我有以下代码来定义密码类
import java.util.*;
import javax.crypto.Cipher;
import java.security.SecureRandom;
import java.security.NoSuchAlgorithmException;
import java.security.AlgorithmParameters;
import javax.crypto.*;
import javax.crypto.SecretKeyFactory;
import javax.crypto.SecretKey;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.crypto.spec.IvParameterSpec;
public class Cipher{
private SecureRandom rand;
private SecretKeyFactory kFact;
private Cipher AESCipher;
private SecretKey key;
public Cipher(char[] mpw, byte[] salt){
try{
kFact = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
rand = SecureRandom.getInstance("SHA1PRNG");
AESCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
PBEKeySpec spec = new PBEKeySpec(mpw, salt, 1024, 256);
key = new SecretKeySpec(kFact.generateSecret(spec).getEncoded(),"AES");
}catch(Exception e){
System.out.println("no such algorithm");
}
}
/*Henc[k,m] will return c such that Hdec[k,HEnc[k,m]] = m
*/
public ArrayList<byte[]> HEnc(byte[] message) throws Exception{
ArrayList<byte[]> res = new ArrayList<byte[]>(2);
AESCipher.init(Cipher.ENCRYPT_MODE ,key);
AlgorithmParameters params = AESCipher.getParameters();
byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
byte[] ctxt = AESCipher.doFinal(message);
res.add(0,iv);
res.add(1,ctxt);
return res;
}
public byte[] HDec(byte[] iv, byte[] cipher) throws Exception{
AESCipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv) );
System.out.println("decrypting");
return AESCipher.doFinal(cipher);
}
/*public abstract byte[] HDec(SecretKey k, byte[] cipher);
*/
我有兴趣用不正确的密码解密密文,为此我定义了以下测试类,
import java.util.*;
import java.io.*;
public class testCipher{
public static void main(String[] args) throws Exception{
while(true){
Scanner sc = new Scanner(System.in);
System.out.println("Enter master password");
String pass = sc.nextLine();
System.out.println("Enter incorrect password");
String fakepass = sc.nextLine();
System.out.println("Enter message to encrypt");
String message = sc.next();
String salt = "123";
HCipher goodEnc = new HCipher(pass.toCharArray(),salt.getBytes());
HCipher badEnc = new HCipher(fakepass.toCharArray(),salt.getBytes());
byte[] toEncrypt = message.getBytes();
ArrayList<byte[]> cipher = goodEnc.HEnc(toEncrypt);
byte[] ciphertxt = cipher.get(1);
byte[] iv = cipher.get(0);
while(true){
System.out.println("Enter 1 to decrypt with correct pass, 2 to decrypt with incorrect pass and 0 to end simulation");
int i = sc.nextInt();
if(i == 1){
System.out.println("Decrypting with correct password");
byte[] plaintxt = goodEnc.HDec(iv, ciphertxt);
System.out.println(new String(plaintxt));
}
if(i == 2){
System.out.println("Decrypting with incorrect password");
byte[] plaintxt = badEnc.HDec(iv, ciphertxt);
System.out.println(new String(plaintxt));
}
if(i == 0){
break;
}
}
}
}
}
使用正确的密码加密和解密效果很好。但是,当我尝试使用不正确的密码解密时,我收到以下错误:
Exception in thread "main" javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:811)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:420)
at javax.crypto.Cipher.doFinal(Cipher.java:1966)
at HCipher.HDec(HCipher.java:54)
at testCipher.main(testCipher.java:52)
我猜这与我的IV有关,但我不知道如何解决它。有没有人有任何建议?
答案 0 :(得分:0)
AES 是一种以16字节为单位加密的分组密码。填充用于填充加密前的最后一个块,因此它适合偶数个块。
您指定 PKCS5Padding :
AESCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
以这样的方式创建填充,即在解密期间可以识别和删除填充。如果您使用错误的密钥解密,密码将无法识别有效的密码,从而为您提供BadPaddingException
如果您在没有填充的情况下实例化解密Cipher(从而自己承担这个责任),您可以避免此异常。