带有salt和静态密码的AES

时间:2012-04-07 22:49:44

标签: java encryption cryptography aes

我有以下几乎可以使用的代码:

AES.java

import java.io.UnsupportedEncodingException;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.KeySpec;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

public class AES {

    private static final int    KEY_LENGTH              = 128;
    private static final int    ITERATIONS              = 100;

    private static final String ALGORITHM               = "AES";
    private static final String SECRET_KEY_ALGORITHM    = "PBKDF2WithHmacSHA1";
    private static final String TRANSFORMATION          = "AES/CBC/PKCS5Padding";

    private final Cipher        m_enc_cipher;
    private final Cipher        m_dec_cipher;

    private final byte[]        m_iv;

    public AES(final char[] password, final byte[] salt)
            throws NoSuchAlgorithmException, InvalidKeySpecException,
            NoSuchPaddingException, InvalidKeyException,
            InvalidParameterSpecException, IllegalBlockSizeException,
            BadPaddingException, UnsupportedEncodingException,
            InvalidAlgorithmParameterException {

        // Derive the key, given password and salt
        final SecretKeyFactory factory = SecretKeyFactory
                .getInstance(SECRET_KEY_ALGORITHM);
        final KeySpec spec = new PBEKeySpec(password, salt, ITERATIONS,
                KEY_LENGTH);
        final SecretKey tmp = factory.generateSecret(spec);
        final SecretKey secret = new SecretKeySpec(tmp.getEncoded(), ALGORITHM);

        // Build encryptor and get IV
        final Cipher enc_cipher = Cipher.getInstance(TRANSFORMATION);
        enc_cipher.init(Cipher.ENCRYPT_MODE, secret);
        final AlgorithmParameters params = enc_cipher.getParameters();
        final byte[] iv = params.getParameterSpec(IvParameterSpec.class)
                .getIV();

        // Build decryptor
        final Cipher dec_cipher = Cipher.getInstance(TRANSFORMATION);
        dec_cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));

        this.m_enc_cipher = enc_cipher;
        this.m_dec_cipher = dec_cipher;

        this.m_iv = iv;
    }

    public AES(final byte[] iv) throws NoSuchAlgorithmException,
            InvalidKeySpecException, NoSuchPaddingException,
            InvalidKeyException, InvalidParameterSpecException,
            IllegalBlockSizeException, BadPaddingException,
            UnsupportedEncodingException, InvalidAlgorithmParameterException {

        final AlgorithmParameterSpec aps = new IvParameterSpec(iv);

        final KeyGenerator keygen = KeyGenerator.getInstance(ALGORITHM);
        keygen.init(KEY_LENGTH);
        final SecretKey secret = keygen.generateKey();

        // Build encryptor
        final Cipher enc_cipher = Cipher.getInstance(TRANSFORMATION);
        enc_cipher.init(Cipher.ENCRYPT_MODE, secret, aps);

        // Build decryptor
        final Cipher dec_cipher = Cipher.getInstance(TRANSFORMATION);
        dec_cipher.init(Cipher.DECRYPT_MODE, secret, aps);

        this.m_enc_cipher = enc_cipher;
        this.m_dec_cipher = dec_cipher;

        this.m_iv = iv;
    }

    public byte[] get_iv() {
        return this.m_iv;
    }

    public byte[] encrypt(final byte[] data) throws NoSuchAlgorithmException,
            InvalidKeySpecException, NoSuchPaddingException,
            InvalidKeyException, InvalidParameterSpecException,
            IllegalBlockSizeException, BadPaddingException,
            UnsupportedEncodingException {
        return this.m_enc_cipher.doFinal(data);
    }

    public byte[] decrypt(final byte[] data) throws IllegalBlockSizeException,
            BadPaddingException {
        return this.m_dec_cipher.doFinal(data);
    }
}

AESTest.java

import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;

import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

import org.junit.Test;
import static org.junit.Assert.*;

public class AESTest {
    @Test
    public void test() throws InvalidKeyException, NoSuchAlgorithmException,
            InvalidKeySpecException, NoSuchPaddingException,
            InvalidParameterSpecException, IllegalBlockSizeException,
            BadPaddingException, UnsupportedEncodingException,
            InvalidAlgorithmParameterException {

        final char[] password = "my_password".toCharArray();
        final byte[] salt = new byte[] { 22, 11 };

        final byte[] original_data = "Hello, World!".getBytes("UTF-8");
        final AES aesA = new AES(password, salt);
        final byte[] encrypted_data = aesA.encrypt(original_data);
        System.out.println("Encrypted:");
        System.out.println(javax.xml.bind.DatatypeConverter
                .printBase64Binary(encrypted_data));

        final AES aesB = new AES(aesA.get_iv());
        final byte[] decrypted_data_B = aesB.decrypt(encrypted_data);
        System.out.println("Decrypted B:");
        System.out.println(javax.xml.bind.DatatypeConverter
                .printBase64Binary(decrypted_data_B));
        assertTrue(Arrays.equals(original_data, decrypted_data_B));
    }
}

在测试(AESTest.java)上,它给了我这个错误:

javax.crypto.BadPaddingException: Given final block not properly padded

我的最终目的是能够发送加密数据块,然后将其取回 术语“稍后”可以指日/周/年 然后,使用我想要解密的相同密码。

因为“稍后”可能是一个月,所以我需要创建一个新的AES对象。

现在,这个新的AES对象必须能够使用相同的固定密码/ salt解密数据。
就是这样。

我尝试使用相同的IV,但它不起作用。

我在这里做错了什么?

编辑#1: 请注意ITERATIONS

2 个答案:

答案 0 :(得分:3)

iv初始化AES时,您会创建不同的secret。不是吗?

您没有使用相同的密码和盐。

答案 1 :(得分:2)

如前所述,第二个构造函数创建一个新的AES密钥,因此它不会与第一个构造函数中创建的密钥匹配。我真的没有意图拥有两个不同的构造函数,在每个构造函数中,您创建一个适合加密的AES实例以及另一个用于解密的实例?重新考虑该设计并仅使用一个实例可能是有意义的,具体取决于您是要加密还是解密。

虽然您在第一个构造函数中生成的密钥是保密的,但生成的IV是公共信息,可以安全地公开发布,这不会损害安全性。但是,您应该为每个加密邮件创建唯一的IV,否则可能会对您正在使用的CBC模式进行攻击。

所以,我建议你这样做:

<强>加密

基本上是第一个构造函数,省略了第二个实例进行解密。检索已创建的IV。

<强>解密:

再次基本上是第一个构造函数,带有一个额外的IV参数。使用完全相同的参数(salt,password,iterations)从头开始重新创建密钥,这次在解密模式下初始化Cipher,另外传递IV参数。

应该这样做!