使用Bouncycastle解密AES-256-CBC
[英]Decrypting aes-256-cbc using bouncycastle
问题描述
New to bouncyCastle, any help appreciated. 
bouncyCastle的新手,感谢您的帮助。 I am trying to decrypt a file encrypted by third party on my system using bounncycastle java API. 我正在尝试使用bounncycastle java API解密系统上第三方加密的文件。 It seems to decrypt file fine except for the blob of junk data at the beginning on the decrypted file.Code below 除了解密文件开头的垃圾数据斑点外,似乎可以对文件进行解密。
PaddedBufferedBlockCipher aes = new PaddedBufferedBlockCipher(new CBCBlockCipher(
new AESEngine()));
CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(DatatypeConverter.parseHexBinary(keyInfo.getKey())),
DatatypeConverter.parseHexBinary(keyInfo.getInitializationVector()));
aes.init(false, ivAndKey);
byte[] decryptedBytes = cipherData(aes, Base64.decodeBase64(inputStreamToByteArray(new FileInputStream(encryptedFile))));
return new ByteArrayInputStream(decryptedBytes);
private static byte[] cipherData(PaddedBufferedBlockCipher cipher, byte[] data)
throws Exception {
int minSize = cipher.getOutputSize(data.length);
byte[] outBuf = new byte[minSize];
int length1 = cipher.processBytes(data, 0, data.length, outBuf, 0);
int length2 = cipher.doFinal(outBuf, length1);
int actualLength = length1 + length2;
byte[] result = new byte[actualLength];
System.arraycopy(outBuf, 0, result, 0, result.length);
return result;
}
private byte[] inputStreamToByteArray(InputStream is) throws IOException {
ByteArrayOutputStream buffer = new ByteArrayOutputStream();
int numberRead;
byte[] data = new byte[16384];
while ((numberRead = is.read(data, 0, data.length)) != -1) {
buffer.write(data, 0, numberRead);
}
buffer.flush();
return buffer.toByteArray();
}
Decrypted data blob looks fine except for the beginning "???&??ovKw?????C??:?8?06??85042| | " 解密的数据Blob看起来不错,除了开头的“ ???&?? ovKw ????? C ??:?8?06 ?? 85042 | |”
The openssl command to decrypt the file works fine command below. 下面的openssl命令解密文件效果很好。 In fact I am using the key and iv printed out by openssl when decrypting. 实际上,我在解密时使用的是由openssl打印出来的密钥和iv。
openssl aes-256-cbc -d -salt -in encryptedfile.txt -pass pass:password -a -p openssl aes-256-cbc -d-盐-incryptedfile.txt -pass pass:密码-a -p
1 个解决方案
解决方案1
2 已采纳 2015-06-07 19:13:58
The solution is simple: skip the first 16 bytes of the ciphertext blob. 解决方案很简单:跳过密文Blob的前16个字节。 The encrypted blob starts with a magic (you can try and read the first 8 bytes as ASCII text), then 8 bytes of random salt that are used together with the password to derive the key and the IV (using an OpenSSL proprietary password hashing mechanism called EVP_BytesToKey ). 加密的Blob以魔术开头(您可以尝试读取前8个字节作为ASCII文本),然后使用8个字节的随机盐与密码一起使用以得出密钥和IV(使用OpenSSL专有密码哈希机制)称为EVP_BytesToKey )。
Because the previous block is used as a vector for the next block in CBC the followup block of 16 bytes is also affected, giving you 32 random bytes at the start. 由于前一个块被用作CBC中下一个块的向量,因此16个字节的后续块也会受到影响,从而在开始时为您提供32个随机字节。 Instead byte 16 to 31 should have been XOR'ed with the IV. 取而代之的是字节16至31应该与IV进行XOR。
Here's a Java implementation of BytesToKey posted by using my old nickname. 这是使用我的旧昵称发布的BytesToKey的Java实现 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.