亚洲在线久爱草,狠狠天天香蕉网,天天搞日日干久草,伊人亚洲日本欧美

為了賬號安全,請及時綁定郵箱和手機立即綁定
已解決430363個問題,去搜搜看,總會有你想問的

使用 CBC 的 Java Blowfish 加密

使用 CBC 的 Java Blowfish 加密

Cats萌萌 2022-10-12 15:31:55
我正在嘗試使用和生成此站點正在執行的操作https://codebeautify.org/encrypt-decryptBlowfishCBC我不確定實際術語是什么,但我想實現的加密方法會產生不一致的加密字符串,盡管使用相同的內容和密鑰,例如,如果我Hello用 key加密key123兩次,第一個結果可能會顯示abcde,第二個結果應該顯示其他內容,例如fghij. 但是同時解密abcde和fghijwithkey123將返回相同的Hello.我也可以知道他們用來產生最終結果的編碼類型是什么?比如 hex/base64,因為我都試過了,但似乎沒有產生類似的結果。
查看完整描述

2 回答

?
瀟湘沐

TA貢獻1816條經驗 獲得超6個贊

更新時間 2019 年 4 月 21 日晚上 9:49 UTC

在@MaartenBodewes 和@MarkJeronimus 指出了一些需要考慮的事情之后,我正在更新答案以使其更正確。但是因為這個問題是關于實現的,而不是關于使它更安全的,所以這個和舊版本應該足以至少提供一些洞察力。同樣,通過修改以下代碼可以實現更安全的解決方案。

變更日志

  • 密鑰派生

  • 處理異常及其詳細信息

  • 對每個數據使用單個 SecureRandom 實例(iv[8 字節] 和 salt[32 字節])

  • 檢查要加密的明文和要解密的加密文本的空值和空值

import javax.crypto.*;

import javax.crypto.spec.SecretKeySpec;

import java.io.UnsupportedEncodingException;

import java.security.InvalidAlgorithmParameterException;

import java.security.InvalidKeyException;

import java.security.NoSuchAlgorithmException;

import java.security.spec.InvalidKeySpecException;

import java.util.Base64;

import javax.xml.bind.DatatypeConverter;

import java.security.SecureRandom;

import java.security.spec.KeySpec;

import javax.crypto.spec.IvParameterSpec;

import javax.crypto.spec.PBEKeySpec;


public class Crypto {

    private static final char[] tempKey = new char[] {'T', 'E', 'M', 'P', '_', 'G', 'E', 'N', '_', 'K', 'E', 'Y'};

    private static final SecureRandom secureRandomForSalt = new SecureRandom();

    private static final SecureRandom secureRandomForIV = new SecureRandom();


    private static byte[] generateSalt() throws RuntimeException {

        try{

            byte[] saltBytes = new byte[32];


            secureRandomForSalt.nextBytes(saltBytes);


            return saltBytes;

        }

        catch(Exception ex){

            ex.printStackTrace();

            throw new RuntimeException("An error occurred in salt generation part. Reason: " + ex.getMessage());

        }

    }


    public static String enc(String content) throws RuntimeException {

        String encClassMethodNameForLogging = Crypto.class.getName() + ".enc" + " || ";


        byte[] salt;

        byte[] encodedTmpSecretKey;

        SecretKeySpec keySpec;

        Cipher cipher;

        byte[] iv;

        IvParameterSpec ivParameterSpec;

        String finalEncResult;


        if(content == null || content.trim().length() == 0) {

            throw new RuntimeException("To be encrypted text is null or empty");

        }


        System.out.println("-- Encrypting -----------");


        try {

            salt = generateSalt();

        }

        catch (Exception ex) {

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in salt generation part. Reason: " + ex.getMessage());

        }


        try {

            SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");

            KeySpec spec = new PBEKeySpec(Crypto.tempKey, salt, 65536, 256);

            SecretKey tmpSecretKey = factory.generateSecret(spec);


            encodedTmpSecretKey = tmpSecretKey.getEncoded();

            System.out.println("-- Secret Key Derivation in Encryption: " + Base64.getEncoder().encodeToString(encodedTmpSecretKey));

        }

        catch (NoSuchAlgorithmException ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in key derivation part. Reason: " + ex.getMessage() + " - Explanation: The particular cryptographic algorithm requested is not available in the environment");

        }

        catch (InvalidKeySpecException ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in key derivation part. Reason: " + ex.getMessage() + " - Explanation: Key length may not be correct");

        }

        catch (Exception ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in key derivation part. Reason: " + ex.getMessage());

        }


        try {

            keySpec = new SecretKeySpec(encodedTmpSecretKey, "Blowfish");

            cipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding");

        }

        catch (NoSuchAlgorithmException ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in cipher instantiation part. Reason: " + ex.getMessage() + " - Explanation: The particular cryptographic algorithm requested is not available in the environment");

        }

        catch (NoSuchPaddingException ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in cipher instantiation part. Reason: " + ex.getMessage() + " - Explanation: The particular padding mechanism is requested but is not available in the environment");

