问题
Here is some example code with altered key values and payload:
$key = '/4rTInjwg/H/nA==';
$key = base64_decode($key);
$data = 'val=100|val=200|val=300|val=400|val=500|val=600|val=700|val=800|val=900|';
$data.= 'val2=100|val2=200|val2=300|val2=400|val2=500|val2=600|val2=700|val2=800|val2=900|';
$data.= 'val3=100|val3=200|val3=300|val3=400|val3=500|val3=600|val3=700|val3=800|val3=900|';
$data.= 'val4=100|val4=200|val4=300|val4=400|val4=500|val4=600|val4=700|val4=800|val4=900|';
$result = base64_encode(mcrypt_ecb(MCRYPT_BLOWFISH,$key, $data, MCRYPT_ENCRYPT));
This encrypts and decrypts fine in PHP, but Java and .NET come up with different values, and what's worse, I can't decrypt the results from Java or .NET. When I attempt to decrypt the values from java, I get a string that starts out right, but ends up garbage half way through. I'm working in 5.3x in Windows XP in case anyone wondered.
While I STFW I've noticed several threads where the last comments mention things about base64 messing up the result due to typing problems, and I'm wondering if that's what's going on because the results get so close, the first 50 or so characters match, then things go to @#$!.
I've also read several threads about the block size and padding, but no-one can seem to agree on what the padding should be. I really need to know if Java is padding the text, what the default block size is, what the pad would be? See below:
The java developer is doing:
import org.apache.commons.codec.binary.Base64;
import java.util.ResourceBundle;
import com.sun.crypto.provider.SunJCE;
... snip ...
StringBuffer ourTransferBuffer = new StringBuffer(s);
byte abyte0[] = Base64.decodeBase64(encryptionKey);
SunJCE sunjce = new SunJCE();
Security.addProvider(sunjce);
SecretKeySpec secretkeyspec = new SecretKeySpec(abyte0, "Blowfish");
Cipher cipher = Cipher.getInstance("Blowfish");
cipher.init(1, secretkeyspec);
byte abyte1[] = cipher.doFinal(ourTransferBuffer.toString().getBytes());
s = Base64.encodeBase64String(abyte1);
return s;
... snip ...
I've burned too much time on this already, anyone have any ideas here? Thanks.
回答1:
Figured it out, simple pkcs5 padding fixed the issue.
... snip ...
$data = 'val=100|val=200|val=300|val=400|val=500|val=600|val=700|val=800|val=900|';
$data.= 'val2=100|val2=200|val2=300|val2=400|val2=500|val2=600|val2=700|val2=800|val2=900|';
$data.= 'val3=100|val3=200|val3=300|val3=400|val3=500|val3=600|val3=700|val3=800|val3=900|';
$data.= 'val4=100|val4=200|val4=300|val4=400|val4=500|val4=600|val4=700|val4=800|val4=900|';
$blocksize = mcrypt_get_block_size('blowfish', 'ecb'); // get block size
$pkcs = $blocksize - (strlen($data) % $blocksize); // get pkcs5 pad length
$data.= str_repeat(chr($pkcs), $pkcs); // append pkcs5 padding to the data
// encrypt and encode
$res = base64_encode(mcrypt_ecb(MCRYPT_BLOWFISH,$key, $data, MCRYPT_ENCRYPT));
来源:https://stackoverflow.com/questions/3293928/mcrypt-blowfish-php-slightly-different-results-when-compared-to-java-and-net