1. 首页
  2. 问答
  3. 加密,并在某些情况下,AES ECB模式“BadPaddingException”解密

加密,并在某些情况下,AES ECB模式“BadPaddingException”解密

2016-01-21 96 views
8

在安卓/ Java应用程序加密,并在某些情况下,AES ECB模式“BadPaddingException”解密

public static void setKey(String myKey) { 

     MessageDigest sha = null; 
     try { 
      key = new byte[]{(byte) '5', (byte) 'F', (byte) '8', (byte) 'p', (byte) 'J', (byte) 't', (byte) 'v', (byte) 'U', (byte) 'm', (byte) 'q', (byte) 'k', (byte) '7', (byte) 'A', (byte) 'M', (byte) 'v', (byte) 'b', (byte) 'q', (byte) 'o', (byte) 'H', (byte) 'M', (byte) '9', (byte) 'a', (byte) 'p', (byte) '4', (byte) '9', (byte) 'm', (byte) 'c', (byte) 'u', (byte) 'u', (byte) '5', (byte) 'B', (byte) 'X'}; 
      System.out.println(new String(key, "UTF-8")); 
      secretKey = new SecretKeySpec(key, "AES"); 
     } catch (UnsupportedEncodingException e) { 
      // TODO Auto-generated catch block 
      e.printStackTrace(); 
     } 
    } 


    public static String encrypt(String strToEncrypt) { 
     try { 
      Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); 
      cipher.init(Cipher.ENCRYPT_MODE, secretKey); 
      setEncryptedarr(cipher.doFinal(strToEncrypt.getBytes("UTF-8"))); 
      setEncryptedString(String.valueOf(Base64.encode(cipher.doFinal(strToEncrypt.getBytes("UTF-8")), Base64.DEFAULT))); 
      //setEncryptedString(Base64.encodeBase64String(cipher.doFinal(strToEncrypt.getBytes("UTF-8")))); 
     } catch (Exception e) { 
      e.printStackTrace(); 
      System.out.println("Error while encrypting: " + e.toString()); 
     } 
     return null; 
    } 

    public static String decryptbyte(byte[] strToDecrypt) { 
     try { 
      Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING"); 
      cipher.init(Cipher.DECRYPT_MODE, secretKey); 
      setDecryptedarr(cipher.doFinal(strToDecrypt)); 
      System.out.println("encrypt : decropted size : " + getDecryptedarr().length); 
      setDecryptedString(new String(cipher.doFinal(strToDecrypt))); 
     } catch (Exception e) { 
      System.out.println("Error wnhile decrypting: " + e.toString()); 
      e.printStackTrace(); 
     } 
     return null; 
    } 

    public static String decrypt(String strToDecrypt) { 
     try { 
      Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING"); 
      cipher.init(Cipher.DECRYPT_MODE, secretKey); 
      setDecryptedarr(cipher.doFinal(Base64.decode(strToDecrypt, Base64.DEFAULT))); 
      setDecryptedString(new String(cipher.doFinal(Base64.decode(strToDecrypt, Base64.DEFAULT)))); 

     } catch (Exception e) { 
      e.printStackTrace(); 
      System.out.println("Error while decrypting: " + e.toString()); 

     } 
     return null; 
    }

我对这个代码的工作:http://aesencryption.net/ 我用这个剪掉代码运行良好的情况下,在使用时它的: encryptbyte和decryptbyte whitch以字节[] 我测试它的加密它的结果在这个网站http://aesencryption.net/

但我需要它decript数据从服务器附带(响应来串) 当我将字符串为byte []的代码总是thraw例外: javax.crypto.IllegalBlockSizeException:错误:0606506D:数字信封套路:EVP_DecryptFinal_ex:错误最终块长度**

我认为这是变相时字符串到byte []它改变,如果那是什么是正确的转换方式。 请咨询。

此代码thraw例外:

try { 
    AES.setKey(""); 
    final String strToDecrypt = "tATTXSdXI4w0oiu/fzgpyA=="; 
    AES.decryptbyte(toBytes(strToDecrypt.toCharArray())); 
} catch (Exception ex) { 
    ex.printStackTrace(); 
}

