInputStream(new FileInputStream(f), c);
            BufferedReader br = new BufferedReader(new InputStreamReader(cis));

            String line;
            while ((line = br.readLine()) != null) {
                System.out.println(line);
            }
            br.close();
        } catch (IOException e) {
            System.out.println(e.getMessage());
        } catch (NoSuchAlgorithmException e) {
            System.out.println(e.getMessage());
        } catch (NoSuchPaddingException e) {
            System.out.println(e.getMessage());
        } catch (InvalidKeyException e) {
            System.out.println(e.getMessage());
        } catch (InvalidAlgorithmParameterException e) {
            System.out.println(e.getMessage());
        }

    }

    public static byte[] hexStringToByteArray(String s) {
        int len = s.length();
        byte[] data = new byte[len / 2];
        for (int i = 0; i < len; i += 2) {
            data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4)
                                 + Character.digit(s.charAt(i+1), 16));
        }
        return data;
    }
}
                                                            33,1          71%

当我运行 Java 代码时,它不会打印任何内容.脚本和 Java 代码是否不匹配?

When I run the Java code, it doesn't print anything. Is there a mismatch between the script and Java code?

第二个问题是我是否可以将其重写为使用密码而不是密钥/iv.为了做到这一点,有没有办法知道 openssl 用于给定密码的 iv?

A secondary question is whether I can rewrite this to use password instead of key/iv. In order to do that, is there a way to know the iv that openssl uses for a given password?

推荐答案

正如上面提到的@Polynomial,bash 脚本和 Java 代码之间的键和 iv 不匹配.将 bash 脚本更改为以下内容即可解决问题.

As @Polynomial mentioned above, the keys and iv's don't match between the bash script and Java code. Changing the bash script to the following solves the problem.

#!/bin/bash

key128="01020304050607080900010203040506"
iv="01020304050607080900010203040506"
openssl enc -aes-128-cbc -in test -out test.enc -K $key128 -iv $iv

如果按以下方式执行openssl,它将使用密码,并打印使用的密钥和iv.在上面的 Java 程序中,key 和 iv 可以被替换.

If openssl is executed in the following way, it will use a password, and print the key and iv used. That key and iv can be substituted in the Java program above.

openssl enc -nosalt -aes-128-cbc -in test -out test.enc -p

这篇关于使用 openssl 命令行工具进行 AES 加密,并在 Java 中解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!

本文标题为:使用 openssl 命令行工具进行 AES 加密,并在 Java