我一直盯着这段代码好几个小时,我一定是想念一些傻瓜。因此,非常感谢有人的帮助。
下面是示例代码,最简单的我可以让它重现这个问题。代码在第一次运行时工作正常,但是在为IV创建首选项之后,它会在之后失败。
我的真实代码存储的偏好比这个更多,我在麻烦的拍摄中简化了很多,以便更容易隔离。
我的目标是创建一个类,允许我存储使用AES 128加密加密的首选项以及从用户提供的密码派生的密钥。例如安全的偏好。我在故障排除中取出了所有用户提供的pwd内容。
package com.test;
import java.io.UnsupportedEncodingException;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidParameterSpecException;
import java.util.Random;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.prefs.Preferences;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.apache.commons.codec.binary.Base64;
public class Settings {
private Preferences prefs = null;
private byte[] iv = null;
private SecretKey secret = null;
Cipher cipher = null;
public static void main(String[] args){
Settings t = new Settings();
String encText = t.encryptText("HELLO");//Encrypt a value
String output = t.decryptText(encText);//Decrypt the value
System.out.println(output); //Display the decrypted value.
}
public Settings(){
try {
String parentClass = new Exception().getStackTrace()[1].getClassName();//Really only controls where the prefs go, shouldn't matter.
this.prefs = Preferences.userNodeForPackage(Class.forName(parentClass));
Random r = new SecureRandom();
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(128); // 128 bit key
this.secret = keyGen.generateKey();
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
} catch (NoSuchAlgorithmException ex) {
Logger.getLogger(this.getClass().getName()).log(Level.SEVERE, null, ex);
} catch (Exception ex) {
Logger.getLogger(this.getClass().getName()).log(Level.SEVERE, null, ex);
}
}
private String encryptText(String plainText){
try {
cipher.init(Cipher.ENCRYPT_MODE, this.secret);
AlgorithmParameters params = cipher.getParameters();
this.iv = prefs.getByteArray("IV", null);
if(this.iv == null){
this.iv = params.getParameterSpec(IvParameterSpec.class).getIV();
prefs.putByteArray("IV", this.iv);
}
byte[] ciphertext = cipher.doFinal(plainText.getBytes("UTF-8"));
String ret = new String(Base64.encodeBase64(ciphertext));
return ret;
} catch (InvalidParameterSpecException | IllegalBlockSizeException | BadPaddingException | UnsupportedEncodingException | InvalidKeyException ex) {
Logger.getLogger(this.getClass().getName()).log(Level.SEVERE, null, ex);
}
return "";
}
private String decryptText(String cipherText){
try {
this.iv = prefs.getByteArray("IV", null);
byte[] cText = Base64.decodeBase64(cipherText);
cipher.init(Cipher.DECRYPT_MODE, this.secret, new IvParameterSpec(this.iv));
String ret = new String(cipher.doFinal(cText), "UTF-8");
return ret;
} catch (IllegalBlockSizeException | BadPaddingException | UnsupportedEncodingException | InvalidKeyException | InvalidAlgorithmParameterException ex) {
Logger.getLogger(this.getClass().getName()).log(Level.SEVERE, null, ex);
}
return "";
}
}
仅在2+次运行中收到的Stacktrace:
Feb 07, 2015 9:02:46 PM com.test.Settings decryptText
SEVERE: null
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:811)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:313)
at javax.crypto.Cipher.doFinal(Cipher.java:2087)
at com.test.Settings.decryptText(Settings.java:77)
at com.test.Settings.main(Settings.java:34)
------------编辑正确答案------------ 正如GregS指出的那样,当偏好存在时,我没有将IV加载到加密例程中,因此存在不匹配。下面是更新后的问题所解决的加密功能。
private String encryptText(String plainText){
try {
this.iv = prefs.getByteArray("IV", null);
if(this.iv == null) { //If not set, set the IV
cipher.init(Cipher.ENCRYPT_MODE, this.secret);
AlgorithmParameters params = cipher.getParameters();
this.iv = params.getParameterSpec(IvParameterSpec.class).getIV();
prefs.putByteArray("IV", this.iv);
} else {
cipher.init(Cipher.ENCRYPT_MODE, this.secret, new IvParameterSpec(this.iv));
}
byte[] ciphertext = cipher.doFinal(plainText.getBytes("UTF-8"));
String ret = new String(Base64.encodeBase64(ciphertext));
return ret;
} catch (InvalidParameterSpecException | IllegalBlockSizeException | BadPaddingException | UnsupportedEncodingException | InvalidKeyException ex) {
Logger.getLogger(this.getClass().getName()).log(Level.SEVERE, null, ex);
} catch (InvalidAlgorithmParameterException ex) {
Logger.getLogger(Settings.class.getName()).log(Level.SEVERE, null, ex);
}
return "";
}
答案 0 :(得分:0)
正如GregS指出的那样,当偏好存在时,我没有将IV加载到加密例程中,因此存在不匹配。下面是更新后的问题所解决的加密功能。
private String encryptText(String plainText){
try {
this.iv = prefs.getByteArray("IV", null);
if(this.iv == null) { //If not set, set the IV
cipher.init(Cipher.ENCRYPT_MODE, this.secret);
AlgorithmParameters params = cipher.getParameters();
this.iv = params.getParameterSpec(IvParameterSpec.class).getIV();
prefs.putByteArray("IV", this.iv);
} else {
cipher.init(Cipher.ENCRYPT_MODE, this.secret, new IvParameterSpec(this.iv));
}
byte[] ciphertext = cipher.doFinal(plainText.getBytes("UTF-8"));
String ret = new String(Base64.encodeBase64(ciphertext));
return ret;
} catch (InvalidParameterSpecException | IllegalBlockSizeException | BadPaddingException | UnsupportedEncodingException | InvalidKeyException ex) {
Logger.getLogger(this.getClass().getName()).log(Level.SEVERE, null, ex);
} catch (InvalidAlgorithmParameterException ex) {
Logger.getLogger(Settings.class.getName()).log(Level.SEVERE, null, ex);
}
return "";
}