How to emulate Javascript crypto AES

 

I have the following Javascript code in a web page: 

  var decrypt = function (text, password){
    var decipher = crypto.createDecipher('aes-256-cbc',password);
    var dec = decipher.update(text,'hex','utf8');
    dec += decipher.final('utf8');
    return dec;
  }

, and I'm trying to reproduce it using Java, using the following: 

static MessageDigest MD5 = null;

static {
    try {
        MD5 = MessageDigest.getInstance("MD5");
    } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException(e);
    }
}


public static String decrypt(String cipherText, String password)
        throws GeneralSecurityException, UnsupportedEncodingException {
    byte[] passwordBytes = hexStringToByteArray(password);
    byte[] keyBytes = MD5.digest(passwordBytes);
    byte[] keyAndPassword = new byte[keyBytes.length + passwordBytes.length];
    System.arraycopy(keyBytes, 0, keyAndPassword, 0, keyBytes.length);
    System.arraycopy(passwordBytes, 0, keyAndPassword, keyBytes.length, passwordBytes.length);
    byte[] ivBytes = MD5.digest(keyAndPassword);
    SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
    IvParameterSpec iv = new IvParameterSpec(ivBytes);

    byte[] encrypted = hexStringToByteArray(cipherText);
    Cipher aesCBC = Cipher.getInstance("AES/CBC/PKCS5Padding");
    aesCBC.init(Cipher.DECRYPT_MODE, key, iv);
    byte[] decryptedData = aesCBC.doFinal(encrypted);
    return new String(decryptedData, StandardCharsets.UTF_8);
}

public static byte[] hexStringToByteArray(String s) {
    int len = s.length();
    byte[] data = new byte[len / 2];
    for (int i = 0; i < len; i += 2) {
        data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16));
    }
    return data;
}

which pieces bits from:

  • Encrypt with Node.js Crypto module and decrypt with Java (in Android app)
  • CryptoJS AES encryption and Java AES decryption

    • , but I get "javax.crypto.BadPaddingException: Given final block not properly padded", on parameters which the JS function decodes correctly.

    Note that Given final block not properly padded does not answer this question- as it is obvious that this is a padding problem but the solution is to replicate whatever the JS crypto lib does, which is not well documented.

    链接地址: http://www.djcxy.com/p/49164.html

    上一篇: 无法从密码输入流中反序列化密封对象

    下一篇: 如何模拟Javascript crypto AES