在AES解密中,"给定最终块未正确填充"发生了

时间:2013-12-02 16:09:24

标签: java encryption aes

我正在做一个简单的加密文件传输系统,现在因运行时异常而停止:

Exception in thread "main" javax.crypto.BadPaddingException: Given final block not properly padded
    at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:811)
    at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
    at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:313)
    at javax.crypto.Cipher.doFinal(Cipher.java:2087)
    at ftpclient.FTPClient.main(FTPClient.java:82)

我尝试使用字符串调试我的代码,使用相同的密钥进行加密和解密,然后才能正常工作。但是,当我尝试从文件传输流时,总会出现此异常。

以下是双方的代码。首先,他们将通过RSA交换对称密钥(AES密钥),然后通过AES加密传输大文件。我们可以关注每个代码的最后部分,其中文件是通过AES密钥加密和解密的。

服务器端:

package ftpserver;

import java.io.*;
import java.net.*;
import javax.crypto.*;
import java.security.*;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64; 
/**
 *
 * @author Han
 */
public class FTPServer {
    public static void main(String[] args) throws Exception {

        //generate symmetric key and initialize cipher for AES
        SecretKey skey = null;
        Cipher aes = Cipher.getInstance("AES/ECB/PKCS5Padding");

        KeyGenerator kg = KeyGenerator.getInstance("AES");
        kg.init(128);
        skey = kg.generateKey();

        //get public key of the receive side
        final String PUBLIC_KEY_PATH = "key_b.public";
        PublicKey publickey = null;
        try {
        FileInputStream fis;
        fis = new FileInputStream(PUBLIC_KEY_PATH);
        ObjectInputStream oin = new ObjectInputStream(fis);
        publickey = (PublicKey) oin.readObject();
        oin.close();
        } catch (FileNotFoundException e) {
        e.printStackTrace();
        } catch (IOException e) {
        e.printStackTrace();
        } catch (ClassNotFoundException e) {
        e.printStackTrace();
        };

        //encrypte symmetric key with own private key and send out
        Cipher rsa = Cipher.getInstance("RSA");
        rsa.init(Cipher.ENCRYPT_MODE, publickey);
        byte cipherSKey[] = rsa.doFinal(skey.getEncoded());
        //System.out.println(skey); //debug

    //create tcp server socket
        ServerSocket tcp = new ServerSocket(2000);
        Socket client = tcp.accept();

        //get input&output stream from the TCP connection
        InputStream in = client.getInputStream();
    OutputStream out = client.getOutputStream();

        //generate a file input stream to get stream from file
    File sentFile = new File("F:\\test.txt");
        FileInputStream fin = new FileInputStream(sentFile);

        //send encrypted symmetric key first
        out.write("Symmetric Key:\r\n".getBytes());
        out.write(cipherSKey);

        DataInputStream din = new DataInputStream(in);
        while(true)
        {
            if(din.readLine().equals("Received."))
            {
                System.out.println("Send key successfully.");
                break;
            }

        };

        //send files
    int count;
        byte[] bytearray = new byte[8192];
        byte[] cipherbuffer;
        while((count = fin.read(bytearray))>0)
    {
        cipherbuffer = Base64.encodeBase64(aes.doFinal(bytearray));
        out.write(cipherbuffer,0,cipherbuffer.length);
        System.out.println(count+" bytes have been sent.");
        };

        out.flush();
        out.close();

        client.close();


        }
}

客户端:

package ftpclient;

import java.io.*;
import java.net.*;
import java.security.PrivateKey;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;
/**
 *
 * @author Han
 */
public class FTPClient {

public static void main(String[] args) throws Exception 
    {
            //get the private key of this side


        final String PUBLIC_KEY_PATH = "key_b.privat";
        PrivateKey privatkey = null;
        try {
        FileInputStream fis;
        fis = new FileInputStream(PUBLIC_KEY_PATH);
        ObjectInputStream oin = new ObjectInputStream(fis);
        privatkey = (PrivateKey) oin.readObject();
        oin.close();
        } catch (FileNotFoundException e) {
        e.printStackTrace();
        } catch (IOException e) {
        e.printStackTrace();
        } catch (ClassNotFoundException e) {
        e.printStackTrace();
        };

        Cipher rsa = Cipher.getInstance("RSA");
        rsa.init(Cipher.DECRYPT_MODE, privatkey);

        //create tcp client socket
        Socket tcp = new Socket("192.168.1.185",2000);        
    InputStream in = tcp.getInputStream();
        OutputStream out = tcp.getOutputStream();
        DataInputStream din = new DataInputStream(in);

        //receive symmetric key from server
        byte keybuffer[] = new byte[128];
        SecretKey skey = null;

        while(true)
        {
            if(din.readLine().equals("Symmetric Key:"))
            {
                System.out.println("Start to receiving key...");
                in.read(keybuffer);
                byte[] skeycode = rsa.doFinal(keybuffer);
                skey = new SecretKeySpec(skeycode, 0, skeycode.length, "AES");
                out.write("Received.\r\n".getBytes());
                break;
            }
        };
        //create cipher for symmetric decryption
        Cipher aes = Cipher.getInstance("AES/ECB/PKCS5Padding");
        aes.init(Cipher.DECRYPT_MODE, skey);
        //System.out.println(skey); //debug

        //create file stream
        FileOutputStream fos = new FileOutputStream("E:\\test_cp.txt");

    int count;
        int i = 0;
        byte[] bytearray = new byte[8192];
        byte[] buffer;
        while((count = in.read(bytearray)) > 0)
        {
            buffer = (aes.doFinal(Base64.decodeBase64(bytearray)));
                        fos.write(buffer,0,buffer.length);   
                        i +=count;
                        System.out.println(i+" bytes have been received.");
        };


        fos.flush();
        fos.close();
        in.close();

        tcp.close();
        System.out.println("File Transfer completed");

    }

}

1 个答案:

答案 0 :(得分:3)

您多次致电doFinal。或至少试图。

当您读取数据时,并非所有数据都会到达或立即被读入缓冲区。所以你解密一些,然后再读一遍。一切都好。

但是当你这样做时,你每次都在调用doFinal,而不是update。这是错误的,是错误的原因。相反,将doFinal替换为update,然后在读完所有数据后添加额外的doFinal(正好有doFinal()不带参数)。

请参阅http://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html

另见http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_codebook_.28ECB.29为什么ecb模式通常不是一个好主意(看看企鹅图片)。