我正在开发一个现有的应用程序,但尚未编写它。
在此方法中解密用户名和密码期间,我得到了这个异常(javax.crypto.BadPaddingException:pad block损坏):
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);//ERROR HERE////////////////////////////////////////////////////////////////////////////
return decrypted;
}
encrypted 的值是一个字节数组,其中包含 -89 到 126 之间的 16 个数值。任何人都可以看到这段代码的问题吗?这是所有重要的代码:
在 Settings 类(Encryptor 类的客户端)内部:
private final String ENCRYPTION_SEED = "MH8734()9Akg&*3d";
public void loadAuthorization() {
try {
username = getStringEncrypted(sharedPreferences, KEY_USERNAME);
password = getStringEncrypted(sharedPreferences, KEY_PASSWORD);
isAuthorized = sharedPreferences.getBoolean(KEY_IS_AUTHORIZED,
false);
} catch (Exception e) {
Log.e("LOAD ERROR", "Exception during loading authorization");
}
}
public String getStringEncrypted(SharedPreferences sharedPreferences,
String key) {
try {
String valueEncrypted = sharedPreferences.getString(key, "NULL");
String valueDecrypted = Encryptor.decrypt(ENCRYPTION_SEED + key,
valueEncrypted);
return valueDecrypted;
} catch (Exception e) {
return "NULL";
}
}
public void saveAuthorization() {
SharedPreferences.Editor ed = sharedPreferences.edit();
try {
setStringEncrypted(ed, KEY_USERNAME, username);
setStringEncrypted(ed, KEY_PASSWORD, password);
ed.putBoolean(KEY_IS_AUTHORIZED, isAuthorized);
} catch (Exception e) {
Log.e("SAVE ERROR", "Exception during saving authorization");
}
ed.commit();
}
public void setStringEncrypted(SharedPreferences.Editor ed, String key,
String value) {
try {
String valueEncrypted = Encryptor.encrypt(ENCRYPTION_SEED + key,
value);
ed.putString(key, valueEncrypted);
} catch (Exception e) {
e.printStackTrace();
}
}
完整的加密器类:
package com.boolbalabs.petlinx.settings;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class Encryptor {
private final static String HEX = "0123456789ABCDEF";
private static void appendHex(StringBuffer sb, byte b) {
sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f));
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);//ERROR HERE////////////////////////////////////////////////////////////////////////////
return decrypted;
}
public static String decrypt(String seed, String encrypted) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes());
byte[] enc = toByte(encrypted);
byte[] result = decrypt(rawKey, enc);
return new String(result);
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
public static String encrypt(String seed, String cleartext) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes());
byte[] result = encrypt(rawKey, cleartext.getBytes());
return toHex(result);
}
public static String fromHex(String hex) {
return new String(toByte(hex));
}
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(128, sr); // 192 and 256 bits may not be available
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
return raw;
}
public static byte[] toByte(String hexString) {
int len = hexString.length()/2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue();
return result;
}
public static String toHex(byte[] buf) {
if (buf == null)
return "";
StringBuffer result = new StringBuffer(2*buf.length);
for (int i = 0; i < buf.length; i++) {
appendHex(result, buf[i]);
}
return result.toString();
}
public static String toHex(String txt) {
return toHex(txt.getBytes());
}
}
这个答案建议不要使用 SecureRandom 来生成密钥。我正在处理的应用程序中的代码确实为此使用了 SecureRandom。我该如何解决?
这是使用 SecureRandom 的代码。
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(128, sr); // 192 and 256 bits may not be available
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
return raw;
}