0

我正在从 oracle 数据库中解密密码,用于登录页面,以验证用户名和密码。它是一个简单的 JSP 页面:

<HTML>
<BODY>

<%
    Class.forName("oracle.jdbc.OracleDriver");

        Connection conn =     DriverManager.getConnection("jdbc:oracle:thin:@xxx:xxxx:xxxx","i----r","i-----r");
                        // @//machineName:port:SID,   userid,  password

    Statement st=conn.createStatement();

    ResultSet rs=st.executeQuery("Select * from xxxxxxx");

    //Just testing now, for decryption

    String algorithm1 = "DES";//magical mystery constant
    String algorithm2 = "DES/CBC/NoPadding";//magical mystery constant
    IvParameterSpec iv = new IvParameterSpec( new byte [] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } );//magical mystery constant
    Cipher cipher;
    SecretKey key;
    String k="12345abc";
    key = new SecretKeySpec( k.getBytes( ), algorithm1 );
    cipher = Cipher.getInstance( algorithm2 );

    String str="test1234abc";

    cipher.init( Cipher.ENCRYPT_MODE, key, iv ); //normally you could leave out the IvParameterSpec argument, but not with Oracle

    byte[] bytes=str.getBytes("UTF-8");

    byte[] encrypted = cipher.doFinal( bytes );


%>
</BODY>
</HTML>

我面临的问题是一切正常,但最后一行代码byte[] encrypted = cipher.doFinal( bytes );给了我一个错误:

javax.crypto.IllegalBlockSizeException: Input length not multiple of 8 bytes
at com.sun.crypto.provider.SunJCE_h.a(DashoA6275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA6275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA6275)
at com.sun.crypto.provider.DESCipher.engineDoFinal(DashoA6275)
at javax.crypto.Cipher.doFinal(DashoA6275)
at _check1._jspService(_check1.java:83) [SRC:/check1.jsp:45]
at com.orionserver[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].http.OrionHttpJspPage.service(OrionHttpJspPage.java:56)
at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:569)
at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:305)
at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:509)
at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:413)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:824)
at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:830)
at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].server.http.HttpRequestHandler.run(HttpRequestHandler.java:285)
at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].server.http.HttpRequestHandler.run(HttpRequestHandler.java:126)
at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
at java.lang.Thread.run(Thread.java:534)

可能是什么原因造成的,我该如何解决?

4

2 回答 2

1

错误消息一次有用:将输入字符串填充为 8 个字节的倍数。

使用Arrays.copyOf(byte[], int)或用于早期版本:

byte[] bytes=str.getBytes("UTF-8");

byte[] bytesPadded = 
   (str
    + new String(new byte[(8  - bytes.length % 8) % 8])
   ).getBytes();

byte[] encrypted = cipher.doFinal( bytesPadded );
于 2012-07-09T09:41:09.803 回答
0

好的,我得到了查询的答案……我正在使用 8 字节加密。所以密码必须是 8 个字符的倍数。因此,通过在登录页面上检查密码必须是 8 个字符的倍数来解决问题。

于 2012-07-10T03:16:21.880 回答