用Java加密(AES),用C ++解密(OpenSSL)
[英]Encrypt in Java (AES), Decrypt in C++ (OpenSSL)
问题描述
All, 
所有,
I'm trying to encrypt a string in Java using AES 256 and decrypt it in C++ using openssl. 我正在尝试使用AES 256加密Java中的字符串,并使用openssl在C ++中解密它。 In java I: 在Java中,我:
- Generated a SecretKey in a JCEKS 在JCEKS中生成了SecretKey
- Encrypted the string 加密的字符串
- encoded both the string and getEncoded() from the SecretKey in base64 从base64中的SecretKey编码了字符串和getEncoded()
Now I'm trying to decrypt it in C++ using OpenSSL: 现在,我正在尝试使用OpenSSL在C ++中对其进行解密:
string encoded = string("LtANvfmnb5zj+4+g6I7hC53eHMIRa4BOkzMpXYLlA9DRnRWjQjO9uMot6hR7zzTIOtdmkRJ16aVZRfIT3sYn17jYEJjvAN9/N7FbblLplCtOuHatGffH0pSf8lu76SUzDIZU+EXgTnK1SsEa4sndcXvg5jaElxr4GCHq+F2aL7t+LVjbqWg4kpYkYbKdrKQgOsMCbBBG2aMFTmQ/cxnVyH8juC/ZTSrPMyjZ7KxS0P9PzfmxkeSi3VsBIjXL6Q4pneZeemP+1JdG02yQWhruJUuH5aRE0piQ776lxt6g0wU=");
string encodedKey = string("1rE2AM4Xf0ItxN/s1oDvaNmXhXlVF3hE+vSkyMPzDl4=");
string decodedEnc = base64_decode(encoded);
string decodedKey = base64_decode(encodedKey);
const unsigned char *keyBytes = reinterpret_cast<const unsigned char*>(decodedKey.c_str());
const unsigned char *in = reinterpret_cast<const unsigned char*>(decodedEnc.c_str());
cout << "initializing" << endl;
AES_KEY key;
/* set the encryption key */
AES_set_encrypt_key(keyBytes, 256, &key);
unsigned char *out = (unsigned char*) malloc(1024);
cout << "Decrypting" << endl;
AES_ecb_encrypt(in,out,&key,AES_DECRYPT);
cout << "decrypted " << out << endl;
char* dec = reinterpret_cast< char*>(out);
string decrypted = std::string(dec);
cout << "Decrypted String : '" << decrypted << "'" << endl;
All I am getting is garbage printed to the terminal. 我得到的只是将垃圾打印到终端上。 I feel like I'm close, so any help would be greatly appreciated. 我觉得我已经接近了,所以我们将不胜感激。
Thanks Marc 谢谢马克
3 个解决方案
解决方案1
1 2011-05-12 12:40:31
according to my understanding, try the decryption key and then AES_decrypt which should be called as follows: 根据我的理解,尝试解密密钥,然后尝试AES_decrypt ,应按以下方式调用:
cout << "Decrypting" << endl;
from this line onwards... use the code as follows: 从这一行开始...使用如下代码:
AES_KEY k
AES_set_decrypt_key(keyBytes, 256, &k);
unsigned char* outdecrypt = new unsigned char[1024];
AES_decrypt(out, outdecrypt, &k);
解决方案2
0 2011-04-23 22:02:49
In addition to checking key length, make sure both Java and C/OpenSSL are using the same Initialization Vector (IV). 除了检查密钥长度之外,请确保Java和C / OpenSSL都使用相同的初始化向量(IV)。 Some frameworks initialize it for you, others do not. 一些框架会为您初始化它,而其他框架则不会。 This is the vector of data that the initial block will be XOR'd with (IIRC, at least in one encoding mode), where AES XORs each block against the previous block. 这是初始块将与之进行异或的数据向量(IIRC,至少在一种编码模式下),其中AES将每个块与前一个块进行异或。 Without this (IIRC it's CBC / cyclic block coding), the last block can be inspected as it typically has padding that is easy to verify in a brute force manner. 没有此功能(IIRC是CBC /循环块编码),可以检查最后一个块,因为它通常具有易于以蛮力方式验证的填充。
解决方案3
-1 2011-04-23 19:11:10
I believe one of the Java framework or OpenSSL supports 128 bit keys, and not 256 byte keys. 我相信Java框架或OpenSSL之一支持128位密钥,而不支持256字节密钥。
< Referenced bug report > < 引用的错误报告 >
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.