        }

        catch (Exception ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in cipher instantiation part. Reason: " + ex.getMessage());

        }


        try {

            iv = new byte[cipher.getBlockSize()];

            secureRandomForIV.nextBytes(iv);

            ivParameterSpec = new IvParameterSpec(iv);

        }

        catch (Exception ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in iv creation part. Reason: " + ex.getMessage());

        }


        try {

            cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivParameterSpec);

            byte[] encoding = cipher.doFinal(content.getBytes("UTF-8"));


            String encCon = DatatypeConverter.printBase64Binary(encoding);

            String ivStr = DatatypeConverter.printBase64Binary(iv);

            String saltStr = DatatypeConverter.printBase64Binary(salt);


            System.out.println("-- encCon : " + encCon);

            System.out.println("-- iv : " + ivStr);

            System.out.println("-- salt : " + saltStr);


            finalEncResult = encCon + ":" + ivStr + ":" + saltStr;

            System.out.println("-- finalEncRes : " + finalEncResult + "\n");

        }

        catch (InvalidKeyException ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in encryption part. Reason: " + ex.getMessage() + " - Explanation: Most probably you didn't download and copy 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files'");

        }

        catch (InvalidAlgorithmParameterException ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in decryption part. Reason: " + ex.getMessage() + " - Explanation: IV length may not be correct");

        }

        catch (IllegalBlockSizeException ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in decryption part. Reason: " + ex.getMessage() + " - Explanation: The length of data provided to a block cipher is incorrect, i.e., does not match the block size of the cipher");

        }

        catch (BadPaddingException ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in encryption part. Reason: " + ex.getMessage() + " - Explanation: A particular padding mechanism is expected for the input data but the data is not padded properly (Most probably wrong/corrupt key caused this)");

        }

        catch (UnsupportedEncodingException ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in encryption part. Reason: " + ex.getMessage() + " - Explanation: The Character Encoding is not supported");

        }

        catch (Exception ex){

            ex.printStackTrace();

            throw new RuntimeException(encClassMethodNameForLogging + "An error occurred in encryption part. Reason: " + ex.getMessage());

        }


        return finalEncResult;

    }


    public static String dec(String encContent) throws RuntimeException {

        String decClassMethodNameForLogging = Crypto.class.getName() + ".dec" + " || ";


        String decCon;

        byte[] salt;

        byte[] encodedTmpSecretKey;

        SecretKeySpec keySpec;

        Cipher cipher;

        byte[] iv;


        if(encContent == null || encContent.trim().length() == 0) {

            throw new RuntimeException("To be decrypted text is null or empty");

        }


        System.out.println("-- Decrypting -----------");


        try {

            salt = DatatypeConverter.parseBase64Binary(encContent.substring(encContent.lastIndexOf(":") + 1));

        }

        catch (Exception ex) {

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in salt retrieving part. Reason: " + ex.getMessage());

        }


        try {

            SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");

            KeySpec spec = new PBEKeySpec(Crypto.tempKey, salt, 65536, 256);

            SecretKey tmpSecretKey = factory.generateSecret(spec);


            encodedTmpSecretKey = tmpSecretKey.getEncoded();

            System.out.println("-- Secret Key Gathering in Decryption: " + Base64.getEncoder().encodeToString(encodedTmpSecretKey));

        }

        catch (NoSuchAlgorithmException ex){

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in key derivation part. Reason: " + ex.getMessage() + " - Explanation: The particular cryptographic algorithm requested is not available in the environment");

        }

        catch (InvalidKeySpecException ex){

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in key derivation part. Reason: " + ex.getMessage() + " - Explanation: Key length may not be correct");

        }

        catch (Exception ex) {

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in key derivation part. Reason: " + ex.getMessage());

        }


        try {

            keySpec = new SecretKeySpec(encodedTmpSecretKey, "Blowfish");

            cipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding");

        }

        catch (NoSuchAlgorithmException ex){

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in cipher instantiation part. Reason: " + ex.getMessage() + " - Explanation: The particular cryptographic algorithm requested is not available in the environment");

        }

        catch (NoSuchPaddingException ex){

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in cipher instantiation part. Reason: " + ex.getMessage() + " - Explanation : The particular padding mechanism requested is not available in the environment");

        }

        catch (Exception ex) {

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in cipher instantiation part. Reason: " + ex.getMessage());

        }


        try {

            iv = DatatypeConverter.parseBase64Binary(encContent.substring(encContent.indexOf(":") + 1, encContent.lastIndexOf(":")));

        }

        catch (Exception ex) {

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in iv creation part. Reason: " + ex.getMessage());

        }


        try {

            cipher.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(iv));

            byte[] decoding = cipher.doFinal(Base64.getDecoder().decode(encContent.substring(0, encContent.indexOf(":"))));


            decCon = new String(decoding, "UTF-8");

            System.out.println("-- decCon : " + decCon + "\n");

