gpt4 book ai didi

java - badPaddingException 在 doFinal 的某些调用上。不是全部。相同的输入

转载 作者:太空狗 更新时间:2023-10-29 22:41:26 25 4
gpt4 key购买 nike

我使用 javax.crypto.cipher 来加密和解密一些数据。它运作良好。但有时,解密失败并出现 badPaddingException。如果我将成功的调用与失败的调用进行比较,则提供给密码的输入是相同的,并且密码的初始化方式相同。

我如何实例化我的密码

dcipher = Cipher.getInstance("PBEWithMD5AndDES");
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);

我是这样用的

dec = Base64.decode(str) ;
byte[] utf8 = dcipher.doFinal(dec);

在 doFinal 上引发异常。

有什么想法吗?

谢谢!

哦,顺便说一句,我使用 bouncyCaSTLe 作为提供者,并使用

将其添加到列表顶部
Security.insertProviderAt(new org.bouncycastle.jce.provider.BouncyCastleProvider(), 1);

为了完整起见,也因为问题时不时出现。这是完整的类(class)。

public class EncryptDecryptUtil {
/** Encryption Cipher */
private static Cipher ecipher;
/** Decription Cipher */
private static Cipher dcipher;

private static Logger logger = Logger.getLogger(EncryptDecryptUtil.class);

/**
* Constructor used to create this object. Responsible for setting and initializing this object's encrypter and
* decrypter Cipher instances given a Secret Key and algorithm.
*
* @param key Secret Key used to initialize both the encrypter and decrypter instances.
* @param algorithm Which algorithm to use for creating the encrypter and decrypter instances.
*/
public EncryptDecryptUtil(SecretKey key, String algorithm) {
Security.insertProviderAt(new org.bouncycastle.jce.provider.BouncyCastleProvider(), 1);
try {
ecipher = Cipher.getInstance(algorithm);
dcipher = Cipher.getInstance(algorithm);
ecipher.init(Cipher.ENCRYPT_MODE, key);
dcipher.init(Cipher.DECRYPT_MODE, key);
} catch (NoSuchPaddingException e) {
System.out.println("EXCEPTION: NoSuchPaddingException");
} catch (NoSuchAlgorithmException e) {
System.out.println("EXCEPTION: NoSuchAlgorithmException");
} catch (InvalidKeyException e) {
System.out.println("EXCEPTION: InvalidKeyException");
}
}

/**
* Constructor used to create this object. Responsible for setting and initializing this object's encrypter and
* decrypter Chipher instances given a Pass Phrase and algorithm.
*
* @param passPhrase Pass Phrase used to initialize both the encrypter and decrypter instances.
*/
public EncryptDecryptUtil(String passPhrase) {
Security.insertProviderAt(new org.bouncycastle.jce.provider.BouncyCastleProvider(), 1);
// 8-bytes Salt
byte[] salt = { (byte) 0xB9, (byte) 0x8B, (byte) 0xD8, (byte) 0x31, (byte) 0x55, (byte) 0x24, (byte) 0xF3, (byte) 0x13 };

// Iteration count
int iterationCount = 19;

try {
// Generate the secret key associated to the passphrase.
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);

// Get instance of the cipher
ecipher = Cipher.getInstance("PBEWithMD5AndDES");
dcipher = Cipher.getInstance("PBEWithMD5AndDES");

// Prepare the parameters to the cipthers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);

ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);

} catch (InvalidAlgorithmParameterException e) {
logger.error("during encrypter instantiation",e);
} catch (InvalidKeySpecException e) {
logger.error("during encrypter instantiation",e);
} catch (NoSuchPaddingException e) {
logger.error("during encrypter instantiation",e);
} catch (NoSuchAlgorithmException e) {
logger.error("during encrypter instantiation",e);
} catch (InvalidKeyException e) {
logger.error("during encrypter instantiation",e);
}
}

/**
* Takes a single String as an argument and returns an Encrypted version of that String.
*
* @param str String to be encrypted
* @return <code>String</code> Encrypted version of the provided String
*/
public String encrypt(String str) {
try {
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");

// Encrypt
byte[] enc = ecipher.doFinal(utf8);

// Encode bytes to base64 to get a string
return new String( Base64.encode(enc), "UTF8");

} catch (BadPaddingException e) {
logger.error("during encryption : ",e);
} catch (IllegalBlockSizeException e) {
logger.error("during encryption : ",e);
} catch (UnsupportedEncodingException e) {
logger.error("during encryption : ",e);
}
return new String();
}


/**
* Takes a encrypted String as an argument, decrypts and returns the decrypted String.
*
* @param str Encrypted String to be decrypted
* @return <code>String</code> Decrypted version of the provided String
*/
public String decrypt(String str) {
byte[] dec = new byte[0];
try {
// Decode base64 to get bytes. Not sure to understand why.
dec = Base64.decode(str) ;
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");

} catch (BadPaddingException e) {
logger.error("error during decryption. String to decode was : "+str + " byte array to decode was : "+ Arrays.toString(dec) ,e);
} catch (IllegalBlockSizeException e) {
logger.error("during decryption : ",e);
} catch (UnsupportedEncodingException e) {
logger.error("during decryption : ",e);
}
return new String();
}
}

编辑:我想强调这两点:

  • 相同的输入有时会失败/有时会成功解密。 (我知道这要感谢 BadPaddingException 中的日志)
  • 此主要调用解密方法 1 000 000 000 次确实重现了问题。

...

for( int i = 0 ; i<1000000000 ; i++){
EncryptDecryptUtil encryptDecript = new EncryptDecryptUtil("pass");
if ( !"YES".equals(encryptDecript.decrypt("Q3qWLKo6yJY="))){
System.out.println("Fail at call " + i);
throw new InvalidParameterException() ;
}
}

所以也许它可能来 self 使用 EncryptDecryptUtils 类的方式?这是一个 Spring bean 的字段,实例化了一次。

com.myStuff.dlm.cryptography.EncryptDecryptUtil  error during decryption. String to   decode was : Q3qWLKo6yJY= byte array to decode was : [114, 52, -52, -54, 82, 87, 124, 84]
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_ab.b(DashoA13*..)
at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at com.dvidea.dlm.cryptography.EncryptDecryptUtil.decrypt(EncryptDecryptUtil.java:166)

最佳答案

只是一个想法:也许您正在跳跃不同的供应商(Sun/BC/等)

问候。

关于java - badPaddingException 在 doFinal 的某些调用上。不是全部。相同的输入,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4895773/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com