没有填充的加密不起作用

时间:2017-10-24 08:55:00

标签: android cryptography aes cbc-mode

我正在制作应用程序,用于加密和解密AES / CBC模式下的文本。在AES / CBC / PKCS5Padding(和PKCS7Padding)中一切正常但如果我将算法设置为AES / CBC / NoPadding,我会得到“error”字符串作为输出。有什么问题?

包含加密和解密功能的类: 

public class CriptographyUtils
{
    private static final String INIT_VECTOR = "fedcba9876543210";
    private static final String ALGORITHM = "AES/CBC/NoPadding";

    public static String aesEncrypt(String key, String text)  // encrypts text (get bytes -> encrypt -> encode -> to String)
    {
        String result;

        try
        {
            IvParameterSpec iv = new IvParameterSpec(INIT_VECTOR.getBytes());
            SecretKeySpec myKey = new SecretKeySpec(fixKey(key).getBytes("UTF-8"), "AES");

            Cipher cipher = Cipher.getInstance(ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, myKey, iv);

            byte[] encryptedBytes = cipher.doFinal(text.getBytes("UTF-8"));

            result = Base64.encodeToString(encryptedBytes, Base64.DEFAULT);
        }
        catch (Exception ex)
        {
            ex.printStackTrace();
            result = "error";
        }

        return result;
    }

    public static String aesDecrypt(String key, String text)  // decrypts text (get bytes -> decode -> decrypt -> to String)
    {
        String result;

        try
        {
            IvParameterSpec iv = new IvParameterSpec(INIT_VECTOR.getBytes("UTF-8"));
            SecretKeySpec myKey = new SecretKeySpec(fixKey(key).getBytes("UTF-8"), "AES"); // create new KEY in utf-8

            Cipher cipher = Cipher.getInstance(ALGORITHM); // create new cipher
            cipher.init(Cipher.DECRYPT_MODE, myKey, iv); // set cipher into decrypt mode using my KEY

            byte[] decryptedBytes = cipher.doFinal(Base64.decode(text, Base64.DEFAULT)); // get bytes -> decode -> decrypt

            result = new String(decryptedBytes);    // convert decrypted text to String
        }
        catch (Exception ex)
        {
            ex.printStackTrace();
            result = "error";
        }

        return result;
    }

    private static String fixKey(String key)
    {
        if (key.length() < 16)  // less than 128 bits
        {
            int numPad = 16 - key.length();

            for (int i = 0; i < numPad; i++)
                key += "0"; //0 pad to len 16 bytes
        }
        else if (key.length() > 16)
            key = key.substring(0, 16); //truncate to 16 bytes

        return key;
    }
}

用法:

加密: 

CriptographyUtils.aesEncrypt(key, textToEncrypt)

解密: 

CriptographyUtils.aesDecrypt(key, textToDecrypt));

关键是: 

private static final String key = "1234123412341234";

1 个答案:

答案 0 :(得分:0)

AES是块加密算法,因此必须使其输入为块大小的倍数,AES为16字节。因此,如果不保证数据是块大小的倍数,则需要添加填充。

使用填充:PKCS#7是AES的常用填充,PKCS#5基本相同。

PKCS#5标识符仅适用于AES,因为编码人员懒得添加对PKCS#7标识符的支持。见PKCS#7 padding

PKCS#5填充与PKCS#7填充相同,只是它仅为使用64位(8字节)块大小的块密码定义。在实践中,这两者可以互换使用。

相关问题
最新问题