據我所知,通過閱讀documentation,我明白,如果你想創建一個AES密鑰,你需要提供一個至少128位的密鑰的算法。
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
所以生成密鑰爲什麼你非要從PBE密鑰得到128位,而是可以使用
byte[] key = (Password+Username).getBytes("UTF-8"); // depends on your implementation
MessageDigest sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16); // AES uses 16 byte of key as a parameter (?)
,你也可以使用PBE密鑰養活SHA並獲得字節那樣。 Okey讓我們來看看你的問題,這是來自我的安全文件夾的完整工作代碼,我記得這對我有用,請隨時提出任何問題。在下面的代碼中,如果你檢查你會發現使用pbeKeySpec生成密鑰,但是當我查看代碼時,雖然我看不到你的錯誤。
public void testPBEWithSHA1AndAES() throws Exception {
String password = "test";
String message = "Hello World!";
byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
(byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };
byte[] iv = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
(byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99,
(byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
(byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };
int count = 1024;
// int keyLength = 256;
int keyLength = 128;
String cipherAlgorithm = "AES/CBC/PKCS5Padding";
String secretKeyAlgorithm = "PBKDF2WithHmacSHA1";
SecretKeyFactory keyFac = SecretKeyFactory
.getInstance(secretKeyAlgorithm);
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt,
count, keyLength);
SecretKey tmp = keyFac.generateSecret(pbeKeySpec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher ecipher = Cipher.getInstance(cipherAlgorithm);
ecipher.init(Cipher.ENCRYPT_MODE, secret, new IvParameterSpec(iv));
// decrypt
keyFac = SecretKeyFactory.getInstance(secretKeyAlgorithm);
pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, count,
keyLength);
tmp = keyFac.generateSecret(pbeKeySpec);
secret = new SecretKeySpec(tmp.getEncoded(), "AES");
// AlgorithmParameters params = ecipher.getParameters();
// byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
Cipher dcipher = Cipher.getInstance(cipherAlgorithm);
dcipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
byte[] encrypted = ecipher.doFinal(message.getBytes());
byte[] decrypted = dcipher.doFinal(encrypted);
assertEquals(message, new String(decrypted));
ByteArrayOutputStream out = new ByteArrayOutputStream();
CipherOutputStream cipherOut = new CipherOutputStream(out, ecipher);
cipherOut.write(message.getBytes());
StreamUtils.closeQuietly(cipherOut);
byte[] enc = out.toByteArray();
ByteArrayInputStream in = new ByteArrayInputStream(enc);
CipherInputStream cipherIn = new CipherInputStream(in, dcipher);
ByteArrayOutputStream dec = new ByteArrayOutputStream();
StreamUtils.copy(cipherIn, dec);
assertEquals(message, new String(dec.toByteArray()));
}
這可以運行,但是,tmp.getEncoded()總是返回這等於你的密碼,我在我的問題提到的,也不管鹽有什麼相同的值。 – panda