解密被加密,在Android上的桌面数据 [英] Decrypting data on desktop that was encrypted on android
问题描述
我有一个应用程序加密一些文本字符串,然后写这一个文件。 该应用的桌面版本被读取文件和解密数据。问题是,每当我解密的桌面版本,我得到一个javax.crypto.BadPaddingException:由于最后一块未正确填充
I have an app which encrypts some text strings, and then writes these to a file. The desktop version of the app is reading the file and decrypts the data. The problem is that whenever I decrypt on the desktop version , I get a "javax.crypto.BadPaddingException: Given final block not properly padded"
这两个应用程序,并使用相同的code桌面:
Both the app and the desktop are using the same code:
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class SSL {
private final static String HEX = "0123456789ABCDEF";
public static String encrypt(Session current, String cleartext) throws Exception {
byte[] rawKey = getRawKey(current.getCurrentSession().getBytes());
byte[] result = encrypt(rawKey, cleartext.getBytes());
return toHex(result);
}
public static String decrypt(Session current, String encrypted) throws Exception {
byte[] rawKey = getRawKey(current.getCurrentSession().getBytes());
byte[] enc = toByte(encrypted);
byte[] result = decrypt(rawKey, enc);
return new String(result);
}
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(128, sr); // 192 and 256 bits may not be available
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static String toHex(String txt) {
return toHex(txt.getBytes());
}
public static String fromHex(String hex) {
return new String(toByte(hex));
}
public static byte[] toByte(String hexString) {
int len = hexString.length()/2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue();
return result;
}
public static String toHex(byte[] buf) {
if (buf == null)
return "";
StringBuffer result = new StringBuffer(2*buf.length);
for (int i = 0; i < buf.length; i++) {
appendHex(result, buf[i]);
}
return result.toString();
}
private static void appendHex(StringBuffer sb, byte b) {
sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f));
}
}
为什么我不能解密在桌面版本的数据?在Android SDK和Java中的加密实现1.7有什么不同?
Why can't I decrypt the data on the desktop version? Are the crypto implementations in Android SDK and java 1.7 different?
请注意:如果我解密对Android的Android的加密数据,它的工作原理。如果我加密和解密在桌面上,它也适用。这个问题似乎是处于这两者之间。
Note: If I decrypt the encrypted android data on the android, it works. If I encrypt and decrypt on the desktop, it also works. The problem seems to be somewhere between those two.
推荐答案
我终于找到了整体解决方案。
I have finally found the whole solution.
有一些重大的问题,我想解释他们在这里,让更多的用户可以找到答案。首先,将两件事情指出邓肯需要被固定。
There were some major issues, and I would like to explain them here so that more users can find the answer. Firstly, the two things pointed out by Duncan needed to be fixed.
解决这些问题后,我仍然有同样的问题,并且发现了用伪随机数创建原始密钥由不同的平台/操作系统做不同。如果你想拥有跨平台independencies,不要用SHA1PRNG作为你的密钥算法。相反,使用PBEWithSHA256And256BitAES-CBC-BC。我使用的BouncyCastle的执行情况,请参见下面的完整的加密code。
After fixing these issues I still had the same problem, and found out that using a pseudo random number to create the raw key is done differently by different platforms/OS'. If you want to have crossplatform independencies, don't use SHA1PRNG as your key algorithm. Instead, use PBEWithSHA256And256BitAES-CBC-BC. I am using the implementation from BouncyCastle, see below for full crypto code.
import java.io.UnsupportedEncodingException;
import java.security.Security;
import java.security.spec.KeySpec;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class SSL {
private final static String HEX = "0123456789ABCDEF";
private final static String ENC = "US-ASCII";
private final static int ITERATION = 1337;
private static final String RANDOM_ALGORITHM = "PBEWithSHA256And256BitAES-CBC-BC";
private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";
private static final String SECRET_KEY_ALGORITHM = "AES";
private static IvParameterSpec ips;
public static void init(byte[] iv) {
if(iv == null) {
iv = new byte[16];
Random random = new Random();
random.nextBytes(iv);
}
ips = new IvParameterSpec(iv);
Security.addProvider(new BouncyCastleProvider());
}
public static byte[] getCertificate() {
return ips.getIV();
}
public static String encrypt(Session current, String cleartext) throws Exception {
byte[] rawKey = getRawKey(current.getCurrentSession().toCharArray());
byte[] result = encrypt(rawKey, cleartext.getBytes(ENC));
return toHex(result);
}
public static String decrypt(Session current, String encrypted) throws Exception {
byte[] rawKey = getRawKey(current.getCurrentSession().toCharArray());
byte[] enc = toByte(encrypted);
byte[] result = decrypt(rawKey, enc);
return new String(result, ENC);
}
private static byte[] getRawKey(char[] seed) throws Exception {
KeySpec keySpec = new PBEKeySpec(seed, ips.getIV(), ITERATION);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(RANDOM_ALGORITHM);
byte[] keyBytes = keyFactory.generateSecret(keySpec).getEncoded();
SecretKey secretKey = new SecretKeySpec(keyBytes, "AES");
return secretKey.getEncoded();
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, SECRET_KEY_ALGORITHM);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, ips);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, SECRET_KEY_ALGORITHM);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, skeySpec, ips);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static String toHex(String txt) throws UnsupportedEncodingException {
return toHex(txt.getBytes(ENC));
}
public static String fromHex(String hex) throws UnsupportedEncodingException {
return new String(toByte(hex), ENC);
}
public static byte[] toByte(String hexString) {
int len = hexString.length()/2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue();
return result;
}
public static String toHex(byte[] buf) {
if (buf == null)
return "";
StringBuffer result = new StringBuffer(2*buf.length);
for (int i = 0; i < buf.length; i++) {
appendHex(result, buf[i]);
}
return result.toString();
}
private static void appendHex(StringBuffer sb, byte b) {
sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f));
}
}
这篇关于解密被加密,在Android上的桌面数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!