{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Ridiculous、 的问题《AES PBE Encrypt in Java / Decrypt in Ruby》','https://www.manongdao.com/q-1346370.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Using the Bouncy Castle PBEWITHSHA256AND128BITAES-CBC-BC algo to encrypt string data in Java. Having a hard time getting it decrypted in ruby. I've seen a handful of examples of similar operations but none where the java PBEKeySpect is salted (not sure of course if that's the issue). For some context here's the Java code;
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHSHA256AND128BITAES-CBC-BC",
org.spongycastle.jce.provider.BouncyCastleProvider.PROVIDER_NAME);
KeySpec spec = new PBEKeySpec("password".toCharArray(),
"8 bytes!", 1024, 128);
SecretKey tmp = factory.generateSecret(spec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secret);
AlgorithmParameters params = cipher.getParameters();
byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
byte[] cipherText = cipher.doFinal("hello world".getBytes());
This runs without issue. We however have not discovered the magic sequence to decrypting it on the Ruby side. If anyone would be willing to share examples of how to decrypt this in ruby (1.9.3) it would be greatly appreciated.
UPDATE
Below is the decryption code in ruby that is currently not working.
d = OpenSSL::Cipher.new("AES-128-CBC")
d.decrypt
key = OpenSSL::PKCS5.pbkdf2_hmac_sha1("password", "8 bytes!", 1024, d.key_len)
d.key = key
d.iv = iv.scan(/../).map{|b|b.hex}.pack('c*')
data = enc.scan(/../).map{|b|b.hex}.pack('c*')
d.update(data) << d.final
This ruby code worked when the Java side is implementing the PBKDF2WithHmacSHA1 algorithm (obviously) but for reasons that I can't exactly elaborate on, we can no longer use that implementation (hence PBEWITHSHA256AND128BITAES-CBC-BC).
OK, there goes. You might have to marshall some parameters to fit though:
Oh, and add Bouncy to your path of course...these are the required import statements:
[EDIT] example usage
[EDIT] forgot to include the license, even if I pointed to it, sorry about the legalize:
Copyright (c) 2000 - 2011 The Legion Of The Bouncy Castle (http://www.bouncycastle.org)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.