问题确实是由于OpenSSL从密码计算出的密钥所致。
原因很可能是OpenSSL拥有自己的算法来从密码派生密钥EVP_BytesToKey,这与Java的算法不同。
我发现的唯一解决方案是使用该算法的Java重新实现:
private static final int KEY_LENGTH = 32; private byte[] deriveKey(String encryptionPassword, byte[] salt) throws NoSuchAlgorithmException { final byte[] passAndSalt = ArrayUtils.addAll(encryptionPassword.getBytes(), salt); byte[] hash = new byte[0]; byte[] keyAndIv = new byte[0]; for (int i = 0; i < 3 && keyAndIv.length < KEY_LENGTH; i++) { final byte[] dataToHash = ArrayUtils.addAll(hash, passAndSalt); final MessageDigest md = MessageDigest.getInstance("SHA-256"); hash = md.digest(dataToHash); keyAndIv = ArrayUtils.addAll(keyAndIv, hash); } return Arrays.copyOfRange(keyAndIv, 0, KEY_LENGTH);}ArrayUtils 是Apache Commons库的一部分。完整用法:IvParameterSpec initializationVectorSpec = new IvParameterSpec( Hex.depreHex(encryptionInitializationVector.toCharArray()));cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");byte[] salt = new SecureRandom().generateSeed(8);byte[] key = deriveKey(encryptionPassword, salt);Key keySpec = new SecretKeySpec(key, "AES");cipher.init(Cipher.ENCRYPT_MODE, keySpec, initializationVectorSpec);byte[] rawEncryptedInput = cipher.doFinal(input.getBytes());byte[] encryptedInputWithPrependedSalt = ArrayUtils.addAll(ArrayUtils.addAll( "Salted__".getBytes(), salt), rawEncryptedInput);return base64.getEnprer() .enpreToString(encryptedInputWithPrependedSalt);
