使用Java中的co_aes256_algorithm_pem解密SAP中加密的数据

编程问答 2022-08-14

问题描述

我需要解密从SAP获得的文本数据。使用类似于this

的co_aes256_algorithm_pem加密数据

SAP向我发送了一个密钥,并且加密了数据,我们应该使用该密钥来解密Java中的数据。 在SAP方面,IV值(将32 0加到padding)

下面是密钥和加密数据的示例。我试图在简单的Java程序中解密它,但是无法启动具有适当长度的密钥。

    String encryptionKey = "D5F748A3CE9C5AAAFF5C216387C92C43BC5C5BE443281D07E9128759A02FA0A2";
    
    String encryptedString = "AA68A1E527F81C7E2101910AC39B9E482AD85EB37A414492D6F647878236D5466F92B4F650BB89456A282FC01664063FE6B07FA92043F2447463C3529676C81DC050010F84D402460BBE2F031508D0B2109314DDB001D726C012DBA577F9EB5791BF43AEF87D215E5C8C9DC657A869FB509F77EAD71542EA5BC8568F4E636A2575544816AAAFE6A1DE73888A858EA879B754BB0A9DE48B6E52541A999F881AE6EB83C8C548BE5088C31556B86F9A5DABA4105031240B8599EA028C734044E5A5403B196FCA220FB8ECAB176C4F689157961C93AA96EA912558673532A9D6D5D58437137EA28653112A3DBAE35AFF2DC0C4F8A635017274CB713A0207D116E22D5D6C156AEF579FD1D36F4B64DDDB39A97FD8E6DBA4ED9DC970F4F5F2A5E0A8CBEFCE0A3750C31CE01927CBCF9713E28B186B631F331514530C8906D7BC4BEF022466715DEAC62B15DF933E79AFB4152E1472FF456B090CBD6186F288D090A96DA96D4865D6CD835B3C77151BA4F35D6F199B11DF6B1CBA4157888FAA8D1BCB24259F2EB58713826F147C8AC96697C021482F5185E7D232A23C8A0A54E483BC02D033C5FA5D50250AC30D2EBEA6A257B8E3FA441111EC0EF3CBA01FE83681EF5ED233D1D4006F55BDACD50E1A42EE65AB869E41BE6084647DC508DEF4AF4FE8D5E39E92338EAF3AF54D91FFBA1E1F1D7F5DE8893C6CEEED16563EDAE8EDD7032C11F90C698265A0E8D2145489534EE5107D226C1D1F5229FD1E83369A5A7CAABD3CDBFCC643BDD00A640C189C3D582CBE41F697EA3DBA0A33930F616E007AD0695752FABAB91EAD96639651E9E017F039DC7004A9E2FDC06A383E46F8157EFB7FC634BDD9712C9DD9A3F254FED39EB750B2D8D1C8A7A369B5EC292059E7729C1FBDF755518CB2AF8EDFD796D268A32CAD9FF804450E8A0EC17F1A895DCF4E62D0AF845F14A023AD7F9EAF70EA014B34C589B85FAE2AFBE91BB7D0A8F731FD8000FA0766339EA9E451F88AEFC9860B1408EC50D0A7E330CE5A8C39CA84717717DEBC2367A42D057509DA24B391B586934A94DBE2B354A10C4075126D4613BAADC5C9D04F1A76144DAA95BBDA55E6C64DF92C1CC37FA4DA699386EFEC3065D2562101AAAB730BD9F450E87C00282632028EE582B85CBFB4860921EAF1AED0DDE83EA5D64E004EB8DBE771A098C6D804D8B1A7DA5CFCEEF162C0597530AB62937568FB4324B2FC97F2E535FF33668FB1121135D9B7798692D0B8187C9FB0AAE76438524CCD2C4AA97FFEBE666295F4B99278BABE306AE30CDD41C377E1DA6EC65B85FCFCA1E224430C9919B755727C8E86C7CACBB08CDCD5E24ABD5B8E0208FE5A50D59388605B883D32F35A91B201D1A632F26DFA4AC5EDB223DB73974DC206BC70F16E58D0ED0616F9A15C3B4C66E0169813402AF2AA0FF9440A7A368EDEA125EE62DB630FD49183588C68B3964E8BBBA06B02D08350D85A6400F5C97F7DF42E9EB79880337E14A9C0228A502E4D834832CF93859DBD36E68F5811BFD1EAAD30F82A807ECB2C5D44D7CFAAF45497C685A1114A3EFD6FCD9A76CD8FB6CDDF3985396D358B696B59EDA7411A427C495B99289EA4E5F0F64DB60A338B97A211E73EE36D70B3594559FB292E7E5C6A29894F807C70C6324C1F22E7998C107E1D2DB9795AA7C81EA80B6AD5762B50C1925DD06C3DC7FF1B5188749DF27D16F92A79D216111E0F27EF3BEE736F0D84AABB5D874A9B607CB5DC3BC61B41E5FA9F0A8F7931D1E9333281150BF70C719AB893635DE9DDC45F916328DE54F8F3C0C0B9109F7D507FB42CEFB12B9190BB0AED218AE70597DBAB53D3F5BB1E7312D343D9A615A46FC9D0179F20389AC99C7061FA9828C665C8077996D3262A35D68A55B1B682686FF86D2F3E7683E13BB9F828403FAF56F9186448B4F25FC7A0AFB5E2B1FE57D864AD177155C9BACE2D734CEDBA8BE5DCDDA241413ABF739082C48094225CDF069BF89338F9E991A3F6457A56A71B7F941E222E3B6A25E7B1F5892E9997C0E5D6EE8CAC041B455F976901CD25D98BC29FCC347C90445E34599F59DCFAE5477E0D492BC09B263E0516D4A622BA96F78F48B59E01F0DD3CE5113966286BC0DAABD3FD9C470E4EF1A5074819B964102C3C4006A3FD3395A7492B583FCA3AC1F51C7C1E54929A9963A0F9995E7EF7C098ACF4930F1795740E605AE79BFC6CDB0541FEC7259520D0A0588A64B7CD595D5E69CAE43907BEDDFD6DDCBA26486E56313315E83500315F2EA51B67D7F45B29736EDB47A10A614304242C8C1719FE198104BD4CCA50AB78BBB4D0C05D41860BE276FA742FB4BFDA2EFBCAA4DBC2B6542ED660E5F1113B19286833C7393BF846A20E7E2D6C9D8BB9760A4A3D65F92C7FF2E337FEFB4EC7BC6EE9F3C2DF1D78936554ABE0891DF0A4EEE552043A5AC44DA8EF309DC1A9E9226E2AE81813566596F209F9AB51C7B34AEA8BB6C24981A493E399243D7C5AEFEA60287EE7E58549F0A075C8CF120F1A5DC8ABD34553FACE945081BC729E1F1864235E3407845F058FD77E2C97207BCEFA0EECB4FCFE7B78789329D0985BA25C1EEB78846F10B9565659230642734586202542819C3DD1A9B161269CA4BB7454CF0186AF6CE724A31B9F545F4886AC08A2F5EE72254644423920D2C31F20C532DE8614E270B337451C69C695E7CB76D2CFF35896843C91BAA69AE67875243B74CEA1AEA7D9F008026206FA9D2774DA36423FF24B8839A2ECE0AEE750CB339ED015D817E10C802C51F76CF56C387C63FD04632EEBA5FBAFD6166BC034DA1F5697042369D2B1A1C0E0E27D131A079B537A3271682FAA49D7E821DE1DFBA9897CC65A2E8E0AAD17579095EEFB34E3A744D747AC452FDBB36A86502BDB0E";
    
