Linux进行AES加密每次结果都不一致并且解密失败报错
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Linux进⾏AES加密每次结果都不⼀致并且解密失败报错1. 现象
windows操作系统下进⾏"123456"的AES加密
encrypted message is below :
QLNYZyjRnKF/zxAjzDt/lw==
decrypted message is below :
123456
阿⾥云服务器,同样是"123456"的密码,每次加密结果都不⼀样,且不是QLNYZyjRnKF/zxAjzDt/lw==,解密是报错的
2.解决⽅法
经过检查之后,定位在⽣成KEY的⽅法上,如下:
public static Key getSecretKey(String key) throws Exception {
SecretKey secureKey = null;
if (key == null) {
key = "";
}
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(new SecureRandom(key.getBytes()));
secureKey = keyGenerator.generateKey();
return secureKey;
}
修改到如下⽅式,问题解决:
public static Key getKey(String strKey) {
try {
if (strKey == null) {
strKey = "";
}
KeyGenerator _generator = KeyGenerator.getInstance("AES");
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
secureRandom.setSeed(strKey.getBytes());
_generator.init(128, secureRandom);
return _generator.generateKey();
} catch (Exception e) {
throw new RuntimeException(" 初始化密钥出现异常 ");
}
}
3.原因分析
原因⼀:
SecureRandom 实现完全隨操作系统本⾝的内部状态,除⾮调⽤⽅在调⽤ getInstance ⽅法之后⼜调⽤了 setSeed ⽅法;该实现在 windows 上每次⽣成的 key 都相同,但是在 solaris 或部分 linux 系统上则不同。
原因⼆:
1、加密完byte[] 后,需要将加密了的byte[] 转换成base64保存,如:
BASE64Encoder base64encoder = new BASE64Encoder();
String encode=base64encoder.encode(bytes);
2、解密前,需要将加密后的字符串从base64转回来再解密,如:
BASE64Decoder base64decoder = new BASE64Decoder();
byte[] encodeByte = base64decoder.decodeBuffer(str);
4. 附录完整代码
package com.binfoo.wechat.util;
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class SecurityUtil {
public static String DES = "AES"; // optional value AES/DES/DESede
public static String CIPHER_ALGORITHM = "AES"; // optional value AES/DES/DESede public static Key getKey(String strKey) {
try {
if (strKey == null) {
strKey = "";
}
KeyGenerator _generator = KeyGenerator.getInstance("AES");
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
secureRandom.setSeed(strKey.getBytes());
_generator.init(128, secureRandom);
return _generator.generateKey();
} catch (Exception e) {
throw new RuntimeException(" 初始化密钥出现异常 ");
}
}
public static String encrypt(String data, String key) throws Exception {
SecureRandom sr = new SecureRandom();
Key secureKey = getKey(key);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, secureKey, sr);
byte[] bt = cipher.doFinal(data.getBytes());
String strS = new BASE64Encoder().encode(bt);
return strS;
}
public static String decrypt(String message, String key) throws Exception {
SecureRandom sr = new SecureRandom();
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
Key secureKey = getKey(key);
cipher.init(Cipher.DECRYPT_MODE, secureKey, sr);
byte[] res = new BASE64Decoder().decodeBuffer(message);
res = cipher.doFinal(res);
return new String(res);
}
public static void main(String[] args) throws Exception {
String message = "123456";
String key = "landLeaf";
String encryptMsg = encrypt(message, key);
System.out.println("encrypted message is below :");
System.out.println(encryptMsg);
String decryptedMsg = decrypt(encryptMsg, key);
System.out.println("decrypted message is below :");
System.out.println(decryptedMsg);
}
}。