AES 256（而不是128）与BouncyCastle [英] AES 256 (instead of 128) with BouncyCastle

问题描述

我遵循了这篇文章的大部分内容，目的是实施aes 256加密在我的软件，它的工作很好

I followed much of this post with the objective to implement aes 256 encryption in my software and it works just fine

这里的关键是，上述链接使用 AESEngine类。查看类代码和 javadoc参考，AESEngine是一个128位而不是256位的块加密

The key point here is that the whole implementation described in the above link uses the AESEngine class. Looking at the class code and javadoc reference, the AESEngine is a 128bit instead of a 256 bit block cipher

搜索代码和docs我找不到192或256位的实现。他们在哪里？

Searching trough the code and docs i could not find the 192 or 256 bits implementations. Where are them?

为了完整性，这是我实际加密类的核心：

For completeness, this is the core of my actual ciphering class:

    private void init(String passphrase) {
        try {
            String algorithm = "PBEWithSHA256And256BitAES-CBC-BC"; 

            encryptCipher = createCipher();
            decryptCipher = createCipher();    

            randomGenerator = new RandomGenerator();

            PBEKeySpec keySpec = new PBEKeySpec(passphrase.toCharArray(), KEY_SALT, ITERATIONS);    

            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
            key = keyFactory.generateSecret(keySpec);    

        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("NoSuchAlgorithmException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
        } catch (InvalidKeySpecException e) {
            throw new RuntimeException("InvalidKeySpecException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
        }
    }    

    private BufferedBlockCipher createCipher() {
        return new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESFastEngine()), new PKCS7Padding());
    }    

    public byte[] encrypt(byte[] data) {
        if (data == null)
            throw new NullPointerException("Cannot encrypt null data");    

        byte[] iv = randomGenerator.generateRandom(IV_SIZE);    

        byte[] encrypted;

        synchronized (encryptCipher) {
            encrypted = runCipher(encryptCipher, true, data, iv);
        }    

        return DataUtil.append(iv, encrypted);
    }    

    public byte[] decrypt(byte[] data) {
        if (data == null)
            throw new NullPointerException("Cannot decrypt null data");    

        byte[] iv = DataUtil.extract(data, 0, IV_SIZE);
        byte[] cipherText = DataUtil.extract(data, IV_SIZE, data.length - IV_SIZE);

        byte[] decrypted;    

        synchronized (decryptCipher) {
            decrypted = runCipher(decryptCipher, false, cipherText, iv);
        }

        return decrypted;
    }

    private byte[] runCipher(BufferedBlockCipher cipher, boolean forEncryption, byte[] data, byte[] iv) {
        String operation = forEncryption ? "encrypt" : "decrypt";

        try {
            KeyParameter keyParam = new KeyParameter(key.getEncoded());
            ParametersWithIV cipherParams = new ParametersWithIV(keyParam, iv);

            cipher.init(forEncryption, cipherParams);

            byte[] result = new byte[cipher.getOutputSize(data.length)];
            int len = cipher.processBytes(data, 0, data.length, result, 0);
            len += cipher.doFinal(result, len);

            //Remove padding se estiver decriptografando
            if(!forEncryption)
                result = DataUtil.extract(result, 0, len);

            return result;
        } catch (DataLengthException e) {
            throw new RuntimeException("DataLengthException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
        } catch (IllegalStateException e) {
            throw new RuntimeException("IllegalStateException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
        } catch (InvalidCipherTextException e) {
            throw new IllegalArgumentException("InvalidCipherTextException occured while trying to " + operation + " data with length " + data.length, e);
        }
    }

推荐答案

您想要使用块大小为256位的AES进行加密，您应该使用：

If you want to do AES like encryption with a block size of 256 bit you should use:

http://www.docjar.org/docs/api/org/bouncycastle/crypto/engines/RijndaelEngine.html

但这可能不是你想要的; AES-256中的256是关键字大小。该密钥大小然后由底层的128位AES块密码使用。 AES是Rijndael的标准化的128位块版本。

But that's probably not what you want; the 256 in AES-256 is about the key size. This key size is then used by the underlying 128 bit AES block cipher. AES is the standardized, 128 bit block version of Rijndael.

这篇关于AES 256（而不是128）与BouncyCastle的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！