使用AES / ECB / NoPadding加密和解密不会提供相同的纯文本 [英] Encrypt and decrypt doesn't give the same plain text using AES/ECB/NoPadding
问题描述
String plain1= "Test";
byte[] cipher = SplashSecure.getInstance().encrypt2(plain1);
String plain2 = SplashSecure.getInstance().decrypt2(cipher);
plain =Test 。
plain = Test������������������������
解密后 plainText2 应该等于 plaintext 。
加密/解密方法。
public void initKey(String key) {
String paddedKey = Utils.padString(key);
mKeyspec = new SecretKeySpec(Utils.getBytes(paddedKey), "AES/ECB/NoPadding");
// Utils.getBytes returns "paddedKey.getBytes("CP1252")"
}
public byte[] encrypt2(String data) {
try {
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, mKeyspec);
String paddedData = Utils.padString(data);
return cipher.doFinal(Utils.getBytes(paddedData));
} catch(InvalidKeyException e) {
e.printStackTrace();
// Series of catch blocks
}
return null;
}
public String decrypt2(byte[] cypherText) {
try {
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, mKeyspec);
byte[] plainTextBytes = cipher.doFinal(cypherText);
return Utils.getString(plainTextBytes);
// Utils.getString returns "new String(bytes, "CP1252");"
} catch(InvalidKeyException e) {
// Series of catch blocks.
}
return null;
}
编辑
Edit
public static String padString(String source) {
char paddingChar = '\0';
int size = 16;
int padLength = size - source.length() % size;
for (int i = 0; i < padLength; i++) {
source += paddingChar;
}
return source;
}
编辑
我正在尝试使加密解密在Windows(其他加密的客户端和服务器)和Android上正常工作。 Windows客户端是使用Rijndael类( http:/ /svn.openfoundry.org/pcman/2007.06.03/Lite/Rijndael.h )和Android使用 http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-java/Rijndael.java 。 Windows客户端已加密数据并将其存储在服务器上。我需要为Android构建一个客户端,以获取加密的数据,对其解密并显示给用户。
Edit
I'm trying to get the encryption-decryption working across Windows (other client that encrypts, and server) and Android. The Windows client is a VC++ app that uses a Rijndael class (http://svn.openfoundry.org/pcman/2007.06.03/Lite/Rijndael.h) and Android uses http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-java/Rijndael.java. The Windows client has encrypted the data and stored it on the server. I need to build a client for android that fetches the encrypted data, decrypt it and display to the user.
我确定我使用正确的密钥解密。
I'm sure I'm using the correct key to decrypt.
推荐答案
AES的块大小为128位(即16个字节)。它只能 以这种大小的块处理数据,因此,即使您已告知它使用 NoPadding ,它也无法执行。
AES has a block size of 128 bits (i.e 16 bytes). It can only process data in blocks of this size, so even though you have told it to use NoPadding it is unable to comply.
这里最有可能发生的事情是,您使用的AES实现在内部将您的四个输入字节最多填充16个字节并加密结果。解密时,您会得到相同的16个字节,即'T','e','s','t'和12个垃圾字节。
The most likely thing that is happening here is that the AES implementation you are using is internally padding your four bytes of input up to 16 bytes and encrypting the result. When you decrypt, you get the same 16 bytes back out, i.e. 'T', 'e', 's', 't' and 12 garbage bytes.
您看到的输出支持以下内容:测试后跟24个?符号。我不知道为什么为每个垃圾字节打印两个?符号,但是我猜测这与解释unicode中的垃圾字节有关。通过打印出解密的blob的原始字节值,您可以看到发生了什么。
The output you see supports this: "Test" followed by 24 ? symbols. I don't know why it's printing two ? symbols for each garbage byte, but I'm guessing it's something to do with interpreting the garbage bytes in unicode. You could see what is going on by printing out the raw byte values of the decrypted blob.
简短的回答是, NoPadding对于一个块没有意义密码(或者,更确切地说,如果您要使用NoPadding,则必须自己填充和取消填充)。
The short answer is that 'NoPadding' doesn't make sense for a block cipher (or, rather, if you are going to use NoPadding then you have to pad and unpad things yourself).
这篇关于使用AES / ECB / NoPadding加密和解密不会提供相同的纯文本的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
