AES加密badPadding
尝试解密NFC标签(其中包含与生成的QR码完全相同的值.QRCode能够正确扫描而没有任何错误。虽然包含完全相同值的NFC标签正在抛出BadPaddingException。
String seedValue = "MediLearnerSecurity";
encyrptedResult = "4EA768CA389F4CD688BCCAF11E1E4953"
从标签和条形码扫描仪检查和检索后。两者都被验证包含上述encyrptedResult。
其他一些课程
public void decyrption()
{
try
{
deCryptedResult = AESHelper.decrypt(seedValue, encyrptedResult);
}
catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
AESHelper Class。
public class AESHelper {
public static String encrypt(String seed, String cleartext) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes());
byte[] result = encrypt(rawKey, cleartext.getBytes());
return toHex(result);
}
public static String decrypt(String seed, String encrypted) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes());
byte[] enc = toByte(encrypted);
byte[] result = decrypt(rawKey, enc);
return new String(result);
}
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(128, sr); // 192 and 256 bits may not be available
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static String toHex(String txt) {
return toHex(txt.getBytes());
}
public static String fromHex(String hex) {
return new String(toByte(hex));
}
public static byte[] toByte(String hexString) {
int len = hexString.length()/2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue();
return result;
}
public static String toHex(byte[] buf) {
if (buf == null)
return "";
StringBuffer result = new StringBuffer(2*buf.length);
for (int i = 0; i < buf.length; i++) {
appendHex(result, buf[i]);
}
return result.toString();
}
private final static String HEX = "0123456789ABCDEF";
private static void appendHex(StringBuffer sb, byte b) {
sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f));
}
}
logcat的
01-21 15:44:25.774: D/TextLayoutCache(11831): Enable myanmar Zawgyi converter
01-21 15:44:31.269: W/System.err(11831): javax.crypto.BadPaddingException: pad block corrupted
01-21 15:44:31.269: W/System.err(11831): at com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineDoFinal(BaseBlockCipher.java:710)
01-21 15:44:31.269: W/System.err(11831): at javax.crypto.Cipher.doFinal(Cipher.java:1111)
01-21 15:44:31.269: W/System.err(11831): at nyp.medilearner.methods.AESHelper.decrypt(AESHelper.java:48)
01-21 15:44:31.269: W/System.err(11831): at nyp.medilearner.methods.AESHelper.decrypt(AESHelper.java:21)
01-21 15:44:31.269: W/System.err(11831): at com.medilearner.main.ScanSelected.decyrption(ScanSelected.java:148)
01-21 15:44:31.269: W/System.err(11831): at com.medilearner.main.ScanSelected.onActivityResult(ScanSelected.java:42)
01-21 15:44:31.269: W/System.err(11831): at android.app.Activity.dispatchActivityResult(Activity.java:5563)
01-21 15:44:31.269: W/System.err(11831): at android.app.ActivityThread.deliverResults(ActivityThread.java:3496)
01-21 15:44:31.274: W/System.err(11831): at android.app.ActivityThread.handleSendResult(ActivityThread.java:3543)
01-21 15:44:31.274: W/System.err(11831): at android.app.ActivityThread.access$1200(ActivityThread.java:159)
01-21 15:44:31.274: W/System.err(11831): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1364)
01-21 15:44:31.274: W/System.err(11831): at android.os.Handler.dispatchMessage(Handler.java:99)
01-21 15:44:31.274: W/System.err(11831): at android.os.Looper.loop(Looper.java:137)
01-21 15:44:31.274: W/System.err(11831): at android.app.ActivityThread.main(ActivityThread.java:5419)
01-21 15:44:31.274: W/System.err(11831): at java.lang.reflect.Method.invokeNative(Native Method)
01-21 15:44:31.274: W/System.err(11831): at java.lang.reflect.Method.invoke(Method.java:525)
01-21 15:44:31.274: W/System.err(11831): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1209)
01-21 15:44:31.279: W/System.err(11831): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1025)
01-21 15:44:31.279: W/System.err(11831): at dalvik.system.NativeStart.main(Native Method)
1 个答案:
答案 0 :(得分:1)
我认为您的一个问题位于byte[] getRawKey(byte[] seed)。
如果我理解正确,这种方法假定您总是获得给定种子的相同密钥。
然而事实并非如此,因为它使用SHA1PRNG - 并且此类伪随机生成器未标准化。因此,如果您只使用Java SE 1.6生成密钥,您将始终获得相同的结果。但是其他编程语言中的SHA1PRNG算法,Android等替代Java平台甚至其他Java版本/库我得到的结果都不同。
另请阅读:javax.crypto working differently in different versions of Android OS?
结论:永远不要滥用KeyGenerator和/或SecureRandom来创建密钥。这些类的唯一用法是创建新的随机密钥! 您发布的当前实施完全失败。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?