Rijndael 256加密:Java和.NET不匹配

时间:2013-04-04 07:20:36

标签: java .net powershell bouncycastle rijndael

我需要将带有Rijandael加密的powershell脚本翻译成Java。 以下是源代码shellhell代码:

[Reflection.Assembly]::LoadWithPartialName("System.Security")
Add-Type -AssemblyName System.Web

$sKy = "bbee9a3e8e44e28edb4539186d182aaa"  
$sIV  = "131a68dc13160766f37dc931d7e518aa"

$myRijndael = New-Object System.Security.Cryptography.RijndaelManaged
$myRijndael.KeySize = 256
$myRijndael.BlockSize = 256
$myRijndael.Mode = [System.Security.Cryptography.CipherMode]::CBC
$myRijndael.Padding = [System.Security.Cryptography.PaddingMode]::Zeros

[byte[]] $key = [Text.Encoding]::ASCII.GetBytes($sKy)
[byte[]] $IV = [Text.Encoding]::ASCII.GetBytes($sIV)

$encryptor = $myRijndael.CreateEncryptor($key, $IV)
$msEncrypt = new-Object IO.MemoryStream 
$csEncrypt = new-Object Security.Cryptography.CryptoStream $msEncrypt,$encryptor,"Write"

$toEncrypt = [Text.Encoding]::ASCII.GetBytes("TEST_TEXT_TO_ENCODE")

$csEncrypt.Write($toEncrypt, 0, $toEncrypt.Length)
$csEncrypt.FlushFinalBlock()
$encrypted = $msEncrypt.ToArray()

对于Java加密,我使用bouncycastle及其RijndaelEngine具有相同的参数 - CBC,256块大小,零填充。这是我的java代码片段:

byte[] sessionKey = "bbee9a3e8e44e28edb4539186d182aaa".getBytes(); 
byte[] iv = "131a68dc13160766f37dc931d7e518aa".getBytes();
byte[] plaintext = "TEST_TEXT_TO_ENCODE".getBytes();

PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
    new CBCBlockCipher(new RijndaelEngine(256)), new ZeroBytePadding());

int keySize = 256 / 8;

CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(sessionKey, 0, keySize), iv, 0, keySize);

cipher.init(true, ivAndKey);
byte[] encrypted  = new byte[cipher.getOutputSize(plaintext.length)];
int oLen = cipher.processBytes(plaintext, 0, plaintext.length, encrypted, 0);
cipher.doFinal(encrypted, oLen);

用于密钥,初始向量和要加密的文本的字节数组绝对相同:

secret key: [98, 98, 101, 101, 57, 97, 51, 101, 56, 101, 52, 52, 101, 50, 56, 101, 100, 98, 52, 53, 51, 57, 49, 56, 54, 100, 49, 56, 50, 97, 97, 97]
initial vector: [49, 51, 49, 97, 54, 56, 100, 99, 49, 51, 49, 54, 48, 55, 54, 54, 102, 51, 55, 100, 99, 57, 51, 49, 100, 55, 101, 53, 49, 56, 97, 97]
text to encrypt: [84, 69, 83, 84, 95, 84, 69, 88, 84, 95, 84, 79, 95, 69, 78, 67, 79, 68, 69]

但是PowerShell和Java的结果数组不同:

powershell: [241, 100, 194, 184, 166, 85, 15, 212, 186, 220, 85, 136, 16, 194, 93, 11, 243, 245, 230, 207, 224, 88, 255, 153, 185, 9, 43, 78, 219, 138, 7, 222]
java: [-15, 100, -62, -72, -90, 85, 15, -44, -70, -36, 85, -120, 16, -62, 93, 11, -13, -11, -26, -49, -32, 88, -1, -103, -71, 9, 43, 78, -37, -118, 7, -34]

拜托,有人可以通过bouncycastle帮我弄清楚我在Java中做错了什么吗?我和它一起堆了一整天......

1 个答案:

答案 0 :(得分:12)

你的结果相同的,据我所知 - 只是在Java中,字节被签名。 (这很狡猾,但它不会影响你得到的实际比特。)

如果在Java结果中为每个负值添加256,您将看到它们与.NET代码相同:

.NET:      241  100  194  184  166

Java:      -15  100  -62  -72  -90

Java+256:  241  100  194  184  166
for -ve

(等)

或者,只需打印出两个字节数组的无符号十六进制表示 - 甚至可以对它们进行base64编码 - 你会看到它们是相同的。

相关问题