4

我已经在 Android 应用程序中实现了加密/解密。

我添加了一个 Encryption 类,该类已成为 Singleton 类。

部分代码如下:

public class Encryption {

        private SecretKeySpec mKey = null;
        private Cipher mCipher = null;
        private byte[] mKeyBytes = null;
        private AlgorithmParameterSpec mParamSpec = null;
        private static Encryption sInstance;

        public Encryption() {
            byte[] iv = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
            mParamSpec = new IvParameterSpec(iv);
            mKeyBytes = getMD5(MD5_KEY.getBytes();
            mKey = new SecretKeySpec(mKeyBytes, AES_TAG);
            try {
                mCipher = Cipher.getInstance(TRANSFORMATION_STR);
            } catch (NoSuchAlgorithmException e) {
            } catch (NoSuchPaddingException e) {
            }
        }

        public static synchronized Encryption getInstance() {
            if (sInstance == null) {
                sInstance = new Encryption();
            }
            return sInstance;
        }

        public String encryptString(String strPwd) {
            String strToEncripted = null;
            strToEncripted = strPwd;
            String result = null;
            byte[] input = null;
            byte[] cipherText = null;
            int ctLength = 0;
            try {
                input = strToEncripted.getBytes(UTF8_STR);
                mCipher.init(Cipher.ENCRYPT_MODE, mKey, mParamSpec);
                cipherText = new byte[mCipher.getOutputSize(input.length)];
                ctLength = mCipher.update(input, 0, input.length, cipherText, 0);
                ctLength += mCipher.doFinal(cipherText, ctLength);
                result = Base64.encodeToString(cipherText, Base64.DEFAULT)
                        .replace(NEWLINE_CHAR, EMPTY_CHAR).trim();
            } catch (InvalidKeyException e) {
            } catch (UnsupportedEncodingException e) {
            } catch (InvalidAlgorithmParameterException e) {
            } catch (ShortBufferException e) {
            } catch (IllegalBlockSizeException e) {
            } catch (BadPaddingException e) {
            } catch (IllegalStateException e) {
            }
            return result;
        }

        public String decryptstring(byte[] encripted) {
            String textDecrypt = "";
            byte[] encriptedByteDecode64 = Base64.decode(encripted, Base64.DEFAULT);
            byte[] plainText = new byte[mCipher.getOutputSize(encriptedByteDecode64.length)];
            int ptLength = 0;
            try {
                mCipher.init(Cipher.DECRYPT_MODE, mKey, mParamSpec);
                ptLength = mCipher.update(encriptedByteDecode64, 0, encriptedByteDecode64.length, plainText, 0);
                ptLength += mCipher.doFinal(plainText, ptLength);
                textDecrypt = (new String(plainText)).trim();
            } catch (InvalidKeyException e) {
            } catch (InvalidAlgorithmParameterException e) {
            } catch (ShortBufferException e) {
            } catch (IllegalBlockSizeException e) {
            } catch (BadPaddingException e) {
            }
            return textDecrypt;
        }


        private String getMD5(String strKey) {
            String key = strKey;
            String result = null;
            try {
                MessageDigest algorithm = MessageDigest.getInstance(MD5_TAG);
                algorithm.reset();
                algorithm.update(key.getBytes(UTF8_STR));
                byte messageDigest[] = algorithm.digest();
                StringBuilder hexString = new StringBuilder();
                for (int count = 0; count < messageDigest.length; count++) {
                    String hexaDecimal = Integer.toHexString(0xFF & messageDigest[count]);
                    while (hexaDecimal.length() < 2)
                        hexaDecimal = new StringBuilder(ZERO_STR).append(hexaDecimal).toString();
                    hexString.append(hexaDecimal);
                }
                result = hexString.toString();
            } catch (NoSuchAlgorithmException e) {
            } catch (UnsupportedEncodingException e) {
            }
            return result;
        }
    }

使用单例实例,实现了字符串的加密和解密,并且它们大部分都在工作。

有时,虽然密码已经初始化,但仍然抛出异常:java.lang.IllegalStateException: Cipher not initialized

该场景主要是在某个时间间隔(30 分钟)之后执行字符串解密。

会不会是单例实例使用不当造成的?

而不是 Singleton 类,我试图加密字符串,使用 new 运算符创建一个 Encryption 类的实例,但问题是我需要相同的对象进行解密,否则会java.lang.IllegalStateException: Cipher not initialized被抛出。

欢迎任何建议/提示。

4

4 回答 4

9

这个问题肯定会发生在多线程环境中,就像发生在我身上一样。问题是 mCipher.init() 和 mCipher.doFinal() 方法之间的冲突。

以下是 Cipher 类中的相关方法:

public final void init(int opmode, Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException
{
   init(opmode, key, params, JceSecurity.RANDOM);
}


public final void init(int opmode, Key key, AlgorithmParameterSpec params,
                       SecureRandom random)
        throws InvalidKeyException, InvalidAlgorithmParameterException
{
    initialized = false;
    checkOpmode(opmode);

    if (spi != null) {
        checkCryptoPerm(spi, key, params);
        spi.engineInit(opmode, key, params, random);
    } else {
        chooseProvider(I_PARAMSPEC, opmode, key, params, null, random);
    }

    initialized = true;
    this.opmode = opmode;
}


public final int doFinal(byte[] output, int outputOffset)
        throws IllegalBlockSizeException, ShortBufferException,
           BadPaddingException {
    checkCipherState();

    // Input sanity check
    if ((output == null) || (outputOffset < 0)) {
        throw new IllegalArgumentException("Bad arguments");
    }

    chooseFirstProvider();
    return spi.engineDoFinal(null, 0, 0, output, outputOffset);
}


private void checkCipherState() {
    if (!(this instanceof NullCipher)) {
        if (!initialized) {
            throw new IllegalStateException("Cipher not initialized");
        }
        if ((opmode != Cipher.ENCRYPT_MODE) &&
            (opmode != Cipher.DECRYPT_MODE)) {
            throw new IllegalStateException("Cipher not initialized " +
                                            "for encryption/decryption");
        }
    }
}

查看initialized变量在多线程环境中的行为,其中两个线程执行 init() 和 doFinal()。返回的异常与未实际初始化的对象无关,而是与initialized设置为的变量无关false

我通过同步我的 encryptString() 和 decryptString() 方法解决了我的问题。希望您可以通过密码获得一些见解。

于 2013-06-24T08:39:53.877 回答
2

确保调用Cipher.getInstance()加密和解密方法。

cipher = Cipher.getInstance(TRANSFORMATION_STR);
cipher.init(Cipher.ENCRYPT_MODE, mKey, mParamSpec);
// encrypt code here

getInstance()方法获取当前线程的密码实例以避免竞争条件,例如您刚刚发布的异常。

于 2020-05-05T22:41:23.710 回答
1

在您的decryptstring方法中,您调用

byte[] plainText = new byte[mCipher.getOutputSize(encriptedByteDecode64.length)];

打电话前几行

mCipher.init(Cipher.DECRYPT_MODE, mKey, mParamSpec);

由于在调用 getOutputSize 时密码尚未初始化,因此会出现异常。重新排序这些行应该可以解决它。(它对我有用。)

于 2015-06-19T07:03:39.360 回答
0

我有同样的问题(Cipher not initialized)。我使用的是高加密,对我来说,解决方案是用jre/lib/security无限强度版本替换正常的策略罐子。

于 2014-03-18T13:42:14.077 回答