Bouncycastle PBEWITHSHA256AND256BITAES-CBC-BC Javascript 实现
我尝试过在 Javascript 中对字符串进行编码以在 java 服务器上进行解码,但未能成功。我们想使用 bouncycastle 算法 PBEWITHSHA256AND256BITAES-CBC-BC 来解码服务器端。
我尝试使用 crypto.js 使用以下代码进行编码:
var encrypted = Crypto.AES.encrypt("it was Professor Plum in the library with the candlestick",
key,
{ mode: new Crypto.mode.CBC });
var encryptedString = Crypto.util.bytesToHex(Crypto.charenc.Binary.stringToBytes(crypted));
但是这在服务器上无法正确解码,我猜测它与 SHA256 有关,但我无法弄清楚它会消化什么?找不到任何文档。有谁知道如何在javascript中执行加密?
I've tried but failed to encode a string in Javascript to decode on a java server. We'd like to use the bouncycastle algorithm PBEWITHSHA256AND256BITAES-CBC-BC to decode serverside.
I've tried using crypto.js to do the encoding using the following code:
var encrypted = Crypto.AES.encrypt("it was Professor Plum in the library with the candlestick",
key,
{ mode: new Crypto.mode.CBC });
var encryptedString = Crypto.util.bytesToHex(Crypto.charenc.Binary.stringToBytes(crypted));
However this doesn't decode correctly on the server, my guess is its something to do with the SHA256 but I can't work out what it would be digesting & can't find any documentation. Does anyone know how to perform the encryption in javascript?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
你需要在两端做同样的事情。您需要相同的密钥。您需要相同的模式 (CBC)、相同的填充(使用 PKCS7)以及相同的 IV。
通过 SHA-256 运行密码短语后,通过显示十六进制来检查您使用的实际密钥在两端是否相同。还要检查 IV 的十六进制。不要使用任何默认值,但明确选择要使用的模式和填充。
如果您认为 PBE/SHA-256 出了问题,那么您可能需要查看文本密码是如何转换为字节的。在传递给 SHA-256 之前再次检查两侧的十六进制。将文本转换为字节是常见的错误来源。您需要非常确定
stringToBytes()正在做什么,并且您在 Java 端使用的任何内容都完全相同。You need to do everything the same at both ends. You need the same key. You need the same mode (CBC) you need the same padding (use PKCS7) and you need the same IV.
Check that the actual key you are using is the same at both ends by displaying the hex, after you have run the passphrase through SHA-256. Check the hex for the IVs as well. Don't use any defaults, but explicitly pick the mode and padding to use.
If you think that it is the PBE/SHA-256 that is going wrong then you might want to look at how your text passphrase is being turned into bytes. Again, check the hex at both sides before it is passed to SHA-256. Converting text to bytes is a common source of errors. You need to be very sure what
stringToBytes()is doing and that whatever you are using on the Java side is doing exactly the same.