您无需为此提供BouncyCastleProvider,因为AES已经包含在Java中。但是,PKCS#7填充错误地由指示
"PKCS5Padding",因此
"AES/CBC/PKCS7Padding"如果没有Bouncy
Castle ,则无法指示。
Unipre.NET 的默认编码实际上与UTF-16LE更兼容。将其留给Microsoft不要遵循标准名称(尽管它们可能早于标准名称)。
Java JCE并不是真正像C#类那样围绕流构建的,因此最好完全避免流。
我已经重写了您的示例代码,以显示如何在Java中正确进行编码(不过您需要与Java
7兼容)。不要将异常推到桌子底下,将它们变成
AssertError或
RuntimeException。
我使用的是Bouncy Castle base 64解码器,因为这是您和我都可以使用的解码器(但除此之外,它独立于Bouncy)。Java
8包含一个基数64类。
因此,事不宜迟:
import static java.nio.charset.StandardCharsets.UTF_16LE;import java.security.GeneralSecurityException;import java.util.Arrays;import javax.crypto.BadPaddingException;import javax.crypto.Cipher;import javax.crypto.IllegalBlockSizeException;import javax.crypto.spec.IvParameterSpec;import javax.crypto.spec.SecretKeySpec;import org.bouncycastle.util.enprers.base64;public class AuthenticationStringDecrypter { private static final String AES_CBC_PKCS5PADDING = "AES/CBC/PKCS5PADDING"; private static final int KEY_SIZE = 256; public static void main(final String[] args) throws Exception { System.out.println(decryptAuthorizationString( "c1W2YO1vYQzu6czteEidrG0U4g5gT4h57vAlP7tdjcY=", "GAT")); } private static String decryptAuthorizationString(final String authString, final String password) { try { // --- check if AES-256 is available if (Cipher.getMaxAllowedKeyLength(AES_CBC_PKCS5PADDING) < KEY_SIZE) { throw new IllegalStateException("Unlimited crypto files not present in this JRE"); } // --- create cipher final Cipher cipher = Cipher.getInstance(AES_CBC_PKCS5PADDING); // --- create the key and initial vector bytes final byte[] passwordEnpred = password.getBytes(UTF_16LE); final byte[] keyData = Arrays.copyOf(passwordEnpred, KEY_SIZE / Byte.SIZE); final byte[] ivBytes = Arrays.copyOf(keyData, cipher.getBlockSize()); // --- init cipher cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(keyData, "AES"), new IvParameterSpec(ivBytes)); // --- depre & decrypt authentication string final byte[] authBytes = base64.depre(authString); final byte[] decryptedData = cipher.doFinal(authBytes); // WARNING: may still decrypt to wrong string if // authString or password are incorrect - // BadPaddingException may *not* be thrown return new String(decryptedData, UTF_16LE); } catch (BadPaddingException | IllegalBlockSizeException e) { // failure to authenticate return null; } catch (final GeneralSecurityException e) { throw new IllegalStateException( "Algorithms or unlimited crypto files not available", e); } }}
