使用基於密碼的加密對AES-128 CBC示例的回顧

Question

我需要一些幫助來驗證以下代碼片段，以便使用CBC，PKCS5Padding和IV進行Java AES加密。

我測試了代碼並能夠加密和解密。我有幾個查詢如下所述。

1. 密碼應該存儲在哪裏作爲一個良好的約定？
2. 將ciphetext附加/檢索salt和IV字節的方式是否正確？
3. 其他意見非常感謝，謝謝！

public class Encryption { 

    private static int iterations = 65536; 
    private static int keySize = 128; 
    private static char[] password = "password".toCharArray(); 
    private static String algorithm= "PBKDF2WithHmacSHA1"; 


    private static final String SEPARATOR = "~"; 


    public static void main(String []args) throws Exception { 

     String filePath = "test.xml"; 

     String fileContent = new String(Files.readAllBytes(Paths.get(filePath))); 

     String encrMesg = encrypt(fileContent); 

     System.out.println("Encrypted: " + encrypt(encrMesg)); 

     System.out.println("Decrypted: " + decrypt(encrMesg)); 
    } 


    public static String encrypt(String plaintext) throws Exception { 


     byte[] saltBytes = getSalt().getBytes(); 

     SecretKeyFactory skf = SecretKeyFactory.getInstance(algorithm); 
     PBEKeySpec spec = new PBEKeySpec(password, saltBytes, iterations, keySize); 
     SecretKey secretKey = skf.generateSecret(spec); 
     SecretKeySpec secretSpec = new SecretKeySpec(secretKey.getEncoded(), "AES"); 

     Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 
     cipher.init(Cipher.ENCRYPT_MODE, secretSpec); 
     AlgorithmParameters params = cipher.getParameters(); 

     byte[] ivBytes = params.getParameterSpec(IvParameterSpec.class).getIV(); 
     byte[] cipherText = cipher.doFinal(String.valueOf(plaintext).getBytes("UTF-8")); 

     return DatatypeConverter.printBase64Binary(ivBytes)+SEPARATOR+DatatypeConverter.printBase64Binary(saltBytes) 
     +SEPARATOR+DatatypeConverter.printBase64Binary(cipherText); 
    } 

    public static String decrypt(String encryptedText) throws Exception { 

     System.out.println(encryptedText); 

     String[] encryptedArr = encryptedText.split(SEPARATOR); 

     byte[] ivBytes = DatatypeConverter.parseBase64Binary(new String(encryptedArr[0])); 

     byte[] salt = DatatypeConverter.parseBase64Binary(new String(encryptedArr[1])); 

     byte[] encryptedTextBytes = DatatypeConverter.parseBase64Binary(new String(encryptedArr[2])); 

     SecretKeyFactory skf = SecretKeyFactory.getInstance(algorithm); 
     PBEKeySpec spec = new PBEKeySpec(password, salt, iterations, keySize); 
     SecretKey secretKey = skf.generateSecret(spec); 
     SecretKeySpec secretSpec = new SecretKeySpec(secretKey.getEncoded(), "AES"); 

     Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 
     cipher.init(Cipher.DECRYPT_MODE, secretSpec, new IvParameterSpec(ivBytes)); 

     byte[] decryptedTextBytes = null; 

     try { 
      decryptedTextBytes = cipher.doFinal(encryptedTextBytes); 
     } catch (IllegalBlockSizeException e) { 
      e.printStackTrace(); 
     } catch (BadPaddingException e) { 
      e.printStackTrace(); 
     } 

     return new String(decryptedTextBytes); 

    } 

    public static String getSalt() throws Exception { 

     SecureRandom sr = SecureRandom.getInstance("SHA1PRNG"); 
     byte[] salt = new byte[20]; 
     sr.nextBytes(salt); 
     return new String(salt); 
    } 

} 

Answer 1

查詢

應該在哪裏密碼被存儲爲一個好習慣？

對稱密鑰應該最好放在保險庫中。否則，他們應該繼續使用密鑰存儲庫，但是存在保護密鑰庫密碼的問題。

添加/檢索Salt和IV字節到密碼 文本的方式是否正常？

鹽應產生：

SecureRandom random = SecureRandom.getInstanceStrong(); 

否則，您使用的弱熵池（即的/ dev/urandom的在Linux）來生成你的安全號碼，並導致弱密鑰，可以是更容易破碎。

其他意見非常感謝，謝謝！

您應該在處理字符串轉換時始終使用相同的編碼，即.getBytes("UTF-8")以避免問題。例如，在轉換鹽時不使用它。