使用 JDK 7 使用 AES 128 时的问题

Question

I have a stand alone Java program that gets triggered from Mainframe_JCL. The Java program has a code to encrypt and decrypt a string.

When I run the program in my Local. After encryption, when I decrypt, the value is correct ( I am getting the string that I have supplied for encryption).

But when this runs on Mainframe by JCL executing this.. I have getting weird decrypted value.. kind of Junk.

Not sure whats the problem. Any help would be appreciated.

We are using following JDK : IBM SDK for z/OS, Java Technology Edition, Version 7

Below are methods used for encryption and decryption :

    public static String encrypt(String text) throws UnsupportedEncodingException {
        byte iv[] = new byte[16];
        byte[] encrypted = null;
        BASE64Encoder enc = new BASE64Encoder();
        try {            
            SecureRandom random = new SecureRandom();
            random.nextBytes(iv);
            IvParameterSpec ivspec = new IvParameterSpec(iv);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.ENCRYPT_MODE, getKeySpec(), ivspec);
            encrypted = cipher.doFinal(text.getBytes());
        } catch (Exception ex) {
            ex.printStackTrace();
        }
        return URLEncoder.encode(enc.encode(iv)+enc.encode(encrypted), "UTF-8");
    }

    public static String decrypt(String text) {
        byte iv[] = new byte[16];
        String decrypted  = "";
        byte[] splitText = null;
        byte[] textToDecrypt = null;
        BASE64Decoder dec = new BASE64Decoder();
        try { 
            text = URLDecoder.decode(text, "UTF-8");
            text = text.replaceAll(" ", "+");
            splitText = dec.decodeBuffer(text);
            splitText.toString();
            for(int i=0;i<16;i++){
                iv[i]=splitText[i];
            }
            textToDecrypt = new byte[splitText.length - 16];
            for(int i=16;i<splitText.length;i++){
                textToDecrypt[i-16]=splitText[i];
            }
            IvParameterSpec ivspec = new IvParameterSpec(iv);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, getKeySpec(), ivspec);
           decrypted = new String(cipher.doFinal(textToDecrypt));
        } catch (UnsupportedEncodingException ex) {
            ex.printStackTrace();
        }catch (Exception e){
            e.printStackTrace();
        }
        return decrypted;
    }

static SecretKeySpec spec = null;
public static SecretKeySpec getKeySpec() throws IOException,
                                            NoSuchAlgorithmException {
    if (spec == null) {
        String keyFile = "aes_key.key";
        spec = null;
        InputStream fis = null;
        fis = Config.class.getClassLoader().getResourceAsStream(keyFile);
        byte[] rawkey = new byte[16];
        fis.read(rawkey);
        fis.close();
        spec = new SecretKeySpec(rawkey, "AES");
}
return spec;
}

Answer 1

You haven't supplied enough information to run your code (so I won't fix), but I see two things that may corrupt the result:

1. You should prefix the 16 byte IV before you encode using Base64; currently you are possibly mixing IV and ciphertext.
2. You should define the character encoding for toBytes and new String ; currently you may have two different platform character sets to content with.

Finally, URL encoding base 64 may not be very efficient, you are better off just replacing the + and / characters by URL safe counterparts .

---

So I was in for a puzzle:

package nl.owlstead.stackoverflow;

import static java.nio.charset.StandardCharsets.UTF_8;

import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Base64;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public final class VeryStaticStringEncryption {

    private static final String KEY_FILE = "aes_key.key";
    private static final SecretKey AES_KEY = retrieveSecretKey(KEY_FILE);

    private VeryStaticStringEncryption() {
        // avoid instantiation
    }

    public static String encrypt(final String text) {
        try {
            final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            final int n = cipher.getBlockSize();

            final SecureRandom random = new SecureRandom();
            final byte[] iv = new byte[n];
            random.nextBytes(iv);
            final IvParameterSpec ivspec = new IvParameterSpec(iv);

            cipher.init(Cipher.ENCRYPT_MODE, AES_KEY, ivspec);

            final byte[] plaintext = text.getBytes(UTF_8);
            byte[] ciphertext = Arrays.copyOf(iv,
                    n + cipher.getOutputSize(plaintext.length));
            final int ciphertextSize = cipher.doFinal(
                    plaintext, 0, plaintext.length,
                    ciphertext, n);

            // output size may be bigger, but not likely
            if (n + ciphertextSize  < ciphertext.length) {
                ciphertext = Arrays.copyOf(ciphertext, n + ciphertextSize);
            }

            return Base64.getUrlEncoder().encodeToString(ciphertext);
        } catch (final GeneralSecurityException e) {
            throw new IllegalStateException("Could not encrypt string", e);
        }
    }

    public static String decrypt(final String text) {
        try {
            // throws IllegalArgumentException if decoding fails
            final byte[] ciphertext = Base64.getUrlDecoder().decode(text);

            final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            final int n = cipher.getBlockSize();

            // CBC specific
            if (ciphertext.length < n + n || ciphertext.length % n != 0) {
                throw new IllegalArgumentException("Ciphertext has incorrect size");
            }

            final IvParameterSpec ivspec = new IvParameterSpec(ciphertext, 0, n);
            cipher.init(Cipher.DECRYPT_MODE, AES_KEY, ivspec);
            final byte[] plaintext = cipher.doFinal(ciphertext, n, ciphertext.length - n);
            return new String(plaintext, UTF_8);
        } catch (final GeneralSecurityException e) {
            throw new IllegalStateException("Could not encrypt string", e);
        }
    }

    public static SecretKey retrieveSecretKey(final String keyResource) {
        try (final InputStream fis = VeryStaticStringEncryption.class.getResourceAsStream(keyResource)) {
            final byte[] rawkey = new byte[16];
            for (int i = 0; i < 16; i++) {
                final int b = fis.read();
                if (b == -1) {
                    throw new IOException("Key is not 16 bytes");
                }
                rawkey[i] = (byte) b;
            }

            if (fis.read() != -1) {
                throw new IOException("Key is not 16 bytes");
            }

            return new SecretKeySpec(rawkey, "AES");
        } catch (final IOException e) {
            // e may contain confidential information
            throw new IllegalStateException("AES key resource not available");
        }
    }

    public static void main(String[] args) {
        String ct = encrypt("owlstead");
        System.out.println(ct);
        String pt = decrypt(ct);
        System.out.println(pt);
    }
}

Note that I used a package-local resource as I didn't want to clutter up my SO project.

IMPORTANT NOTE: CBC encryption is not secure for transport mode encryption if a man-in-the-middle attack is possible. Refactor to GCM mode if required.