Java中的AES密钥大小
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2585423/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
AES key size in Java
提问by Tom Brito
Testing RSA to encrypt an AES key, I realizedthat RSA has only 1 block with a limited size (settable by the programmer) do store the encrypted key. The question is, when I use:
测试 RSA 以加密 AES 密钥,我意识到RSA 只有 1 个大小有限(可由程序员设置)的块存储加密密钥。问题是,当我使用:
KeyGenerator.getInstance("AES").generateKey()
the AES keys will have a constant size in every computer and jvm implementation?
AES 密钥在每台计算机和 jvm 实现中都有一个恒定的大小?
采纳答案by Steve K
There is an init method in the KeyGenerator that allows you to specify the number of bits.
KeyGenerator 中有一个 init 方法,它允许您指定位数。
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(128);
SecretKey key = keyGenerator.generateKey();
Will that do what you need?
那会做你需要的吗?
The default appearsto be 128 bits, but I would not assume that all JVM's use the same default, or that it will always be the default.
默认值似乎是 128 位,但我不会假设所有 JVM 都使用相同的默认值,或者它始终是默认值。
回答by BenM
Suns Java Cryptography Extension documentationstates that multiple key sizes are supported for AES keys and doesn't provide any information on the default size.
Suns Java Cryptography Extension 文档指出 AES 密钥支持多种密钥大小,但未提供有关默认大小的任何信息。
The maximum size of keys can also vary depending on the jurisdictional files used by different versions of Suns JVM.
密钥的最大大小也可能因不同版本的 Suns JVM 使用的管辖文件而异。
回答by Thomas Pornin
KeyGeneratorhas several init()methods; you should call one of them before generating a key. The Javadoc for KeyGeneratorspecifies that in case you do not call one of the init()method, then "each provider must supply (and document) a default initialization."
KeyGenerator有几种init()方法;您应该在生成密钥之前调用其中之一。Javadoc forKeyGenerator指定,如果您不调用其中一个init()方法,则“每个提供程序必须提供(并记录)默认初始化。”
So this is provider-specific. Since you initialize the key generator with the "AES" algorithm name, one may assume that you will get a key with a size suitable for AES, i.e. 128, 192 or 256 bits (16, 24 and 32 bytes, respectively). But which one you get is up to the actual provider, which may depend upon the JVM and possibly its configuration.
所以这是特定于提供者的。由于您使用“AES”算法名称初始化密钥生成器,因此您可能会假设您将获得一个大小适合 AES 的密钥,即 128、192 或 256 位(分别为 16、24 和 32 字节)。但是你得到哪一个取决于实际的提供者,这可能取决于 JVM 及其配置。
回答by Dmitriy Pichugin
https://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html
https://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html
Every implementation of the Java platform is required to support the following standard Cipher transformations with the keysizes in parentheses:
Java 平台的每个实现都需要支持以下带括号的标准密码转换:
AES/CBC/NoPadding (128)
AES/CBC/PKCS5Padding (128)
AES/ECB/NoPadding (128)
AES/ECB/PKCS5Padding (128)
DES/CBC/NoPadding (56)
DES/CBC/PKCS5Padding (56)
DES/ECB/NoPadding (56)
DES/ECB/PKCS5Padding (56)
DESede/CBC/NoPadding (168)
DESede/CBC/PKCS5Padding (168)
DESede/ECB/NoPadding (168)
DESede/ECB/PKCS5Padding (168)
RSA/ECB/PKCS1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-1AndMGF1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-256AndMGF1Padding (1024, 2048)
