3
我有一些使用PBKDF2生成密钥的C#代码。Java中的PBKDF2与Bouncy Castle vs .NET Rfc2898DeriveBytes?
//byte[] salt = new RNGCryptoServiceProvider().GetBytes(salt);
byte[] salt = new byte[] { 19, 3, 248, 189, 144, 42, 57, 23 }; // for testing
byte[] bcKey = new Rfc2898DeriveBytes("mypassword", salt, 8192).GetBytes(32);
这工作正常。我试图用Bouncy Castle在Java中实现它。无法实现它(Java缺少无符号类型使得它更加恼人)。
SecureRandom random = new SecureRandom();
byte[] salt = u2s(new int[] { 19, 3, 248, 189, 144, 42, 57, 23 });
//random.nextBytes(salt);
PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(("BLK" + password).toCharArray()), salt, keyTransformationRounds);
KeyParameter params = (KeyParameter)generator.generateDerivedParameters(keyLengthBits);
byte[] bcKey = params.getKey();
int[] bcKeyU = s2u(bcKey);
System.out.println(new String(Base64.encode(bcKey), "UTF-8"));
// Helper functions because Java has no unsigned types
//
// EDIT: THESE FUNCTIONS ARE INCORRECT.
// See my answer below for the correct versions.
//
static byte[] u2s(int[] unsignedArray) throws IOException
{
byte[] signedArray = new byte[unsignedArray.length];
for (int i = 0; i < signedArray.length; i++)
{
if (unsignedArray[i] < 0 || unsignedArray[i] > 255)
{
throw new IOException("unsignedArray at " + i + " was not within the range 0 to 255.");
}
signedArray[i] = (byte)(unsignedArray[i] - 128);
}
return signedArray;
}
static int[] s2u(byte[] signedArray)
{
int[] unsignedArray = new int[signedArray.length];
for (int i = 0; i < unsignedArray.length; i++)
{
unsignedArray[i] = (int)(signedArray[i] + 128);
}
return unsignedArray;
}
生成的bcKey字节数组不同。我究竟做错了什么?我是否正在处理从无符号到正确签名的转换,还是不能按我的预期工作?
不要这么做,只是把它转换成字节。 'signedArray [i] =(byte)unsignedArray [i]' – 2011-06-16 00:17:55
它不会截断超出范围的数字吗? – 2011-06-16 01:48:50
是的,但这几乎总是你想要的行为。实际上,它只是将源的低8位复制到目的地。 – 2011-06-17 11:15:12