gpt4 book ai didi

java - 使用 JavaEncryptor 的 ESAPI 对称加密

转载 作者:行者123 更新时间:2023-11-30 03:08:21 26 4
gpt4 key购买 nike

我正在 ESAPI 中测试基本内容,我遇到了 this symmetric encryption tutorial并复制并粘贴代码(同时导入 Eclipse 中“src”目录中的 ESAPI 2.1.0 jar 文件、ESAPI.properties 和validation.properties)

教程中修改的代码:

import org.owasp.esapi.crypto.CipherText;
import org.owasp.esapi.crypto.PlainText;
import org.owasp.esapi.errors.EncryptionException;
import org.owasp.esapi.reference.crypto.JavaEncryptor;

public class ESAPIsymEncTester {

public static void main(String[] args) throws EncryptionException{

String myplaintext = "My plaintext";

CipherText ciphertext =
JavaEncryptor.getInstance().encrypt( new PlainText(myplaintext) );
PlainText recoveredPlaintext = JavaEncryptor.getInstance().decrypt(ciphertext);
assert myplaintext.equals( recoveredPlaintext.toString() );

System.out.println("recovered plaintext: " + recoveredPlaintext.toString());
}
}

但是,当我使用 Java 1.8 在 Eclipse Luna 中运行它时,我得到了以下堆栈跟踪:

Exception in thread "main" org.owasp.esapi.errors.EncryptionException: Encryption failure: Invalid key exception.
at org.owasp.esapi.reference.crypto.JavaEncryptor.encrypt(JavaEncryptor.java:526)
at org.owasp.esapi.reference.crypto.JavaEncryptor.encrypt(JavaEncryptor.java:338)
at com.fate.engine.test.ESAPIsymEncTester.main(ESAPIsymEncTester.java:15)
Caused by: java.security.InvalidKeyException: Invalid AES key length: 96 bytes
at com.sun.crypto.provider.AESCipher.engineGetKeySize(AESCipher.java:495)
at javax.crypto.Cipher.passCryptoPermCheck(Cipher.java:1062)
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1033)
at javax.crypto.Cipher.init(Cipher.java:1367)
at javax.crypto.Cipher.init(Cipher.java:1301)
at org.owasp.esapi.reference.crypto.JavaEncryptor.encrypt(JavaEncryptor.java:504)
... 2 more

我不确定这是否是 JavaEncryptor.java 代码中的错误,或者我是否从 ESAPI.properties 文件中提取了错误配置的内容。

我通过运行 JavaEncryptor 并复制/粘贴生成的 key /盐来替换主 key 和盐。

如果这是一个错误,我会向 ESAPI 人员发送电子邮件,以澄清如何修复它,因为我查看了 JavaEncryptor 代码,但并不完全清楚所有部分的来源。

Encryptor.MasterKey=WppLubGgsc/p6HhvcPf2LA==

Encryptor.MasterSalt=YokRN9mjMUTZspEbzBY90NA6EC8=

Encryptor.PreferredJCEProvider=

Encryptor.EncryptionAlgorithm=AES

Encryptor.CipherTransformation=AES/CBC/PKCS5Padding

Encryptor.cipher_modes.combined_modes=GCM,CCM,IAPM,EAX,OCB,CWC

Encryptor.cipher_modes.additional_allowed=CBC

Encryptor.EncryptionKeyLength=128

Encryptor.ChooseIVMethod=random

Encryptor.fixedIV=0x000102030405060708090a0b0c0d0e0f

Encryptor.CipherText.useMAC=true

Encryptor.PlainText.overwrite=true

Encryptor.HashAlgorithm=SHA-512 *****

Encryptor.HashIterations=1024

Encryptor.DigitalSignatureAlgorithm=SHA1withDSA

Encryptor.DigitalSignatureKeyLength=1024

Encryptor.RandomAlgorithm=SHA1PRNG

Encryptor.CharacterEncoding=UTF-8

Encryptor.KDF.PRF=HmacSHA1 *****

最佳答案

您忘记将日志中最重要的部分放入问题中:

Dec 11, 2015 8:05:24 AM org.owasp.esapi.reference.JavaLogFactory$JavaLogger log
WARNING: [SECURITY FAILURE Anonymous:null@unknown -> /JavaEncryptor] Encryption key length mismatch. ESAPI.EncryptionKeyLength is 128 bits, but length of actual encryption key is 24 bits. Did you remember to regenerate your master key (if that is what you are using)???

这是一个线索,表明图书馆希望您做一些事情。

在我看来,您可能在 esapi.properties 中设置了这样的默认加密器属性:

Encryptor.MasterKey=owasp1
Encryptor.MasterSalt=testtest

JavaEncryptor 类有一个 main 方法,可以为您生成有效的属性。在 Eclipse 中或通过命令行运行它。它将为您提供要在 esapi.properties 中替换的值,如下所示:

Dec 11, 2015 8:10:25 AM org.owasp.esapi.reference.JavaLogFactory$JavaLogger log
OFF: [SECURITY AUDIT Anonymous:null@unknown -> /SecurityProviderLoader] No Encryptor.PreferredJCEProvider specified.
SecurityConfiguration for Encryptor.EncryptionKeyLength not an integer in ESAPI.properties. Using default: 128
Generating a new secret master key
use '-print' to also show available crypto algorithms from all the security providers
SecurityConfiguration for Encryptor.EncryptionKeyLength not an integer in ESAPI.properties. Using default: 128

Copy and paste these lines into your ESAPI.properties

#==============================================================
Encryptor.MasterKey=qW0Qw+8eb1Zu1MBv5djwqA==
Encryptor.MasterSalt=b0VappFU1Hd6LjIt+TGYqQlfrdU=
#==============================================================

一旦我这样做了,你的代码示例就运行得很好。

关于java - 使用 JavaEncryptor 的 ESAPI 对称加密,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34209139/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com