        }

        catch (InvalidKeyException ex){

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in decryption part. Reason: " + ex.getMessage() + " - Explanation: Most probably you didn't download and copy 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files'");

        }

        catch (InvalidAlgorithmParameterException ex){

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in decryption part. Reason: " + ex.getMessage() + " - Explanation: IV length may not be correct");

        }

        catch (IllegalBlockSizeException ex){

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in decryption part. Reason: " + ex.getMessage() + " - Explanation: The length of data provided to a block cipher is incorrect, i.e., does not match the block size of the cipher");

        }

        catch (BadPaddingException ex){

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in encryption part. Reason: " + ex.getMessage() + " - Explanation: A particular padding mechanism is expected for the input data but the data is not padded properly (Most probably wrong/corrupt key caused this)");

        }

        catch (UnsupportedEncodingException ex){

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in encryption part. Reason: " + ex.getMessage() + " - Explanation: The Character Encoding is not supported");

        }

        catch (Exception ex) {

            ex.printStackTrace();

            throw new RuntimeException(decClassMethodNameForLogging + "An error occurred in decryption part. Reason: " + ex.getMessage());

        }


        return decCon;

    }


    public static void main(String args[]) {

        System.out.println("-- Original -------------");

        String plainText = "hello world";

        System.out.println("-- origWord : " + plainText + "\n");


        String e = Crypto.enc(plainText);

        String d = Crypto.dec(e);


        System.out.println("-- Results --------------");

        System.out.println("-- PlainText: " + plainText);

        System.out.println("-- EncryptedText: " + e);

        System.out.println("-- DecryptedText: " + d);

    }

}

此外,可執行版本在下面;

https://www.jdoodle.com/a/19HT


查看完整回答
反對 回復 2022-10-12
?
絕地無雙

TA貢獻1946條經驗 獲得超4個贊

將不同的輸出映射回同一輸入的唯一方法是向輸入添加額外的數據,并將其從解密的輸出中剝離。使用 PKCS5Padding 是不夠的,因為這不是隨機的,在最壞的情況下,只添加 1 個字節。使用 IV 沒有用,因為它需要在解密時知道。


最簡單的方法是在加密時添加一定數量的字節(例如等于塊大小)的隨機數據,而在解密時忽略這些字節。此隨機數據的名稱是 Number Used Once 中的“nonce”。(不要與密切相關的“鹽”混淆,后者是您保留以備后用的數字)。


順便說一句,我沒有讓這個與網站相匹配。我不知道網站是如何加密的,因為它將所有輸入值發送到服務器并顯示響應。談安全...


private static final SecureRandom SECURE_RANDOM = new SecureRandom();


public static String enc(String content, String key) {

    String encCon = "";


    try {

        String IV = "12345678";


        SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "Blowfish");

        Cipher        cipher  = Cipher.getInstance("Blowfish/CBC/PKCS5Padding");


        byte[] nonce = new byte[cipher.getBlockSize()];

        SECURE_RANDOM.nextBytes(nonce);


        // Construct plaintext = nonce + secret

        byte[] secret    = content.getBytes(StandardCharsets.UTF_8);

        byte[] plaintext = new byte[nonce.length + secret.length];

        System.arraycopy(nonce, 0, plaintext, 0, nonce.length);

        System.arraycopy(secret, 0, plaintext, nonce.length, secret.length);


        cipher.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(IV.getBytes(StandardCharsets.UTF_8)));

        byte[] encoding = cipher.doFinal(plaintext);


        encCon = DatatypeConverter.printBase64Binary(encoding);

    } catch (Exception ex) {

        ex.printStackTrace();

    }


    return encCon;

}


public static String dec(String content, String key) {

    String decCon = "";


    try {

        String IV = "12345678";


        SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "Blowfish");

        Cipher        cipher  = Cipher.getInstance("Blowfish/CBC/PKCS5Padding");


        // Decode Base64

        byte[] ciphertext = DatatypeConverter.parseBase64Binary(content);


        // Decrypt

        cipher.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(IV.getBytes(StandardCharsets.UTF_8)));

        byte[] message = cipher.doFinal(ciphertext);


        decCon = new String(message,

                            cipher.getBlockSize(),

                            message.length - cipher.getBlockSize(),

                            StandardCharsets.UTF_8);

    } catch (Exception ex) {

        ex.printStackTrace();

    }


    return decCon;

}

附言。您知道將秘密存儲在字符串中是個壞主意嗎?字符串是最終的,因此內容不能被刪除。字節數組可以被擦除(為簡潔起見,本例中沒有這樣做)。您是否還知道您可以制作任何可以查看任何其他 Windows 程序的完整內存占用的 Windows 程序?


查看完整回答
反對 回復 2022-10-12
  • 2 回答
  • 0 關注
  • 75 瀏覽
慕課專欄
更多

添加回答

舉報

0/150
提交
取消
微信客服

購課補貼
聯系客服咨詢優惠詳情

 幫助反饋 APP下載

慕課網APP
您的移動學習伙伴

 公眾號

掃描二維碼
關注慕課網微信公眾號