I have a requirement to encrypt a string in java using AES algorithm and to decrypt the data in PHP. I have searched SO but I dint get any exact answer.
我需要使用AES算法加密java中的字符串并在PHP中解密数据。我搜索过但我得到了任何确切的答案。
In some posts, they used Padding. And also they spoke about the key size.
在一些帖子中,他们使用了Padding。他们也谈到了关键尺寸。
But, I don't have any idea about the key size and what padding I should use.
但是,我不知道密钥大小和我应该使用的填充。
So please help me by posting some sample code and explanations to understand better.
所以请通过发布一些示例代码和解释来帮助我更好地理解。
Thanks in advance!!
提前致谢!!
1 个解决方案
#1
2
The key size is not important, any of the available sizes are secure.
密钥大小并不重要,任何可用的大小都是安全的。
AES is a block cipher, that means that input must be a multiple of the block size: 16-bytes. Unless the input is always a multiple of the block size padding will be required.
AES是块密码,这意味着输入必须是块大小的倍数:16字节。除非输入始终是块大小的倍数,否则将需要填充。
The standard padding for AES is PKCS#7 (sometimes stated PKCS#5). The problem is PHP and the usual mcrypt library used, it does not support PKCS#7 padding, only null padding and can not be used with binary data. The bozo maintainers refuse to add PKCS#7 padding. You will have to add your own PKCS#7 padding support if you use mcrypt, it is not hard, generally three lines of code.
AES的标准填充是PKCS#7(有时称为PKCS#5)。问题是PHP和通常使用的mcrypt库,它不支持PKCS#7填充,只支持空填充,不能与二进制数据一起使用。 bozo维护者拒绝添加PKCS#7填充。如果你使用mcrypt,你将不得不添加自己的PKCS#7填充支持,它并不难,通常是三行代码。
But there are more issues. The encryption mode and CBC mode requires an iv which should be random data. Authentication to determine if the decrypted data is correct. The key should not be a string, if it is it should be used to derive a key with a function such as PBKDF2.
但还有更多问题。加密模式和CBC模式需要iv,其应该是随机数据。验证以确定解密数据是否正确。密钥不应该是字符串,如果它应该用于导出具有诸如PBKDF2之类的函数的密钥。
I suggest using RNCryptor which is available for Java, php and many other languages. It provided all the necessary elements to create secure encryption including: AES-256 encryption,CBC mode, password stretching with PBKDF2, password salting, random IV, encrypt-then-hash HMAC authentication, and versioning.
我建议使用RNCryptor,它可用于Java,php和许多其他语言。它提供了创建安全加密的所有必要元素,包括:AES-256加密,CBC模式,使用PBKDF2进行密码扩展,密码腌制,随机IV,加密后哈希HMAC身份验证和版本控制。
#1
2
The key size is not important, any of the available sizes are secure.
密钥大小并不重要,任何可用的大小都是安全的。
AES is a block cipher, that means that input must be a multiple of the block size: 16-bytes. Unless the input is always a multiple of the block size padding will be required.
AES是块密码,这意味着输入必须是块大小的倍数:16字节。除非输入始终是块大小的倍数,否则将需要填充。
The standard padding for AES is PKCS#7 (sometimes stated PKCS#5). The problem is PHP and the usual mcrypt library used, it does not support PKCS#7 padding, only null padding and can not be used with binary data. The bozo maintainers refuse to add PKCS#7 padding. You will have to add your own PKCS#7 padding support if you use mcrypt, it is not hard, generally three lines of code.
AES的标准填充是PKCS#7(有时称为PKCS#5)。问题是PHP和通常使用的mcrypt库,它不支持PKCS#7填充,只支持空填充,不能与二进制数据一起使用。 bozo维护者拒绝添加PKCS#7填充。如果你使用mcrypt,你将不得不添加自己的PKCS#7填充支持,它并不难,通常是三行代码。
But there are more issues. The encryption mode and CBC mode requires an iv which should be random data. Authentication to determine if the decrypted data is correct. The key should not be a string, if it is it should be used to derive a key with a function such as PBKDF2.
但还有更多问题。加密模式和CBC模式需要iv,其应该是随机数据。验证以确定解密数据是否正确。密钥不应该是字符串,如果它应该用于导出具有诸如PBKDF2之类的函数的密钥。
I suggest using RNCryptor which is available for Java, php and many other languages. It provided all the necessary elements to create secure encryption including: AES-256 encryption,CBC mode, password stretching with PBKDF2, password salting, random IV, encrypt-then-hash HMAC authentication, and versioning.
我建议使用RNCryptor,它可用于Java,php和许多其他语言。它提供了创建安全加密的所有必要元素,包括:AES-256加密,CBC模式,使用PBKDF2进行密码扩展,密码腌制,随机IV,加密后哈希HMAC身份验证和版本控制。