AES 256加密/解密中的MySQL和Java互操作性

发布于 2025-02-06 02:56:30 字数 876 浏览 2 评论 0原文

以下加密和解密在MySQL（AES-256-CBC）模式中正常工作，

SET block_encryption_mode = 'aes-256-cbc';

select
cast(
aes_decrypt(
from_base64('StThdNXA+CWvlg+of/heJQ=='),
sha2(concat('ssshhhhhhhhhhh!!','ENCRYPTION_KEY$&'),256),
'ssshhhhhhhhhhh!!'
)
as char);

select to_base64(aes_encrypt(
'test_value',
sha2(concat('ssshhhhhhhhhhh!!','ENCRYPTION_KEY$&'),256),
'ssshhhhhhhhhhh!!'
));

我试图解密在MySQL中加密的值，但没有运气。

以下是我的MySQL查询SHA256（SALT+KEY）中的关键，

select sha2(concat('ssshhhhhhhhhhh!!','ENCRYPTION_KEY$&'),256);

我可以在Java中获得相同的值：

Hashing.sha256().hashString("ssshhhhhhhhhhh!!ENCRYPTION_KEY$&", StandardCharsets.UTF_8).toString();

有没有一种自定义的方法可以使弹力城堡/其他API使用相同的秘密钥匙来解密？

原文

The following encryption and decryption works fine in mysql (aes-256-cbc) mode

SET block_encryption_mode = 'aes-256-cbc';

select
cast(
aes_decrypt(
from_base64('StThdNXA+CWvlg+of/heJQ=='),
sha2(concat('ssshhhhhhhhhhh!!','ENCRYPTION_KEYamp;'),256),
'ssshhhhhhhhhhh!!'
)
as char);

select to_base64(aes_encrypt(
'test_value',
sha2(concat('ssshhhhhhhhhhh!!','ENCRYPTION_KEYamp;'),256),
'ssshhhhhhhhhhh!!'
));

I am trying to decrypt value that was encrypted in mysql but no luck.

The following is the key in my mysql query sha256(salt+key)

select sha2(concat('ssshhhhhhhhhhh!!','ENCRYPTION_KEYamp;'),256);

The same value I am able to get in java :

Hashing.sha256().hashString("ssshhhhhhhhhhh!!ENCRYPTION_KEYamp;", StandardCharsets.UTF_8).toString();

Is there a custom way I can make bouncy castle/other API use same secret key to decrypt ?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

〗斷ホ乔殘χμё〖 2025-02-13 02:56:30

MySQL内部使用EVP_BYTESTOKEY的OPENSL算法用作推导函数。

mySQL加密和解密示例：

SET block_encryption_mode = 'aes-128-cbc';
SET block_encryption_mode = 'aes-256-cbc';
select 
cast(
    aes_decrypt(
        from_base64('MKicK+vAcZkq/g3wpTKxVg=='),
        'ENCRYPTION_KEYamp;',
        'ssshhhhhhhhhhh!!'
    )
as char);


select to_base64(aes_encrypt(
'test_value',
'ENCRYPTION_KEYamp;',
'ssshhhhhhhhhhh!!'
));

有一个jar支持此EVP_BYTESTOKEY密钥推导功能。

 JAR : not-going-to-be-commons-ssl-0.3.19

公共课程另一个{

byte[] key = "ENCRYPTION_KEYamp;".getBytes(StandardCharsets.UTF_8);
byte[] iv = "ssshhhhhhhhhhh!!".getBytes(StandardCharsets.UTF_8);

String cipher = "AES-128-CBC";

@Test
public void testEncrypt() throws Exception {
    byte[] data = "test_message".getBytes(StandardCharsets.UTF_8);
    byte[] encrypted = OpenSSL.encrypt(cipher, key, iv, data, true);
    System.out.println(new String(encrypted));
}

@Test
public void testDecrypt() throws GeneralSecurityException, IOException {
    byte[] encrypted = "rQ8Y0ClNu5d4ODZQ3XcQtw==".getBytes(StandardCharsets.UTF_8);
    byte[] decrypted = OpenSSL.decrypt(cipher, key, iv, encrypted);
    System.out.println(new String(decrypted));
}

}

以这种方式互操作性！希望这可以帮助一个尝试做同样的人的人。

MySQL internally uses OpenSSL algorithm with EVP_BytesToKey as the derivation function. Check out this url

MySQL encrypt and decrypt sample:

SET block_encryption_mode = 'aes-128-cbc';
SET block_encryption_mode = 'aes-256-cbc';
select 
cast(
    aes_decrypt(
        from_base64('MKicK+vAcZkq/g3wpTKxVg=='),
        'ENCRYPTION_KEYamp;',
        'ssshhhhhhhhhhh!!'
    )
as char);


select to_base64(aes_encrypt(
'test_value',
'ENCRYPTION_KEYamp;',
'ssshhhhhhhhhhh!!'
));

There is a JAR that supports this EVP_BytesToKey key derivation function.

 JAR : not-going-to-be-commons-ssl-0.3.19

public class AnotherTry {

byte[] key = "ENCRYPTION_KEYamp;".getBytes(StandardCharsets.UTF_8);
byte[] iv = "ssshhhhhhhhhhh!!".getBytes(StandardCharsets.UTF_8);

String cipher = "AES-128-CBC";

@Test
public void testEncrypt() throws Exception {
    byte[] data = "test_message".getBytes(StandardCharsets.UTF_8);
    byte[] encrypted = OpenSSL.encrypt(cipher, key, iv, data, true);
    System.out.println(new String(encrypted));
}

@Test
public void testDecrypt() throws GeneralSecurityException, IOException {
    byte[] encrypted = "rQ8Y0ClNu5d4ODZQ3XcQtw==".getBytes(StandardCharsets.UTF_8);
    byte[] decrypted = OpenSSL.decrypt(cipher, key, iv, encrypted);
    System.out.println(new String(decrypted));
}

}

This way interoperability is achieved, finally ! Hope this helps someone who's trying to do the same.

回复收藏 0 原文

~没有更多了~