how to use OpenSSL to decrypt Java AES-encrypted data?
I\'m interfacing to a legacy Java application (the app cannot be changed) which is encrypting data using AES. Here is how the original Java code is instantiating the AES ci
-
Possible answer found:
"By default, Java Ciphers (at least in Sun's implementations) are constructed in what is called Electronic Codebook (ECB) mode." (Source: http://www.javamex.com/tutorials/cryptography/block_modes.shtml)
So if ECB is used by default, I guess that means no initialization vector, and I can use the following method from OpenSSL:
void AES_ecb_encrypt(*in, *out, *key, enc);
Using
AES_decrypt()I can decrypt 1000+ byte messages that originated on the Java side. So it looks like Java does indeed default to ECB mode with no initialization vector. However, I still cannot encrypt and send a new message to the Java app. Investigation continues.
Got it all working. Thanks for the numerous hints. I can confirm Java uses
ECBby default. All padding bytes are set to the number of bytes added (which is known as PKCS5-padding)."Hello World"-> encrypted by Java -> decrypted using OpenSSL will look like"Hello World\5\5\5\5\5".讨论(0) -
Some cryptographic algorithms require additional initialization parameters; these can be passed to init() as a java.security.AlgorithmParameters object or as a java.security.spec.AlgorithmParameterSpec object. When encrypting, you can omit these parameters, and the Cipher implementation uses default values or generates appropriate random parameters for you. In this case, you should call getParameters() after performing encryption to obtain the AlgorithmParameters used to encrypt. These parameters are required in order to decrypt, and must therefore be saved or transferred along with the encrypted data.
http://docstore.mik.ua/orelly/java-ent/jnut/ch26_01.htm
Are you able to modify the Java code to get ahold of these parameters?
讨论(0) -
Use Bountry castle library in java . it supports c/c++ equivalent to openssl library in java . worked for me
讨论(0)
加载中...
- 热议问题