这是例外

01-21 15:24:55.861 15700-15700/ W/System.err: javax.crypto.IllegalBlockSizeException: error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length 
01-21 15:24:55.861 15700-15700/ W/System.err:  at com.android.org.conscrypt.NativeCrypto.EVP_CipherFinal_ex(Native Method) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at com.android.org.conscrypt.OpenSSLCipher.doFinalInternal(OpenSSLCipher.java:430) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at com.android.org.conscrypt.OpenSSLCipher.engineDoFinal(OpenSSLCipher.java:466) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at javax.crypto.Cipher.doFinal(Cipher.java:1340) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1118) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2648) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2769) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at android.app.ActivityThread.access$900(ActivityThread.java:177) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1430) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at android.os.Handler.dispatchMessage(Handler.java:102) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at android.os.Looper.loop(Looper.java:135) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at android.app.ActivityThread.main(ActivityThread.java:5910) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at java.lang.reflect.Method.invoke(Native Method) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at java.lang.reflect.Method.invoke(Method.java:372) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1405) 
01-21 15:24:55.861 15700-15700/ W/System.err:  at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1200)

来源

2016-01-21 Wael Abo-Aishah

+0

数据在哪里?添加一些十六进制转储并检查它们。如果你了解各种编码,这将有所帮助。 ECB模式也是不安全的,就像一个密钥的字符串一样,只有当你想说你使用加密,但并不真正需要安全性时,ECB模式才是合适的。 – zaph

回答

-1

我解决这个问题.... 用了填充和ZeroBytePadding模式下的服务器加密AES是唯一的工作模式...... 工作代码:

public class AESCryptt { 
    private static final String TAG = "AESCrypt"; 
    private static final String AES_MODE = "AES/ECB/ZeroBytePadding"; 
    private static final String CHARSET = "UTF-8";// 
    public static boolean DEBUG_LOG_ENABLED = false; 


    private static SecretKeySpec generateKey(final String password) throws NoSuchAlgorithmException, UnsupportedEncodingException { 
     byte[] key = new byte[]{your key in byte here (byte) a, (byte) f , ..... }; 
     SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES"); 
     return secretKeySpec; 
    } 


    /** 
    * Encrypt and encode message using 256-bit AES with key generated from password. 
    * 
    * 
    * @param password used to generated key 
    * @param message the thing you want to encrypt assumed String UTF-8 
    * @return Base64 encoded CipherText 
    * @throws GeneralSecurityException if problems occur during encryption 
    */ 
    public static String encrypt(final String password, String message) 
      throws GeneralSecurityException { 
     try { 
      final SecretKeySpec key = generateKey(password); 
      log("message", message); 
      byte[] cipherText = encrypt(key, ivBytes, message.getBytes(CHARSET)); 
      //NO_WRAP is important as was getting \n at the end 
      String encoded = String.valueOf(Base64.encodeToString(cipherText, Base64.NO_PADDING)); 
      log("Base64.NO_WRAP", encoded); 
      return encoded; 
     } catch (UnsupportedEncodingException e) { 
      if (DEBUG_LOG_ENABLED) 
       Log.e(TAG, "UnsupportedEncodingException ", e); 
      throw new GeneralSecurityException(e); 
     } 
    } 


    /** 
    * More flexible AES encrypt that doesn't encode 
    * @param key AES key typically 128, 192 or 256 bit 
    * @param iv Initiation Vector 
    * @param message in bytes (assumed it's already been decoded) 
    * @return Encrypted cipher text (not encoded) 
    * @throws GeneralSecurityException if something goes wrong during encryption 
    */ 
    public static byte[] encrypt(final SecretKeySpec key, final byte[] iv, final byte[] message) 
      throws GeneralSecurityException { 
     final Cipher cipher = Cipher.getInstance(AES_MODE); 
     IvParameterSpec ivSpec = new IvParameterSpec(iv); 
     cipher.init(Cipher.ENCRYPT_MODE, key);//, ivSpec 
     byte[] cipherText = cipher.doFinal(message); 
     log("cipherText", cipherText); 
     return cipherText; 
    } 


    /** 
    * Decrypt and decode ciphertext using 256-bit AES with key generated from password 
    * 
    * @param password used to generated key 
    * @param base64EncodedCipherText the encrpyted message encoded with base64 
    * @return message in Plain text (String UTF-8) 
    * @throws GeneralSecurityException if there's an issue decrypting 
    */ 
    public static String decrypt(final String password, String base64EncodedCipherText) 
      throws GeneralSecurityException { 

     try { 
      final SecretKeySpec key = generateKey(password); 
      log("base64EncodedCipherText", base64EncodedCipherText); 
      byte[] decodedCipherText = Base64.decode(base64EncodedCipherText, Base64.DEFAULT); 
      log("decodedCipherText", decodedCipherText); 
      byte[] decryptedBytes = decrypt(key, ivBytes, decodedCipherText); 
      log("decryptedBytes", decryptedBytes); 
      String message = new String(decryptedBytes, CHARSET); 
      log("message", message); 
      return message; 
     } catch (UnsupportedEncodingException e) { 
      if (DEBUG_LOG_ENABLED) 
       Log.e(TAG, "UnsupportedEncodingException ", e); 
      throw new GeneralSecurityException(e); 
     } 
    } 


