如何從PBE密鑰生成器獲取哈希值

Question

我想使用PBE生成其他加密密鑰。

public SecretKey generateKey(String Ags) throws Exception { 
    // make password 
    PBEKeySpec keySpec = new PBEKeySpec(this.password.toCharArray(),this.salt,20,56); 

    SecretKeyFactory keyFactory = SecretKeyFactory 
      .getInstance("PBE"); 
    SecretKey key = keyFactory.generateSecret(keySpec); 
    System.out.println(); 

    /* 
    KeyGenerator kg = KeyGenerator.getInstance("AES"); 
    kg.init(k); 
    // 
    SecretKey FINAL_key = new SecretKeySpec(key.getEncoded(), "AES"); 
    */ 
    return null; 
} 

我的基本想法是使用PBEKeySpec和SecretKeyFactory首先生成PBE密鑰，然後拿到前幾個字節，比方說10個字節，生成AES密鑰。但是，在搜索互聯網之後，我仍然不知道如何將最終密鑰作爲byte[]。 key.getEncoded()只會給我輸入密碼。我如何獲得最終密鑰byte[]？

Answer 1

據我所知，通過閱讀documentation，我明白，如果你想創建一個AES密鑰，你需要提供一個至少128位的密鑰的算法。

SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES"); 

所以生成密鑰爲什麼你非要從PBE密鑰得到128位，而是可以使用

byte[] key = (Password+Username).getBytes("UTF-8"); // depends on your implementation 
MessageDigest sha = MessageDigest.getInstance("SHA-1"); 
key = sha.digest(key); 
key = Arrays.copyOf(key, 16); // AES uses 16 byte of key as a parameter (?) 

，你也可以使用PBE密鑰養活SHA並獲得字節那樣。 Okey讓我們來看看你的問題，這是來自我的安全文件夾的完整工作代碼，我記得這對我有用，請隨時提出任何問題。在下面的代碼中，如果你檢查你會發現使用pbeKeySpec生成密鑰，但是當我查看代碼時，雖然我看不到你的錯誤。

public void testPBEWithSHA1AndAES() throws Exception { 
     String password = "test"; 
     String message = "Hello World!"; 

     byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, 
       (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 }; 
     byte[] iv = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, 
       (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99, 
       (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, 
       (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 }; 

     int count = 1024; 
     // int keyLength = 256; 
     int keyLength = 128; 

     String cipherAlgorithm = "AES/CBC/PKCS5Padding"; 
     String secretKeyAlgorithm = "PBKDF2WithHmacSHA1"; 
     SecretKeyFactory keyFac = SecretKeyFactory 
       .getInstance(secretKeyAlgorithm); 
     PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, 
       count, keyLength); 
     SecretKey tmp = keyFac.generateSecret(pbeKeySpec); 
     SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES"); 
     Cipher ecipher = Cipher.getInstance(cipherAlgorithm); 
     ecipher.init(Cipher.ENCRYPT_MODE, secret, new IvParameterSpec(iv)); 

     // decrypt 
     keyFac = SecretKeyFactory.getInstance(secretKeyAlgorithm); 
     pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, count, 
       keyLength); 
     tmp = keyFac.generateSecret(pbeKeySpec); 
     secret = new SecretKeySpec(tmp.getEncoded(), "AES"); 
     // AlgorithmParameters params = ecipher.getParameters(); 
     // byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV(); 
     Cipher dcipher = Cipher.getInstance(cipherAlgorithm); 
     dcipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv)); 

     byte[] encrypted = ecipher.doFinal(message.getBytes()); 
     byte[] decrypted = dcipher.doFinal(encrypted); 
     assertEquals(message, new String(decrypted)); 

     ByteArrayOutputStream out = new ByteArrayOutputStream(); 
     CipherOutputStream cipherOut = new CipherOutputStream(out, ecipher); 
     cipherOut.write(message.getBytes()); 
     StreamUtils.closeQuietly(cipherOut); 
     byte[] enc = out.toByteArray(); 

     ByteArrayInputStream in = new ByteArrayInputStream(enc); 
     CipherInputStream cipherIn = new CipherInputStream(in, dcipher); 
     ByteArrayOutputStream dec = new ByteArrayOutputStream(); 
     StreamUtils.copy(cipherIn, dec); 
     assertEquals(message, new String(dec.toByteArray())); 
    }