如何用编程语言解密notepad++加密消息
如何用编程语言解密notepad++加密消息
提问于 2021-06-11 04:28:58
纯文本:Hello leon
密码& iv:leon1234leon1234 1234 leon1234leon1234 1234
密码: rijndael cbc 128位
nppcrypto加密信息
<nppcrypt version="1016">
<encryption cipher="rijndael" key-length="16" mode="cbc" encoding="base64" />
<key algorithm="scrypt" N="16384" r="8" p="1" salt="HA==" />
<iv value="bGVvbjEyMzRsZW9uMTIzNA==" method="custom" />
</nppcrypt>
/8r4DGLVYC+YJSPMFQ8lFQ==我使用java BouncyCastle lib进行测试,但是加密结果是不同的。
相关代码在我的github回购处
https://github.com/Leon406/Crypto/blob/master/src/main/kotlin/me/leon/modern/PBE.kt
nppcrypt插件回购:https://github.com/jeanpaulrichter/nppcrypt
编辑:这里也有代码
package me.leon.modern
import com.lambdaworks.crypto.SCryptUtil
import me.leon.base64Decode
import me.leon.toBase64
import org.bouncycastle.crypto.generators.BCrypt
import org.bouncycastle.crypto.generators.KDF2BytesGenerator
import org.bouncycastle.crypto.generators.SCrypt
import org.bouncycastle.util.encoders.Hex
/**
*
*
* https://www.bouncycastle.org/specifications.html
* https://antofthy.gitlab.io/info/crypto/key_derivation.txt
* https://www.openssl.org/docs/manmaster/man1/openssl-kdf.html
* key derivation function
* SCrypt BCrypt PBKDF2 Added in OpenSSL 3.0
* Question? how to interact notepad++ nppcrypto
*/
object PBE {
@JvmStatic
fun main(args: Array<String>) {
val pwd = "leon1234leon1234"
val salt = "HA=="
val ivbase64 = "leon1234leon1234"
val key = SCrypt.generate(pwd.toByteArray(), salt.base64Decode(), 16384, 8, 1, 16).toBase64()
val key2 = BCrypt.generate(pwd.toByteArray(), "iP/MuFEP/jgHs7lBGez7kg==".base64Decode(), 8).toBase64()
println(key)
SCryptUtil.scrypt(pwd,16384,8,1).also {
println("scrypt $it")
}
//$s0$e0801$YzXui6dcQ0qbWnTBP36t+Q==$AW81b69h3HepUIi7pW7ThAKuDdpb1oZ7bFIJrF9zQzA=
//$s0$e0801$bGvjR0//WiaHqAiSDi5Q9g==$8DzAr+nhUyW5fhdj3MLIpovRdp+dLfVoXGqN+Pp3kZU=
SCrypt.generate(pwd.toByteArray(), "YzXui6dcQ0qbWnTBP36t+Q==".base64Decode(), 16384, 8, 1, 32).toBase64().also {
println("scrypt dd $it" )
}
val r = SymmetricCrypto.encrypt(key, "Hello leon", ivbase64, "AES/CBC/PKCS5Padding")
.also { println(it) }
val r2 = SymmetricCrypto.encrypt(key2, "Hello leon", ivbase64, "AES/CBC/PKCS5Padding")
.also { println(it) }
SymmetricCrypto.decrypt(key, r, ivbase64, "AES/CBC/PKCS5Padding").also { println(it) }
SymmetricCrypto.decrypt(key2, r2, ivbase64, "AES/CBC/PKCS5Padding").also { println(it) }
}
}Stack Overflow用户
发布于 2021-06-11 10:18:15
您将密钥传递给SymmetricCrypto.decrypt() Base64编码,但在那里不执行Base64解码,而是执行UTF8编码,s. 这里。由于这个原因,解密失败。
通常key和IV是二进制数据,而不是字符串。因此,两者都应该作为ByteArray在encrypt()/decrypt()中传递。如果要将它们作为字符串传递,则必须执行可靠的二进制到文本编码,例如Base64。
下面的修复使用第二个变体,即传递给decrypt()一个Base64编码的密钥,IV和Base64都在那里解码:
import org.bouncycastle.crypto.generators.SCrypt
import org.bouncycastle.jce.provider.BouncyCastleProvider
import java.security.Security
import java.util.*
import javax.crypto.Cipher
import javax.crypto.SecretKey
import javax.crypto.spec.IvParameterSpec
import javax.crypto.spec.SecretKeySpec
...
val pwd = "leon1234leon1234"
val salt = "HA=="
val key = SCrypt.generate(pwd.toByteArray(), salt.base64Decode(), 16384, 8, 1, 16).toBase64().also { println(it) } // 6owLoTdeL67pEHxJ5gLY9Q==
val iv = "bGVvbjEyMzRsZW9uMTIzNA=="
val ciphertext = "/8r4DGLVYC+YJSPMFQ8lFQ=="
/*SymmetricCrypto.*/decrypt(key, ciphertext, iv, "AES/CBC/PKCS5Padding").also { println(it) } // Hello leon
...
fun decrypt(key: String, data: String, iv: String, alg: String): String {
val cipher = Cipher.getInstance(alg)
val keySpec: SecretKey = SecretKeySpec(key.base64Decode()/*toByteArray()*/, alg.substringBefore("/")) // pass key Base64 encoded and Base64 decode here
if (alg.contains("ECB".toRegex()))
cipher.init(Cipher.DECRYPT_MODE, keySpec)
else
cipher.init(Cipher.DECRYPT_MODE, keySpec, IvParameterSpec(iv.base64Decode()/*toByteArray()*/)) // pass iv Base64 encoded and Base64 decode here
return String(cipher.doFinal(Base64.getDecoder().decode(data)))
}关于担保的几点说明:
- 静态静脉注射是不安全的。nppcrypt支持随机的IVs。IV不应与密码相同。
- 1字节的盐太短了。
- 欧洲央行是不安全的(仅仅是为了完整性,因为在发布的示例中没有使用欧洲央行,而是实现了)。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/67931281
复制相关文章
相似问题
腾讯云开发者
