如何使用已使用JS crypto加密的Java字符串解密
[英]How to decrypt in Java strings that have been encrypted using JS crypto
问题描述
What would be the equivalent of this JS code in Java, using javax.crypto.xxx? 
使用javax.crypto.xxx相当于Java中的此JS代码?
encryptString : function encryptString(str, password) {
var cipher = crypto.createCipher("aes128", password);
return cipher.update(str, "binary", "base64") +
cipher.final("base64");
},
decryptString : function decryptString(str, password) {
var desipher = crypto.createDecipher("aes128", password);
return desipher.update(str, "base64", "binary") +
desipher.final("binary");
}
I'll be encoding in JS to decode in Java, and vice versa. 我将使用JS进行编码以使用Java进行解码,反之亦然。 Both 'str' and 'password' variables are strings, 'password' being 16 chars long. 'str'和'password'变量都是字符串,'password'的长度为16个字符。
Looks like this createCipher(algorithm, password) method uses some method to generate raw key and IV, which is not standard across the board. 看起来像这种createCipher(algorithm,password)方法使用某种方法来生成原始密钥和IV,这不是全面标准。 I think using createCipheriv(algorithm, key, iv) will be a more portable approach. 我认为使用createCipheriv(algorithm,key,iv)将是一种更可移植的方法。 More here: http://nodejs.org/api/crypto.html#crypto_crypto_createcipheriv_algorithm_key_iv I'll update the latest soon. 此处提供更多信息: http : //nodejs.org/api/crypto.html#crypto_crypto_createcipheriv_algorithm_key_iv我将尽快更新最新信息。
2 个解决方案
解决方案1
0
This is how you can encrypt/decrypt in JS and Java using Crypto and javax.crypto respectively. 这是分别使用Crypto和javax.crypto在JS和Java中进行加密/解密的方式。
If you don't care about interoperability of different environment, you can get started pretty quickly using createCypher(algorithm, password) in your JS code, but it is not very portable as you don't know how raw key and initialization vector is derived from the password. 如果您不关心不同环境的互操作性,则可以在JS代码中使用createCypher(算法,密码)很快上手 ,但是由于您不知道原始密钥和初始化向量的派生方式,因此移植性不强从密码。
Changing the JS code to use createCipheriv(algorithm, key, iv) instead, will give you a portable encryption/decryption: 更改JS代码以改为使用createCipheriv(algorithm,key,iv) ,将为您提供可移植的加密/解密:
encryptString : function encryptString(str, encryptionKey, iv) {
var cipher = crypto.createCipheriv('aes-128-cbc', encryptionKey, iv);
var cipherText = cipher.update(str, 'binary', 'base64');
var cipherTextRemaining = cipher.final('base64');
return cipherText + cipherTextRemaining;
},
decryptString : function decryptString(str, encryptionKey, iv) {
var desipher = crypto.createDecipheriv('aes-128-cbc', encryptionKey, iv);
var desipherText = desipher.update(str, 'base64', 'binary');
var desipherTextRemaining = desipher.final('binary');
return desipherText + desipherTextRemaining;
},
This is the equivalent Java code that does the same thing: 这是等效的Java代码,具有相同的作用:
public static String encryptString(String clearText, byte[] key, byte[] initialVector) throws Exception
{
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec secretKeySpecy = new SecretKeySpec(key, "AES");
IvParameterSpec ivParameterSpec = new IvParameterSpec(initialVector);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpecy, ivParameterSpec);
byte[] encrypted = cipher.doFinal(clearText.getBytes());
return new String(Base64.encodeBase64(encrypted, false));
}
public static String decryptString(String cipherText, byte[] key, byte[] initialVector) throws Exception
{
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec secretKeySpecy = new SecretKeySpec(key, "AES");
IvParameterSpec ivParameterSpec = new IvParameterSpec(initialVector);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpecy, ivParameterSpec);
return new String(cipher.doFinal(Base64.decodeBase64(cipherText)));
}
解决方案2
0 2017-05-25 11:22:01
We had a similar problem. 我们有一个类似的问题。 So what we wanted is to encrypt the voucherCode in Java side and send it to front end side. 因此,我们想要在Java端对voucherCode进行加密并将其发送到前端。 Encryption needed to make the voucher code secure. 需要加密以确保凭证代码安全。
Now on front end, a third party java script library requires this voucherCode, such that it should be able to retrieve the actual voucherCode by decryption it. 现在在前端,第三方Java脚本库需要此voucherCode,以便它应该能够通过解密来检索实际的voucherCode。
So here is what we have done 这就是我们所做的
On java side 在Java方面
import javax.xml.bind.DatatypeConverter;
public class Controller{
@RequestMapping("voucherCode")
public String getVoucherCode{
String voucherCode = voucherService.getVoucherCode()
return DatatypeConverter.printBase64Binary(voucherCode.getBytes("UTF-8"))
}
}
So if we have voucher code as 50%OFF then the above code will send NTAlT0ZG as encoded value for 50%OFF. 因此,如果我们将优惠券代码设为50%OFF,则上述代码会将NTAlT0ZG发送为50%OFF的编码值。
Now once we have the encoded value on front end. 现在,一旦我们将编码值放在前端。 In javascript we can get the original value by using 在javascript中,我们可以通过使用获取原始值
window.atob("NTAlT0ZG") // this will return 50%OFF
So this way we can have the enncryption/decryption hand in hand between java and java script. 因此,通过这种方式,我们可以在Java和Java脚本之间进行加密/解密。
window object provides two methods for encrypt and decrypt 窗口对象提供了两种加密和解密方法
window.btoa("50%OFF") // returns NTAlT0ZG
window.atob("NTAlT0ZG") // return original value as "50%OFF"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.