gwt 不支持初始化向量

Question

我正在尝试在客户端使用初始化向量和密钥进行解密，但 GWT 无法识别它，我添加了加密库但仍然不受支持。如何使用初始化向量使加密和解密更安全。

在服务器端我能够加密但在客户端我无法解密.. GWT 不支持 KeyGenerator 和 IvParameterSpec

private String encryptDES(String sessionKey) throws Exception {
    KeyGenerator keygenerator = KeyGenerator.getInstance("DESede");
    SecretKey myKey = keygenerator.generateKey();
    SecureRandom sr = new SecureRandom(); 
    byte [] iv = new byte[8]; 
    sr.nextBytes(iv); 
    IvParameterSpec IV = new IvParameterSpec(iv);
    Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");
    cipher.init(Cipher.ENCRYPT_MODE, myKey, IV);
    String encrypted = Base64.encode(cipher.doFinal(sessionKey.getBytes()));
    return encrypted;
}

请帮我解决一下

Answer 1

围绕cryptoJS编写一个包装器 应少于 100 行代码。

从 crypto.js 注入例如 aes

String url = GWT.getModuleBaseForStaticFiles() + "js/aes.js";
ScriptInjector.fromUrl(url).setWindow(ScriptInjector.TOP_WINDOW).inject();

加密

/**
 * Encrypt the given String with the given key.
 *
 * @param s The String to encrypt
 * @param cipher The cipher
 * @return The encrypted String
 */
 public static native String encrypt(String s, String cipher)
 /*-{
    var key = $wnd.CryptoJS.enc.Utf8.parse(cipher);
    var iv = $wnd.CryptoJS.enc.Utf8.parse(cipher);

    var encrypted = $wnd.CryptoJS.AES.encrypt($wnd.CryptoJS.enc.Utf8.parse(s), key,
    {
       keySize: 128 / 8,
       iv: iv,
       mode: $wnd.CryptoJS.mode.CBC,
       padding: $wnd.CryptoJS.pad.Pkcs7
    });

    return encrypted;
 }-*/;

解密

/**
 * Decrypt the given String with the given key.
 *
 * @param s The String to decrypt
 * @param cipher The key
 * @return The decrypted String
 */
public static native String decrypt(String s, String cipher)
/*-{
   var key = $wnd.CryptoJS.enc.Utf8.parse(cipher);
   var iv = $wnd.CryptoJS.enc.Utf8.parse(cipher);

   var decrypted = $wnd.CryptoJS.AES.decrypt(s, key,
   {
      keySize: 128 / 8,
      iv: iv,
      mode: $wnd.CryptoJS.mode.CBC,
      padding: $wnd.CryptoJS.pad.Pkcs7
   });

   return decrypted.toString($wnd.CryptoJS.enc.Utf8);
}-*/;