AES / CBC / NoPadding解密中的输出乱码
[英]Garbled output in AES/CBC/NoPadding Decryption
问题描述
I'm trying to decrypt text in java that is encrypted using CryptoJS. 
我正在尝试解密使用CryptoJS加密的Java中的文本。 I've read on other posts that they use different default modes and padding so I set them both(java/cryptojs) both to use aes/cbc/nopadding. 我读过其他文章,他们使用不同的默认模式和填充,所以我将它们都设置为(java / cryptojs)都使用aes / cbc / nopadding。 I no longer get an exception in java, but I am getting a garbled output during decryption 我不再在Java中遇到异常,但在解密过程中得到了乱码的输出
Encryption(JS): 加密(JS):
var parsedLogin = JSON.parse(login);
var publicKey = "abcdefghijklmnio";
var publiciv = "abcdefghijklmnio";
var key = CryptoJS.enc.Hex.parse(publicKey);
var iv = CryptoJS.enc.Hex.parse(publiciv);
var encrypted = CryptoJS.AES.encrypt(parsedLogin.password, publicKey, {iv: publiciv}, { padding: CryptoJS.pad.NoPadding, mode: CryptoJS.mode.CBC});
// send encrypted to POST request
DECRYPT (Java) DECRYPT(Java)
String PUBLIC_KEY = "abcdefghijklmnio";
String PUBLIC_IV = "abcdefghijklmnio";
byte[] byteArr = PUBLIC_KEY.getBytes();
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
final SecretKeySpec secretKey = new SecretKeySpec(byteArr, "AES");
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(PUBLIC_IV.getBytes()));
byte[] parsed = Base64.decodeBase64(encrypted.getBytes());
//byte[] parsed = DatatypeConverter.parseBase64Binary(encrypted);
byte[] fin = cipher.doFinal(parsed);
String decryptedString = new String(fin);
The result that I'm getting is like this: Š²Û!aå{'`?@"Ûîñ?Œr˜krÆ 我得到的结果是这样的:Š²Û!aå{'`?@@“Ûîñ?Œr〜krÆ
I have already tried changing the CHARSET in the getBytes() to US-ASCII, UTF-8 and UTF-16 but all this does is change the garbled text 我已经尝试过将getBytes()中的CHARSET更改为US-ASCII,UTF-8和UTF-16,但所有这些操作就是更改乱码文本
I have also tried using othe blocking modes and paddings but they failed at the js level. 我也尝试过使用其他阻塞模式和填充,但是它们在js级别失败。 I just need a simple encryption method right now. 我现在只需要一种简单的加密方法。
NOTE: Ignore the security issues...like having the key exposed in js, etc. I'll be handling those later.. 注意:忽略安全性问题...例如在js中公开密钥,等等。稍后我将处理这些问题。
1 个解决方案
解决方案1
1 2014-03-04 13:30:00
You shouldn't be able to use AES CBC without padding unless the password is always 16 bytes. 除非密码始终为16个字节,否则您将无法不加填充地使用AES CBC。 It probably applies some sort of default padding that may or may not be a good idea. 它可能会应用某种默认填充,可能不是一个好主意。
Anyway: you need to pass your key and iv to CryptoJS as a WordArray; 无论如何:您需要将您的密钥和iv作为WordArray传递给CryptoJS。 if you give it a string it will assume you're giving it a passphrase and derive a different key from that. 如果给它一个字符串,它将假定您正在给它一个密码短语并从中派生出另一个密钥。 As such, your Java decryption code will be using a different key/iv pair. 因此,您的Java解密代码将使用不同的密钥/ iv对。 You can create a WordArray from your strings using 您可以使用以下命令从字符串创建WordArray
var key = CryptoJS.enc.Utf8.parse("abcdefghijklmnio")
var iv = ...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.