    /** 
    * More flexible AES decrypt that doesn't encode 
    * 
    * @param key AES key typically 128, 192 or 256 bit 
    * @param iv Initiation Vector 
    * @param decodedCipherText in bytes (assumed it's already been decoded) 
    * @return Decrypted message cipher text (not encoded) 
    * @throws GeneralSecurityException if something goes wrong during encryption 
    */ 
    public static byte[] decrypt(final SecretKeySpec key, final byte[] iv, final byte[] decodedCipherText) 
      throws GeneralSecurityException { 
     final Cipher cipher = Cipher.getInstance(AES_MODE); 
     IvParameterSpec ivSpec = new IvParameterSpec(iv); 
     cipher.init(Cipher.DECRYPT_MODE, key);//, ivSpec 
     byte[] decryptedBytes = cipher.doFinal(decodedCipherText); 
     log("decryptedBytes", decryptedBytes); 
     return decryptedBytes; 
    } 




    private static void log(String what, byte[] bytes) { 
     if (DEBUG_LOG_ENABLED) 
      Log.d(TAG, what + "[" + bytes.length + "] [" + bytesToHex(bytes) + "]"); 
    } 

    private static void log(String what, String value) { 
     if (DEBUG_LOG_ENABLED) 
      Log.d(TAG, what + "[" + value.length() + "] [" + value + "]"); 
    } 


    /** 
    * Converts byte array to hexidecimal useful for logging and fault finding 
    * @param bytes 
    * @return 
    */ 
    private static String bytesToHex(byte[] bytes) { 
     final char[] hexArray = {'0', '1', '2', '3', '4', '5', '6', '7', '8', 
       '9', 'A', 'B', 'C', 'D', 'E', 'F'}; 
     char[] hexChars = new char[bytes.length * 2]; 
     int v; 
     for (int j = 0; j < bytes.length; j++) { 
      v = bytes[j] & 0xFF; 
      hexChars[j * 2] = hexArray[v >>> 4]; 
      hexChars[j * 2 + 1] = hexArray[v & 0x0F]; 
     } 
     return new String(hexChars); 
    } 

    private AESCryptt() { 
    } 
}

,你可以调用它像:

try { 
     header = AESCryptt.encrypt("the key is fixed is this case",header); 
    } catch (Exception ex) { 
     ex.printStackTrace(); 
     System.out.println("eee , exception during encrypt log in data . . . ."); 
    }

来源

2016-01-23 16:35:26

2

代码的最后位:strToDecrypt = "tATTXSdXI4w0oiu/fzgpyA=="似乎有一个base64编码,注意尾随==字符。这是有道理的,因为加密是面向数据字节的,而不是面向字符串的

Base64 "tATTXSdXI4w0oiu/fzgpyA=="
十六进制:B404D35D2757238C34A22BBF7F3829C8(16字节)。

您需要的Base64编码解码为数据字节的代码:

AES.setKey(""); 
final String strToDecrypt = "tATTXSdXI4w0oiu/fzgpyA=="; 
AES.decryptbyte(toBytes(strToDecrypt.toCharArray()));

还要注意的是,上面的代码中有一个关键的一个空字符串,这是一个错误。

来源

2016-01-21 15:54:17 zaph

+0

服务器的响应是在Base64编码中的,我把它放在String中然后用byte数组来解密它,在这种情况下我得到异常,请教如何处理掉String。 和Base64我测试它在网站:http://aesencryption.net/你可以试试它 和关键是预定义.setKey(“”)只是设置预定义的键 检查setKey()以上 。请致电 。 –

+1

加密原语获取数据字节并产生数据字节。有一些实现可以在之前和/或之后添加编码,但不是加密部分。它似乎是你似乎遇到麻烦的编码部分。你真的需要花时间学习字符串及其编码的细节,Base64以及为什么使用它,十六进制和纯数据字节。 – zaph

+0

我解决了这个问题,通过将加密类型更改为AES/ECB/ZerobytePaddding,使Base64和byte [] 转换出现问题并执行解密操作。 –

相关问题

 相关问题