gpt4 book ai didi

基于 Java 密码的加密在 Linux 上失败

转载 作者:行者123 更新时间:2023-12-01 21:08:29 27 4
gpt4 key购买 nike

我需要帮助弄清楚为什么 Java 加密在运行 Linux Mint 17.2 Rafaela 的计算机上失败。我的应用程序无法使用 RC4 算法解密之前加密的值。

我正在使用 Java 8 u112 进行测试,并且安装了 JCE,但这没有帮助。

这是我创建的最小示例,它可以在我的 Windows 计算机上运行:

import javax.xml.bind.DatatypeConverter;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

public class CryptoTest
{

private static final String ADMIN_PASSWORD = "admin";
private static final String ADMIN_ENCRYPTED_PASSWORD = "532C05C5B5"; // RC4 encrypted password using KEY
private static final String ADMIN_AUTH_KEY = "1391a8a860b7d6e2e86df513700e490c16dae47cdae227ca"; // PBKDF2(username,password,salt)
private static final String CRYPTO_ALGORITHM = "RC4";

protected static String encryptPassword(String passwordDataToEncrypt, String userskey) throws Exception
{
SecureRandom sr = new SecureRandom(userskey.getBytes());
KeyGenerator kg = KeyGenerator.getInstance(CRYPTO_ALGORITHM);
kg.init(sr);
SecretKey sk = kg.generateKey();
Cipher cipher = Cipher.getInstance(CRYPTO_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, sk);
return bytesToHex(cipher.doFinal(passwordDataToEncrypt.getBytes()));
}

private static String bytesToHex(byte[] in)
{
return DatatypeConverter.printHexBinary(in);
}

private static byte[] hexStringToByteArray(String s)
{
return DatatypeConverter.parseHexBinary(s);
}

protected static String decryptPassword(byte[] toDecryptPassword, String key) throws Exception
{
SecureRandom sr = new SecureRandom(key.getBytes());
KeyGenerator kg = KeyGenerator.getInstance(CRYPTO_ALGORITHM);
kg.init(sr);
SecretKey sk = kg.generateKey();
Cipher cipher = Cipher.getInstance(CRYPTO_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, sk);
return new String(cipher.doFinal(toDecryptPassword));
}

public static void assertEquals(String arg1, String arg2)
{
if (! arg1.equals(arg2))
{
System.out.println(String.format("%s does not equal %s", arg1, arg2));
}
}

public static void testGetDecryptedPassword() throws Exception
{
String decryptedPassword = decryptPassword(hexStringToByteArray(ADMIN_ENCRYPTED_PASSWORD), ADMIN_AUTH_KEY);
assertEquals(ADMIN_PASSWORD, decryptedPassword);
}

public static void testGetEncryptedPassword() throws Exception
{
String encryptedPassword = encryptPassword(ADMIN_PASSWORD, ADMIN_AUTH_KEY);
assertEquals(ADMIN_ENCRYPTED_PASSWORD, encryptedPassword);
}

public static void testEncryptAndDecryptPasswords() throws Exception
{
String originalPassword = "password";
String encryptedPassword = encryptPassword(originalPassword, ADMIN_AUTH_KEY);
String decryptedPassword = decryptPassword(hexStringToByteArray(encryptedPassword), ADMIN_AUTH_KEY);
assertEquals(originalPassword, decryptedPassword);

originalPassword = "This is a STRONG password 4 me!!!@#$^";
encryptedPassword = encryptPassword(originalPassword, ADMIN_AUTH_KEY);
decryptedPassword = decryptPassword(hexStringToByteArray(encryptedPassword), ADMIN_AUTH_KEY);
assertEquals(originalPassword, decryptedPassword);
}

public static void main(final String[] args)
{
try
{
int strength = Cipher.getMaxAllowedKeyLength("AES");
if ( strength > 128 ){
System.out.printf("isUnlimitedSupported=TRUE,strength: %d%n",strength);
} else {
System.out.printf("isUnlimitedSupported=FALSE,strength: %d%n",strength);
}

testGetDecryptedPassword();
testGetEncryptedPassword();
testEncryptAndDecryptPasswords();
}
catch (Exception e)
{
System.out.printf("Caught exception: %s\n", e.getMessage());
e.printStackTrace(System.out);
}
}
}

我的 Linux 机器上的输出是:

isUnlimitedSupported=TRUE,strength: 2147483647
admin does not equal <junk>
532C05C5B5 does not equal 5D16D89D2F
password does not equal <junk>
This is a STRONG password 4 me!!!@#$^ does not equal <junk>

哪里<junk>是一堆无法打印的字符。

最佳答案

您的代码假设您每次使用以下代码中的相同密码初始化 SecureRandom() 时都会获得相同的 SecretKey:

SecureRandom sr = new SecureRandom(userskey.getBytes());
KeyGenerator kg = KeyGenerator.getInstance(CRYPTO_ALGORITHM);
kg.init(sr);
SecretKey sk = kg.generateKey();

你确实不能做出这样的假设,并且你不应该使用这种方法。 SecureRandomJCA 架构的一部分,在实例化新的 SecureRandom(..) 时获得的实际实现取决于哪个安全提供程序在您的系统上可用,以及每个提供商的优先级。

如果您需要从密码生成加密 key ,您应该使用为此发明的 key 派生函数,例如 PBKDF2 .

关于基于 Java 密码的加密在 Linux 上失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41783932/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com