fix code

2025-07-21 15:09:48 +08:00 · 2021-08-27 10:39:14 +08:00
parent 9a4202ee7d
commit 5d5b62dbd1
4 changed files with 71 additions and 29 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,9 +3,10 @@

 -------------------------------------------------------------------------------------------------------------

-# 5.7.11 (2021-08-26)
+# 5.7.11 (2021-08-27)

 ### 🐣新特性
+* 【crypto 】     修改SymmetricCrypto初始化逻辑

 ### 🐞Bug修复

--- a/hutool-crypto/src/main/java/cn/hutool/crypto/symmetric/SymmetricCrypto.java
+++ b/hutool-crypto/src/main/java/cn/hutool/crypto/symmetric/SymmetricCrypto.java
@@ -132,9 +132,7 @@ public class SymmetricCrypto implements Serializable {
 	 */
 	public SymmetricCrypto(String algorithm, SecretKey key, AlgorithmParameterSpec paramsSpec) {
 		init(algorithm, key);
-		if (null != paramsSpec) {
-			setParams(paramsSpec);
-		}
+		initParams(algorithm, paramsSpec);
 	}

 	// ------------------------------------------------------------------ Constructor end
@@ -150,11 +148,6 @@ public class SymmetricCrypto implements Serializable {
 		Assert.notBlank(algorithm, "'algorithm' must be not blank !");
 		this.secretKey = key;

-		// 对于PBE算法使用随机数加盐
-		if (algorithm.startsWith("PBE")) {
-			this.params = new PBEParameterSpec(RandomUtil.randomBytes(8), 100);
-		}
-
 		// 检查是否为ZeroPadding，是则替换为NoPadding，并标记以便单独处理
 		if (algorithm.contains(Padding.ZeroPadding.name())) {
 			algorithm = StrUtil.replace(algorithm, Padding.ZeroPadding.name(), Padding.NoPadding.name());
@@ -612,6 +605,40 @@ public class SymmetricCrypto implements Serializable {

 	// --------------------------------------------------------------------------------- Private method start

+	/**
+	 * 初始化加密解密参数，如IV等
+	 *
+	 * @param algorithm  算法
+	 * @param paramsSpec 用户定义的{@link AlgorithmParameterSpec}
+	 * @return this
+	 * @since 5.7.11
+	 */
+	private SymmetricCrypto initParams(String algorithm, AlgorithmParameterSpec paramsSpec) {
+		if (null == paramsSpec) {
+			byte[] iv = null;
+			final Cipher cipher = this.cipher;
+			if (null != cipher) {
+				iv = cipher.getIV();
+			}
+
+			// 随机IV
+			if (StrUtil.startWithIgnoreCase(algorithm, "PBE")) {
+				// 对于PBE算法使用随机数加盐
+				if (null == iv) {
+					iv = RandomUtil.randomBytes(8);
+				}
+				paramsSpec = new PBEParameterSpec(iv, 100);
+			} else if (StrUtil.startWithIgnoreCase(algorithm, "AES")) {
+				if (null != iv) {
+					//AES使用Cipher默认的随机盐
+					paramsSpec = new IvParameterSpec(iv);
+				}
+			}
+		}
+
+		return setParams(paramsSpec);
+	}
+
 	/**
 	 * 初始化{@link Cipher}为加密或者解密模式
 	 *
@@ -686,6 +713,7 @@ public class SymmetricCrypto implements Serializable {

 	/**
 	 * 拷贝解密后的流
+	 *
 	 * @param in        {@link CipherInputStream}
 	 * @param out       输出流
 	 * @param blockSize 块大小
--- a/hutool-crypto/src/test/java/cn/hutool/crypto/test/symmetric/AESTest.java
+++ b/hutool-crypto/src/test/java/cn/hutool/crypto/test/symmetric/AESTest.java
@@ -16,7 +16,7 @@ import java.security.SecureRandom;
 public class AESTest {

 	@Test
-	public void encryptTest() {
+	public void encryptCBCTest() {
 		// 构建
 		AES aes = new AES(Mode.CBC, Padding.PKCS5Padding,
 				"1234567890123456".getBytes(), "1234567890123456".getBytes());
@@ -25,7 +25,7 @@ public class AESTest {
 	}

 	@Test
-	public void encryptTest2() {
+	public void encryptCTSTest() {
 		String content = "test中文";
 		AES aes = new AES(Mode.CTS, Padding.PKCS5Padding,
 				"0CoJUm6Qyw8W8jue".getBytes(), "0102030405060708".getBytes());
--- a/hutool-crypto/src/test/java/cn/hutool/crypto/test/symmetric/SymmetricTest.java
+++ b/hutool-crypto/src/test/java/cn/hutool/crypto/test/symmetric/SymmetricTest.java
@@ -14,11 +14,11 @@ import cn.hutool.crypto.symmetric.DESede;
 import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
 import cn.hutool.crypto.symmetric.SymmetricCrypto;
 import cn.hutool.crypto.symmetric.Vigenere;
-import java.nio.charset.StandardCharsets;
 import org.junit.Assert;
 import org.junit.Test;

 import java.io.ByteArrayOutputStream;
+import java.nio.charset.StandardCharsets;

 /**
 * 对称加密算法单元测试
@@ -109,6 +109,19 @@ public class SymmetricTest {
 		Assert.assertEquals("cd0e3a249eaf0ed80c330338508898c4bddcfd665a1b414622164a273ca5daf7b4ebd2c00aaa66b84dd0a237708dac8e", encryptHex);
 	}

+	@Test
+	public void pbeWithoutIvTest() {
+		String content = "4321c9a2db2e6b08987c3b903d8d11ff";
+		SymmetricCrypto crypto = new SymmetricCrypto(SymmetricAlgorithm.PBEWithMD5AndDES,
+				"0123456789ABHAEQ".getBytes());
+
+		// 加密为16进制表示
+		String encryptHex = crypto.encryptHex(content);
+		final String data = crypto.decryptStr(encryptHex);
+
+		Assert.assertEquals(content, data);
+	}
+
 	@Test
 	public void aesUpdateTest() {
 		String content = "4321c9a2db2e6b08987c3b903d8d11ff";