java aes javax.crypto.BadPaddingException:给定最终块未正确填充 [英] java aes javax.crypto.BadPaddingException: Given final block not properly padded
问题描述
public String getEncrypt(String pass){
String password = encrypt(pass);
返回密码;
}
public String getDecrypt(String pass){
String key =AesSEcREtkeyABCD;
byte [] passwordByte = decrypt(key,pass);
String password = new String(passwordByte);
返回密码;
private byte [] decrypt(String key,String encrypted){
try {
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(),AES );
密码密码= Cipher.getInstance(AES);
cipher.init(Cipher.DECRYPT_MODE,新的SecretKeySpec(skeySpec.getEncoded(),AES));
//获取错误
byte [] original = cipher.doFinal(encrypted.getBytes());
返回原件;
} catch(IllegalBlockSizeException ex){
ex.printStackTrace();
} catch(BadPaddingException ex){
ex.printStackTrace();
} catch(InvalidKeyException ex){
ex.printStackTrace();
} catch(NoSuchAlgorithmException ex){
ex.printStackTrace();
} catch(NoSuchPaddingException ex){
ex.printStackTrace();
}
返回null;
}
私有字符串加密(字符串值){
try {
byte [] raw = new byte [] {'A','e' s','S','E','c','R','E','t','k','e','y','A','B' , 'D'};
SecretKeySpec skeySpec = new SecretKeySpec(raw,AES);
密码密码= Cipher.getInstance(AES);
cipher.init(Cipher.ENCRYPT_MODE,skeySpec);
byte [] encrypted = cipher.doFinal(value.getBytes());
System.out.println(encrypted string:+(new String(encrypted)));
return new String(encrypted);
} catch(NoSuchAlgorithmException ex){
ex.printStackTrace();
} catch(IllegalBlockSizeException ex){
ex.printStackTrace();
} catch(BadPaddingException ex){
ex.printStackTrace();
} catch(InvalidKeyException ex){
ex.printStackTrace();
} catch(NoSuchPaddingException ex){
ex.printStackTrace();
}
返回null;
}
**
每当我解密时,我都有一个空指针。有时它给我正确的解密密码,但有时它给我一个空指针。不能猜到这里有什么问题**
您正在混合字符串和字节数组。这并不总是一件好事。至少指定您用于字节转换的字符集。即使这样也不是100%安全。更好地将字符串视为字符串和字节数组作为字节数组。
如果没有解决它,那么有很多可能会导致Bad Padding错误的事情。基本上任何导致最后一个块的结束不符合预期的填充将导致错误。可能的原因包括:不正确的填充设置,不正确的密钥,损坏的密码文本等。
要尝试并诊断问题,请将解密端设置为 NoPadding 。这将接受任何事情,并允许您检查输出:
-
完成垃圾:您可能在密钥或不同的模式设置。
-
第一块垃圾:您可能会出现键错误或IV错误。
-
最后一块垃圾:可能是cyphertext文件的损坏结束。
-
正确的解密与一些奇怪的字节结束:奇怪的字节是填充。
如果真的只是填充,那么设置解密函数来预期那种填充。否则请检查密钥/ IV / cyphertext是否为字节字节与加密和解密相同。
它是重要的,您在诊断后设置了填充模式。 NoPadding 是不安全的。
public class AES {
public String getEncrypt(String pass){
String password = encrypt(pass);
return password;
}
public String getDecrypt(String pass){
String key = "AesSEcREtkeyABCD";
byte[] passwordByte = decrypt(key,pass);
String password = new String(passwordByte);
return password;
}
private byte[] decrypt(String key, String encrypted) {
try {
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(skeySpec.getEncoded(), "AES"));
//getting error here
byte[] original = cipher.doFinal(encrypted.getBytes());
return original;
} catch (IllegalBlockSizeException ex) {
ex.printStackTrace();
} catch (BadPaddingException ex) {
ex.printStackTrace();
} catch (InvalidKeyException ex) {
ex.printStackTrace();
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
} catch (NoSuchPaddingException ex) {
ex.printStackTrace();
}
return null;
}
private String encrypt(String value) {
try {
byte[] raw = new byte[]{'A', 'e', 's', 'S', 'E', 'c', 'R', 'E', 't', 'k', 'e', 'y','A','B','C','D'};
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(value.getBytes());
System.out.println("encrypted string:" + (new String(encrypted)));
return new String(encrypted);
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
} catch (IllegalBlockSizeException ex) {
ex.printStackTrace();
} catch (BadPaddingException ex) {
ex.printStackTrace();
} catch (InvalidKeyException ex) {
ex.printStackTrace();
} catch (NoSuchPaddingException ex) {
ex.printStackTrace();
}
return null;
}
** I am having a null pointer whenever I decrypt. sometimes it gives me the correct decrypted password but sometimes it gives me a null pointer. can't guess what the problem is here **
You are mixing Strings and byte arrays. That is not always a good thing to do. At the very least specify what charset you are using for the byte to char conversion. Even then it is not 100% safe. Better to treat strings as strings and byte arrays as byte arrays.
If that does not solve it then there are many things that can cause a "Bad Padding" error. Basically anything that causes the end of the last block not to match the expected padding will throw the error. Possible causes include: incorrect padding setting, incorrect key, corrupted cyphertext and others.
To try and diagnose the problem, set the decryption side to NoPadding. This will accept anything, and allow you to examine the output:
complete garbage: you probably have an error in the key or different mode settings.
first block garbage: you may have a key error or an IV error.
last block garbage: likely a corrupt end to the cyphertext file.
a correct decryption with some strange bytes at the end: the strange bytes are the padding.
If it really is just the padding, then set the decryption function to expect that sort of padding. Otherwise check that the key/IV/cyphertext is byte-for-byte the same for both encryption and decryption.
It is vital that you set a padding mode after diagnosis. NoPadding is insecure.
这篇关于java aes javax.crypto.BadPaddingException:给定最终块未正确填充的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
