我正在尝试加密android上的图像,将它们发送到服务器以便它们处理它们。服务器必须解密收到的消息。我已在此question
中发布了代码我在Android端调用了加密函数,在java服务器端调用了decrypt函数(图像是通过TCP发送的)。
但是,我收到错误:
javax.crypto.BadPaddingException: Given final block not properly padded
我在android上输出密钥并得到:
javax.crypto.spec.SecretKeySpec@652
而在Java服务器上(使用Netbeans开发)我得到了:
javax.crypto.spec.SecretKeySpec@148dd
我认为填充不同所以我用了
AES/ECB/PKCS5Padding
而不是
AES
但Java服务器输出错误:
should use AES.
我该如何解决这个问题?
对于android端发送:
public void send(Bitmap mRgbImage1_array, int port_number)
throws IOException {
socket = new Socket("192.168.0.107", port_number);
boolean encrypt = HomeScreen.checkbox2.isChecked();
ByteArrayOutputStream stream = new ByteArrayOutputStream();
mRgbImage1_array.compress(CompressFormat.JPEG, 100, stream);
InputStream photoStream = new ByteArrayInputStream(stream.toByteArray());
BufferedInputStream bis = new BufferedInputStream(photoStream);
byte[] mybytearray = new byte[photoStream.available()];
bis.read(mybytearray, 0, mybytearray.length);
photoStream.close();
if(encrypt)
{
try {
byte[] dst = Security.encrypt(mybytearray);
mybytearray = new byte[10000];
for(int i=0; i<dst.length;i++)
{
mybytearray[i] = dst[i];
}
} catch (Exception e1) {
/// TODO Auto-generated catch block
e1.printStackTrace();
}
}
os = socket.getOutputStream();
os.write(mybytearray);
os.flush();
os.close();
if (os != null)
{
try {
os.close();
}
catch (IOException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
对于Java服务器端的接收:
public static void receive(int port_number) {
boolean received = false;
Socket socket = null;
InputStream is = null;
int bytesRead;
int current = 0;
BufferedOutputStream bos = null;
try {
if (serverSocket == null) {
serverSocket = new ServerSocket(port_number);
}
System.out.println("Listening :" + port_number);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
while (!received) {
try {
socket = serverSocket.accept();
InetAddress ip = socket.getInetAddress();
String[] ip1 = ip.toString().split("/");
ip2 = ip1[1];
System.out.println("ip is " + ip2);
byte[] mybytearray = new byte[10000000];
is = socket.getInputStream();
FileOutputStream fos = new FileOutputStream("source-image.jpeg");
bos = new BufferedOutputStream(fos);
bytesRead = is.read(mybytearray, 0, mybytearray.length);
current = bytesRead;
do {
bytesRead =
is.read(mybytearray, current, (mybytearray.length - current));
if (bytesRead >= 0) {
current += bytesRead;
}
} while (bytesRead > -1);
if(Networker.should_encrypt)
{
try {
mybytearray = Security1.decrypt(mybytearray);
} catch (Exception e1) {
/// TODO Auto-generated catch block
e1.printStackTrace();
}
}
bos.write(mybytearray, 0, current);
bos.flush();
bos.close();
received = true;
} catch (IOException ex) {
Logger.getLogger(MyServer1.class.getName()).log(Level.SEVERE, null, ex);
} finally {
if (socket != null) {
try {
socket.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if (is != null) {
try {
is.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
}
}
答案 0 :(得分:2)
我认为这是问题:
mybytearray = Security1.decrypt(mybytearray);
即使你只是写少量数据,总是将解密10000000字节。您应该更改decrypt
方法以说明要解密的数据量,然后拨打doFinal(byte[], int, int)
。
我还建议尝试以流式方式处理加密/解密,而不是预先分配10MB(在大多数情况下会浪费,而在其他情况下可能会太短),但这是一个更大的变化。 / p>
此外,这在加密代码中是个坏主意:
byte[] mybytearray = new byte[photoStream.available()];
bis.read(mybytearray, 0, mybytearray.length);
photoStream.close();
你假设可以开始的金额是整个文件。情况可能并非如此。您通常应该循环,从文件流中读取并写入加密流。哦,close()
调用应该在finally块中。
如果确实希望在一次通话中执行所有加密/解密,您可以循环读取文件或网络流并写入ByteArrayOutputStream
,这样您就可以我需要硬编码大小或从available()
假设它。然后使用ByteArrayOutputStream.toByteArray()
获取正确大小的字节数组。 (诚然,这涉及额外的副本。)