使用 AES/CFB/NoPadding、AES/OFB/NoPadding 或 AES/CBC/NoPadding 的密码太短
[英]Password too short using AES/CFB/NoPadding, AES/OFB/NoPadding or AES/ CBC/NoPadding
问题描述
Can someone help me reinforce or improve the following code to make the resulting passwords "longer".
有人可以帮助我加强或改进以下代码以使生成的密码“更长”。
I am humbly looking for the best way to use AES/CFB/NoPadding , or with AES/CBC/NoPadding , or with AES/OFB/NoPadding .我谦虚地寻找使用AES/CFB/NoPadding或AES/CBC/NoPadding或AES/OFB/NoPadding 的最佳方式。 We have tested with AES/GCM/NOPADDING .我们已经使用AES/GCM/NOPADDING进行了测试。 Which works with Java 8, but not with Java 7. And we need something that works in Java 7它适用于 Java 8,但不适用于 Java 7。我们需要一些适用于 Java 7 的东西
For example, using ' safe ' as <key_to_encrypt>, and ' Bk206V4ytQ1zZAukPE6/2c5KUcxGYpBf ' as <encryption_key>, the pwd is: FX5O5A== which is quite bite "small"例如,使用' safe '作为<key_to_encrypt>,使用' Bk206V4ytQ1zZAukPE6/2c5KUcxGYpBf '作为<encryption_key>,密码为: FX5O5A== ,相当“小”
import java.security.MessageDigest;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.xml.security.utils.Base64;
public class StringEncrypt {
private final static String ALG = "AES";
private final static String CI = "AES/CFB/NoPadding";
public static String encrypt(String cleartext, String key) throws Exception {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(key.getBytes());
IvParameterSpec iv = new IvParameterSpec(md.digest());
Cipher cipher = Cipher.getInstance(CI);
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(), ALG);
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(cleartext.getBytes());
return new String(Base64.encode(encrypted));
}
public static String decrypt(String encrypted, String key) throws Exception {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(key.getBytes());
IvParameterSpec iv = new IvParameterSpec(md.digest());
Cipher cipher = Cipher.getInstance(CI);
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(), ALG);
byte[] enc = Base64.decode(encrypted);
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] decrypted = cipher.doFinal(enc);
return new String(decrypted);
}
public static void main(String[] args) throws Exception {
if (args.length == 2) {
String pwd = StringEncrypt.encrypt(args[0], args[1]);
System.out.println("Key encryption: " + pwd);
pwd = StringEncrypt.decrypt(pwd, args[1]);
if (args[0].equals(pwd)) {
System.out.println("[OK] Correct decryption!");
} else {
System.out.println("[KO] Wrong decryption!");
}
} else {
System.out.println("The parameters are required: <key_to_encrypt> <encryption_key>");
}
}
}
Stated differently, could someone give me an example of good encryption / decryption that works in Java 7?换句话说,有人能给我一个在 Java 7 中有效的加密/解密的例子吗?
1 个解决方案
解决方案1
0 2021-11-16 11:03:30
If you want to increase the length, you need to increase the byte count of the encrypted / decrypted parameter.如果要增加长度,则需要增加加密/解密参数的字节数。 You could hack this by changing the charset although I don't think is best practice:您可以通过更改字符集来破解此问题,尽管我认为这不是最佳实践:
byte[] encrypted = cipher.doFinal(cleartext.getBytes(StandardCharsets.UTF_16));
return new String(decrypted, StandardCharsets.UTF_16);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.