    byte[] encryptedBytes = Base64.getDecoder().decode(encryptedString);
    
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    
    SecretKeySpec secKeySpec = new SecretKeySpec(encryptionKey.getBytes(),"AES");
    
    byte[] ivBytes = { 0,0 };
    IvParameterSpec ivParameterSpec = new IvParameterSpec(ivBytes);

    cipher.init(Cipher.DECRYPT_MODE,secKeySpec,ivParameterSpec);

    String decrypted = new String(cipher.doFinal(encryptedBytes));      
    
    System.out.println(decrypted);

我得到 java.security.InvalidKeyException:无效的AES密钥长度:64个字节

我检查了这个this ,但没有盐。而且我还检查了此this link,但是我无法使用自己的加密密钥生成密钥。

还有其他解决方案吗?怎么解密?

解决方法

如果密钥和密文已被十六进制解码(例如,用hexStringToByteArray()),则我可以解密密文,在CBC模式下使用AES-256,矢量为零(即16个0x00值),和填充:AES/CBC/NoPadding。如果应用了填充,即AES/CBC/PKCS5Padding,则会引发 BadPaddingException

解密的明文开始和结束如下:

"MANDT","MATNR","ERSDA","ERNAM","LAEDA","AENAM",...,"FS_BEV1_FS_NESTRUCCAT","FS

根据链接的网站,AES/CBC/PKCS5Padding用于加密。但是,这与密文不一致,或者仅与不完整的密文不一致(密文的长度(偶然吗?对应于块大小的整数倍)),缺少填充部分。

以下代码可用于解密:

String encryptionKey = "D5F748A3CE9C5AAAFF5C216387C92C43BC5C5BE443281D07E9128759A02FA0A2";      
String encryptedString = "AA68...DB0E";
    
//byte[] encryptedBytes = Base64.getDecoder().decode(encryptedString);                      
byte[] encryptedBytes = hexStringToByteArray(encryptedString);                              // hex decode ciphertext
    
//SecretKeySpec secKeySpec = new SecretKeySpec(encryptionKey.getBytes(),"AES");
SecretKeySpec secKeySpec = new SecretKeySpec(hexStringToByteArray(encryptionKey),"AES");   // hex decode key (32 bytes => AES-256)
    
byte[] ivBytes = { 0,0 };                        // use a zero vector as IV
IvParameterSpec ivParameterSpec = new IvParameterSpec(ivBytes);

Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");                                    // use no padding       
cipher.init(Cipher.DECRYPT_MODE,secKeySpec,ivParameterSpec);

String decrypted = new String(cipher.doFinal(encryptedBytes));
System.out.println(decrypted);                                                              // "MANDT","FS
cryptographyencryptionjavajavasap

相关问答

matplotlib报错:AttributeError: module 'backend_interagg' has no attribute 'FigureCanvas'. Did you mean: 'FigureCanvasAgg'?
使用本地python环境可以成功执行 import pandas as pd impor...
gitlab登录失败,报错:This challenge page was accidentally cached by an intermediary and is no longer available.
设置时间 控制面板
后端开发常见错误
错误1:Request method ‘DELETE‘ not supported 错误还原:...
docker常见错误
错误1:启动docker镜像时报错:Error response from daemon:...
idea常见错误
错误1:private field ‘xxx‘ is never assigned 按Alt...
pip安装依赖失败
报错如下,通过源不能下载,最后警告pip需升级版本 Requirem...