how to use OpenSSL to decrypt Java AES-encrypted data?

问题

I'm interfacing to a legacy Java application (the app cannot be changed) which is encrypting data using AES. Here is how the original Java code is instantiating the AES cipher:

SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec );

I'm a C/C++ developer, not Java, but from what I can tell this legacy Java code is not specifying the mode, nor the initialization vector. Anyone happen to know what Java would be using by default since it isn't specified?

We need the new C/C++ app to decrypt the Java-encrypted data. But I'm at a loss as to what to use for OpenSSL's initialization vector and chaining mode since I don't know what java does.

回答1:

Possible answer found:

"By default, Java Ciphers (at least in Sun's implementations) are constructed in what is called Electronic Codebook (ECB) mode." (Source: http://www.javamex.com/tutorials/cryptography/block_modes.shtml)

So if ECB is used by default, I guess that means no initialization vector, and I can use the following method from OpenSSL:

void AES_ecb_encrypt(*in, *out, *key, enc);

Using AES_decrypt() I can decrypt 1000+ byte messages that originated on the Java side. So it looks like Java does indeed default to ECB mode with no initialization vector. However, I still cannot encrypt and send a new message to the Java app. Investigation continues.

Got it all working. Thanks for the numerous hints. I can confirm Java uses ECB by default. All padding bytes are set to the number of bytes added (which is known as PKCS5-padding). "Hello World" -> encrypted by Java -> decrypted using OpenSSL will look like "Hello World\5\5\5\5\5".

回答2:

Some cryptographic algorithms require additional initialization parameters; these can be passed to init() as a java.security.AlgorithmParameters object or as a java.security.spec.AlgorithmParameterSpec object. When encrypting, you can omit these parameters, and the Cipher implementation uses default values or generates appropriate random parameters for you. In this case, you should call getParameters() after performing encryption to obtain the AlgorithmParameters used to encrypt. These parameters are required in order to decrypt, and must therefore be saved or transferred along with the encrypted data.

http://docstore.mik.ua/orelly/java-ent/jnut/ch26_01.htm

Are you able to modify the Java code to get ahold of these parameters?