使用简单的加密类时,坏块块异常 [英] Bad pad block exception when using simple crypto class
本文介绍了使用简单的加密类时,坏块块异常的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
当我试图使用这个类解密,我得到坏块块异常。任何想法为什么?
public class SimpleCrypto {
public static String encrypt(String seed,String cleartext )throws Exception {
byte [] rawKey = getRawKey(seed.getBytes());
byte [] result = encrypt(rawKey,cleartext.getBytes());
return toHex(result);
}
public static String decrypt(String seed,String encrypted)throws异常{
byte [] rawKey = getRawKey(seed.getBytes());
byte [] enc = toByte(encrypted);
byte [] result = decrypt(rawKey,enc);
return new String(result);
}
private static byte [] getRawKey(byte [] seed)throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance(AES);
SecureRandom sr = SecureRandom.getInstance(SHA1PRNG);
sr.setSeed(seed);
kgen.init(128,sr); // 192和256位可能不可用
SecretKey skey = kgen.generateKey();
byte [] raw = skey.getEncoded();
返回原始;
}
private static byte [] encrypt(byte [] raw,byte [] clear)throws异常{
SecretKeySpec skeySpec = new SecretKeySpec(raw,AES);
密码密码= Cipher.getInstance(AES);
cipher.init(Cipher.ENCRYPT_MODE,skeySpec);
byte [] encrypted = cipher.doFinal(clear);
返回加密;
}
私有静态字节[] decrypt(byte [] raw,byte [] encrypted)throws异常{
SecretKeySpec skeySpec = new SecretKeySpec(raw,AES);
密码密码= Cipher.getInstance(AES);
cipher.init(Cipher.DECRYPT_MODE,skeySpec);
byte [] decryptpted = cipher.doFinal(encrypted);
返回解密;
}
public static String toHex(String txt){
return toHex(txt.getBytes());
}
public static String fromHex(String hex){
return new String(toByte(hex));
}
public static byte [] toByte(String hexString){
int len = hexString.length()/ 2;
byte [] result = new byte [len]; (int i = 0; i
返回结果;
}
public static String toHex(byte [] buf){
if(buf == null)
return;
StringBuffer result = new StringBuffer(2 * buf.length); (int i = 0; i< buf.length; i ++){
appendHex(result,buf [i]);
}
return result.toString();
}
private final static String HEX =0123456789ABCDEF;
private static void appendHex(StringBuffer sb,byte b){
sb.append(HEX.charAt((b>> 4)& 0x0f))。 charAt(b& 0x0f));
}
}
解决方案
我认为你的简单加密类太简单了。任何时候,你不要很好地解码解密,甚至可以使用最坏的pad块异常(除非你使用经过身份验证的加密)。
在上面的代码中,我甚至没有看到任何使用初始化向量,这意味着你的代码不会工作或者真的不安全。 >
我的建议不要自己编码,甚至可以从互联网剪切和粘贴代码。那里有很多不好的剪切和粘贴加密代码。使用高级图书馆。
Keyczar 作品在android上:
https:// github .com / kruton / android-keyczar-demo
WHen im trying to decrypt using this class, i get "Bad pad block exception". Any idea why?
public class SimpleCrypto {
public static String encrypt(String seed, String cleartext) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes());
byte[] result = encrypt(rawKey, cleartext.getBytes());
return toHex(result);
}
public static String decrypt(String seed, String encrypted) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes());
byte[] enc = toByte(encrypted);
byte[] result = decrypt(rawKey, enc);
return new String(result);
}
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(128, sr); // 192 and 256 bits may not be available
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static String toHex(String txt) {
return toHex(txt.getBytes());
}
public static String fromHex(String hex) {
return new String(toByte(hex));
}
public static byte[] toByte(String hexString) {
int len = hexString.length() / 2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
result[i] = Integer.valueOf(hexString.substring(2 * i, 2 * i + 2), 16).byteValue();
return result;
}
public static String toHex(byte[] buf) {
if (buf == null)
return "";
StringBuffer result = new StringBuffer(2 * buf.length);
for (int i = 0; i < buf.length; i++) {
appendHex(result, buf[i]);
}
return result.toString();
}
private final static String HEX = "0123456789ABCDEF";
private static void appendHex(StringBuffer sb, byte b) {
sb.append(HEX.charAt((b >> 4) & 0x0f)).append(HEX.charAt(b & 0x0f));
}
}
解决方案
I think your Simple Crypto class is too simple. Any time you don't code decryption well enough to even work it's going to end up with bad pad block exception (unless you are using authenticated encryption).
And in the above code I don't even see any usage of initialization vectors, which means your code is either not going to work or be really insecure.
My suggestion don't code this yourself or even cut and paste code from the internet. There's a lot of bad cut and paste encryption code out there. Use a high level library instead.
Keyczar works on android:
https://github.com/kruton/android-keyczar-demo
这篇关于使用简单的加密类时,坏块块异常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
