java aes javax.crypto.BadPaddingException:给定最终块未正确填充 [英] java aes javax.crypto.BadPaddingException: Given final block not properly padded
问题描述
public String getEncrypt(String pass){
String password = encrypt(pass);
返回密码;
}
public String getDecrypt(String pass){
String key =AesSEcREtkeyABCD;
byte [] passwordByte = decrypt(key,pass);
String password = new String(passwordByte);
返回密码;
private byte [] decrypt(String key,String encrypted){
try {
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(),AES );
密码密码= Cipher.getInstance(AES);
cipher.init(Cipher.DECRYPT_MODE,新的SecretKeySpec(skeySpec.getEncoded(),AES));
//获取错误
byte [] original = cipher.doFinal(encrypted.getBytes());
返回原件;
} catch(IllegalBlockSizeException ex){
ex.printStackTrace();
} catch(BadPaddingException ex){
ex.printStackTrace();
} catch(InvalidKeyException ex){
ex.printStackTrace();
} catch(NoSuchAlgorithmException ex){
ex.printStackTrace();
} catch(NoSuchPaddingException ex){
ex.printStackTrace();
}
返回null;
}
私有字符串加密(字符串值){
try {
byte [] raw = new byte [] {'A','e' s','S','E','c','R','E','t','k','e','y','A','B' , 'D'};
SecretKeySpec skeySpec = new SecretKeySpec(raw,AES);
密码密码= Cipher.getInstance(AES);
cipher.init(Cipher.ENCRYPT_MODE,skeySpec);
byte [] encrypted = cipher.doFinal(value.getBytes());
System.out.println(encrypted string:+(new String(encrypted)));
return new String(encrypted);
} catch(NoSuchAlgorithmException ex){
ex.printStackTrace();
} catch(IllegalBlockSizeException ex){
ex.printStackTrace();
} catch(BadPaddingException ex){
ex.printStackTrace();
} catch(InvalidKeyException ex){
ex.printStackTrace();
} catch(NoSuchPaddingException ex){
ex.printStackTrace();
}
返回null;
}
**
每当我解密时,我都有一个空指针。有时它给我正确的解密密码,但有时它给我一个空指针。不能猜到这里有什么问题**
您正在混合字符串和字节数组。这并不总是一件好事。至少指定您用于字节转换的字符集。即使这样也不是100%安全。更好地将字符串视为字符串和字节数组作为字节数组。
如果没有解决它,那么有很多可能会导致Bad Padding错误的事情。基本上任何导致最后一个块的结束不符合预期的填充将导致错误。可能的原因包括:不正确的填充设置,不正确的密钥,损坏的密码文本等。
要尝试并诊断问题,请将解密端设置为 NoPadding
。这将接受任何事情,并允许您检查输出:
-
完成垃圾:您可能在密钥或不同的模式设置。
-
第一块垃圾:您可能会出现键错误或IV错误。
-
最后一块垃圾:可能是cyphertext文件的损坏结束。
-
正确的解密与一些奇怪的字节结束:奇怪的字节是填充。
如果真的只是填充,那么设置解密函数来预期那种填充。否则请检查密钥/ IV / cyphertext是否为字节字节与加密和解密相同。
它是重要的,您在诊断后设置了填充模式。 NoPadding
是不安全的。
public class AES {
public String getEncrypt(String pass){
String password = encrypt(pass);
return password;
}
public String getDecrypt(String pass){
String key = "AesSEcREtkeyABCD";
byte[] passwordByte = decrypt(key,pass);
String password = new String(passwordByte);
return password;
}
private byte[] decrypt(String key, String encrypted) {
try {
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(skeySpec.getEncoded(), "AES"));
//getting error here
byte[] original = cipher.doFinal(encrypted.getBytes());
return original;
} catch (IllegalBlockSizeException ex) {
ex.printStackTrace();
} catch (BadPaddingException ex) {
ex.printStackTrace();
} catch (InvalidKeyException ex) {
ex.printStackTrace();
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
} catch (NoSuchPaddingException ex) {
ex.printStackTrace();
}
return null;
}
private String encrypt(String value) {
try {
byte[] raw = new byte[]{'A', 'e', 's', 'S', 'E', 'c', 'R', 'E', 't', 'k', 'e', 'y','A','B','C','D'};
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(value.getBytes());
System.out.println("encrypted string:" + (new String(encrypted)));
return new String(encrypted);
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
} catch (IllegalBlockSizeException ex) {
ex.printStackTrace();
} catch (BadPaddingException ex) {
ex.printStackTrace();
} catch (InvalidKeyException ex) {
ex.printStackTrace();
} catch (NoSuchPaddingException ex) {
ex.printStackTrace();
}
return null;
}
** I am having a null pointer whenever I decrypt. sometimes it gives me the correct decrypted password but sometimes it gives me a null pointer. can't guess what the problem is here **
You are mixing Strings and byte arrays. That is not always a good thing to do. At the very least specify what charset you are using for the byte to char conversion. Even then it is not 100% safe. Better to treat strings as strings and byte arrays as byte arrays.
If that does not solve it then there are many things that can cause a "Bad Padding" error. Basically anything that causes the end of the last block not to match the expected padding will throw the error. Possible causes include: incorrect padding setting, incorrect key, corrupted cyphertext and others.
To try and diagnose the problem, set the decryption side to NoPadding
. This will accept anything, and allow you to examine the output:
complete garbage: you probably have an error in the key or different mode settings.
first block garbage: you may have a key error or an IV error.
last block garbage: likely a corrupt end to the cyphertext file.
a correct decryption with some strange bytes at the end: the strange bytes are the padding.
If it really is just the padding, then set the decryption function to expect that sort of padding. Otherwise check that the key/IV/cyphertext is byte-for-byte the same for both encryption and decryption.
It is vital that you set a padding mode after diagnosis. NoPadding
is insecure.
这篇关于java aes javax.crypto.BadPaddingException:给定最终块未正确填充的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!