我正在加密Android应用程序中的一些数据,然后将其发送到PHP页面进行解密和处理。
使用的密码是"AES/CBC/PKCS5Padding"
现在一切正常(在很多信息挖掘之后)。 但是,生成的解密数据在末尾添加了许多新行,这些行在应用程序发送的原始数据中不存在。
我认为这是PHP不支持PKCS5Padding的副作用。 假设结尾总是在字符串后附加换行符或空格,我感到很不舒服。
如果我尝试使用mcrypt docs中建议的代码,则清空加密的缓冲区。
解压缩是否有更好的解决方法?
修改:根据请求添加的代码
PHP
$cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, "", MCRYPT_MODE_CBC, "");
if($cipher === false)
{
trigger_error("AES compatible cipher missing", E_USER_WARNING);
exit;
}
$InitResult = mcrypt_generic_init($cipher, $AesPassword, $AesIv);
if($InitResult !== 0)
{
trigger_error("AES cipher init failed", E_USER_WARNING);
exit;
}
// now do the decryption
$DataBlock = mdecrypt_generic($cipher, $EncryptedBlock);
// close down mcrypt
mcrypt_generic_deinit($cipher);
mcrypt_module_close($cipher);
Android / Java:
String strEncrypted = null;
Cipher cipher = null;
IvParameterSpec ivSpec = null;
byte[] btEncrypted = null;
try
{
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
ivSpec = new IvParameterSpec(m_btIV);
cipher.init(Cipher.ENCRYPT_MODE, m_KeySpec, ivSpec);
btEncrypted = cipher.doFinal(strData.getBytes(m_strCharSet));
strEncrypted = Base64.encodeToString(btEncrypted, Base64.NO_PADDING | Base64.NO_WRAP);
}
catch(Exception e)
{
e.printStackTrace();
}
return strEncrypted;
请注意,密钥和iv在Android中计算并在POST数据中传输到服务器。
这有帮助吗?
答案 0 :(得分:1)
不幸的是,Java SE提供程序不支持PHP填充。 Bouncy Castle不支持这种填充,因为Bouncy Castle总是填充至少1个字节,即使是零填充。
经过大量的调整后,这是我能想到的最好的结果:
/**
* Pads data with zero valued bytes until the next block boundary is met.
* Does not pad if the number of blocks is already on a boundary. This
* method is not safe for binary data that may end with zero valued bytes as
* they may be removed by the unpadding method.
* If available, try and use PKCS#7 compatible padding instead.
*
* @param data
* the binary data to pad, never null
* @param blocksize
* the block size in bytes of the block cipher
* @return the padded binary data as a copy
* @throws NullPointerException
* if data is null
*/
public static byte[] phpPad(final byte[] data, final int blocksize) {
if (data.length == 0) {
return data;
}
final int blocks = (data.length - 1) / blocksize + 1;
return Arrays.copyOf(data, blocks * blocksize);
}
/**
* Unpads data removing zero valued bytes, removing up to blocksize - 1
* bytes of padding. The input of the unpad method should consist of n times
* the blocksize.
*
* @param data
* the binary data to unpad, never null
* @param blocksize
* the block size in bytes of the block cipher
* @return the unpadded binary data as a copy
* @throws NullPointerException
* if data is null
* @throws IllegalArgumentException
* if the data is not n times the blocksize
*/
public static byte[] phpUnpad(final byte[] data, final int blocksize) {
if (data.length % blocksize != 0) {
throw new IllegalArgumentException(
"Padded data should dividable by the block size");
}
if (data.length == 0) {
return data.clone();
}
int padBytes = 0;
for (; padBytes < blocksize; padBytes++) {
if (data[data.length - padBytes - 1] != 0x00) {
break;
}
}
return Arrays.copyOf(data, data.length - padBytes);
}