4

我关注了这篇文章的大部分内容,目的是在我的软件中实现 aes 256 加密,它工作得很好

这里的关键点是上面链接中描述的整个实现都使用了AESEngine 类。查看类代码和javadoc 参考,AESEngine 是 128 位而不是 256 位块密码

通过代码和文档搜索,我找不到 192 位或 256 位的实现。他们在哪里?

为了完整起见,这是我实际加密类的核心:

    private void init(String passphrase) {
        try {
            String algorithm = "PBEWithSHA256And256BitAES-CBC-BC"; 

            encryptCipher = createCipher();
            decryptCipher = createCipher();    

            randomGenerator = new RandomGenerator();

            PBEKeySpec keySpec = new PBEKeySpec(passphrase.toCharArray(), KEY_SALT, ITERATIONS);    

            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
            key = keyFactory.generateSecret(keySpec);    

        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("NoSuchAlgorithmException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
        } catch (InvalidKeySpecException e) {
            throw new RuntimeException("InvalidKeySpecException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
        }
    }    

    private BufferedBlockCipher createCipher() {
        return new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESFastEngine()), new PKCS7Padding());
    }    

    public byte[] encrypt(byte[] data) {
        if (data == null)
            throw new NullPointerException("Cannot encrypt null data");    

        byte[] iv = randomGenerator.generateRandom(IV_SIZE);    

        byte[] encrypted;

        synchronized (encryptCipher) {
            encrypted = runCipher(encryptCipher, true, data, iv);
        }    

        return DataUtil.append(iv, encrypted);
    }    

    public byte[] decrypt(byte[] data) {
        if (data == null)
            throw new NullPointerException("Cannot decrypt null data");    

        byte[] iv = DataUtil.extract(data, 0, IV_SIZE);
        byte[] cipherText = DataUtil.extract(data, IV_SIZE, data.length - IV_SIZE);

        byte[] decrypted;    

        synchronized (decryptCipher) {
            decrypted = runCipher(decryptCipher, false, cipherText, iv);
        }

        return decrypted;
    }

    private byte[] runCipher(BufferedBlockCipher cipher, boolean forEncryption, byte[] data, byte[] iv) {
        String operation = forEncryption ? "encrypt" : "decrypt";

        try {
            KeyParameter keyParam = new KeyParameter(key.getEncoded());
            ParametersWithIV cipherParams = new ParametersWithIV(keyParam, iv);

            cipher.init(forEncryption, cipherParams);

            byte[] result = new byte[cipher.getOutputSize(data.length)];
            int len = cipher.processBytes(data, 0, data.length, result, 0);
            len += cipher.doFinal(result, len);

            //Remove padding se estiver decriptografando
            if(!forEncryption)
                result = DataUtil.extract(result, 0, len);

            return result;
        } catch (DataLengthException e) {
            throw new RuntimeException("DataLengthException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
        } catch (IllegalStateException e) {
            throw new RuntimeException("IllegalStateException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
        } catch (InvalidCipherTextException e) {
            throw new IllegalArgumentException("InvalidCipherTextException occured while trying to " + operation + " data with length " + data.length, e);
        }
    }
4

2 回答 2

5

如果您想使用 256 位的块大小进行类似 AES 的加密,您应该使用:

http://www.docjar.org/docs/api/org/bouncycastle/crypto/engines/RijndaelEngine.html

但这可能不是您想要的。AES-256 中的 256 大约是密钥大小。然后,底层 128 位 AES 分组密码将使用此密钥大小。AES 是 Rijndael 的标准化 128 位块版本。

于 2012-09-24T22:40:56.240 回答
0

AES 支持 3 种密钥大小 - WikipediaNIST

您可能指的是固定为 128 位的块大小。

另外,我尝试通过代码,它是假设不同的密钥大小 - 128、192和256编写的。复制 - 从代码粘贴 - “AES指定了128位的固定块大小和128/192/256位的密钥大小。这个假设这些是唯一可能的值,则编写代码”

于 2015-02-22T14:39:14.237 回答