JAVA ANDROID AES CFB填充

Question

我使用以下代碼創建了一個Java文件，該代碼對字符串進行加密或解密：

public class Aes {
public static String encrypt(String seed, String cleartext)
        throws Exception {
    byte[] rawKey = getRawKey(seed.getBytes());
    byte[] result = encrypt(rawKey, cleartext.getBytes());
    return toHex(result);
}

public static String decrypt(String seed, String encrypted)
        throws Exception {
    byte[] rawKey = getRawKey(seed.getBytes());
    byte[] enc = toByte(encrypted);
    byte[] result = decrypt(rawKey, enc);
    return new String(result);
}

private static byte[] getRawKey(byte[] seed) throws Exception {
    KeyGenerator kgen = KeyGenerator.getInstance("AES");
    SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
    sr.setSeed(seed);
    kgen.init(128, sr); // 192 and 256 bits may not be available
    SecretKey skey = kgen.generateKey();
    byte[] raw = skey.getEncoded();
    return raw;
}

private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
    byte[] iv = new byte[] { 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF }; 
    IvParameterSpec ivSpec = new IvParameterSpec(iv);

    SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
    Cipher cipher = Cipher.getInstance("AES/CFB/NoPadding");
    cipher.init(Cipher.ENCRYPT_MODE, skeySpec, ivSpec);
    byte[] encrypted = cipher.doFinal(clear);
    return encrypted;
}

private static byte[] decrypt(byte[] raw, byte[] encrypted)
        throws Exception {
    byte[] iv = new byte[] { 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF }; 
    IvParameterSpec ivSpec = new IvParameterSpec(iv);

    SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
    Cipher cipher = Cipher.getInstance("AES/CFB/NoPadding");
    cipher.init(Cipher.DECRYPT_MODE, skeySpec, ivSpec);
    byte[] decrypted = cipher.doFinal(encrypted);
    return decrypted;
}

public static String toHex(String txt) {
    return toHex(txt.getBytes());
}

public static String fromHex(String hex) {
    return new String(toByte(hex));
}

public static byte[] toByte(String hexString) {
    int len = hexString.length() / 2;
    byte[] result = new byte[len];
    for (int i = 0; i < len; i++)
        result[i] = Integer.valueOf(hexString.substring(2 * i, 2 * i + 2),
                16).byteValue();
    return result;
}

public static String toHex(byte[] buf) {
    if (buf == null)
        return "";
    StringBuffer result = new StringBuffer(2 * buf.length);
    for (int i = 0; i < buf.length; i++) {
        appendHex(result, buf[i]);
    }
    return result.toString();
}

private final static String HEX = "0123456789ABCDEF";

private static void appendHex(StringBuffer sb, byte b) {
    sb.append(HEX.charAt((b >> 4) & 0x0f)).append(HEX.charAt(b & 0x0f));
}
}

我已成功嘗試加密字符串，但未將其解密...請幫助我。 這是我之前測試過的加密示例代碼：

String data = "HELP";
String enc = "";
try {
enc = Aes.encrypt("1234567890", data);
Log.i("ENCRYPT", data + " TO " + enc);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

結果是：48F1880B

我的問題是，如何解密？ 我使用上面的代碼進行了測試，但結果不等於純文本！ 請幫我...

Answer 1

以下示例類應為您提供所有標記為步驟的正確加密/解密方法的良好參考：

public class AES {

    public static SecretKey generateAESKey(int bits) throws NoSuchAlgorithmException{
        //This method is provided as to securely generate a AES key of the given length.

        //In practice you can specify your own SecureRandom instance.
        KeyGenerator kgen = KeyGenerator.getInstance("AES");
        kgen.init(bits);
        return kgen.generateKey();
    }

    public static byte[] encrypt(SecretKey key, byte[] plaintext) throws Exception{
        //In practice you should specify your SecureRandom implementation.
        SecureRandom rnd = new SecureRandom();

        //Generate random IV of 128-bit (AES block size)
        byte[] IV = new byte[128 / 8]; 
        rnd.nextBytes(IV);
        IvParameterSpec IVSpec = new IvParameterSpec(IV);

        //Create the cipher object to perform AES operations.
        //Specify Advanced Encryption Standard - Cipher Feedback Mode - No Padding
        Cipher AESCipher = Cipher.getInstance("AES/CFB/NoPadding");

        //Initialize the Cipher with the key and initialization vector.
        AESCipher.init(Cipher.ENCRYPT_MODE, key, IVSpec);

        //Encrypts the plaintext data
        byte[] ciphertext = AESCipher.doFinal(plaintext);

       /*
        * The IV must now be transferred with the ciphertext somehow. The easiest 
        * way to accomplish this would be to prepend the IV to the ciphertext 
        * message.
        */

        //Allocate new array to hold ciphertext + IV
        byte[] output = new byte[ciphertext.length + (128 / 8)];

        //Copy the respective parts into the array.
        System.arraycopy(IV, 0, output, 0, IV.length);
        System.arraycopy(ciphertext, 0, output, IV.length, ciphertext.length);

        return output;
    }

    public static byte[] decrypt(SecretKey key, byte[] IV, byte[] ciphertext) throws Exception{
        //Create the cipher object to perform AES operations.
        //Specify Advanced Encryption Standard - Cipher Feedback Mode - No Padding
        Cipher AESCipher = Cipher.getInstance("AES/CFB/NoPadding");

        //Create the IvParameterSpec object from the raw IV
        IvParameterSpec IVSpec = new IvParameterSpec(IV);

        //Initialize the Cipher with the key and initialization vector.
        AESCipher.init(Cipher.DECRYPT_MODE, key, IVSpec);

        //Decrypts the ciphertext data
        byte[] plaintext = AESCipher.doFinal(ciphertext);

        return plaintext;
    }

    public static void main(String[] args) throws Exception{
        //Demo the program

        String sPlaintext = "rainbows"; //String plaintext
        byte[] rPlaintext = sPlaintext.getBytes(Charset.forName("UTF-8")); //Raw byte array plaintext

        //We first need to generate a key of 128-bit
        SecretKey key = generateAESKey(128);

        //Encrypt the plaintext
        byte[] output = encrypt(key, rPlaintext);

        // ----------------- //

        //Extract the IV from the encryption output
        byte[] IV = new byte[128 / 8];
        byte[] ciphertext = new byte[output.length - (128 / 8)];

        System.arraycopy(output, 0, IV, 0, IV.length);
        System.arraycopy(output, IV.length, ciphertext, 0, ciphertext.length);

        //Decrypt the ciphertext
        byte[] dPlaintext = decrypt(key, IV, ciphertext);

        String decryptedMessage = new String(dPlaintext, Charset.forName("UTF-8"));

        //Print stuff out
        System.out.println("Original message: " + sPlaintext);
        System.out.println("Original message bytes: " + Arrays.toString(rPlaintext));
        System.out.println("Encryption Output bytes: " + Arrays.toString(output));
        System.out.println("Decrypted message bytes: " + Arrays.toString(dPlaintext));
        System.out.println("Decrypted message: " + decryptedMessage);
    }
}

但是要注意的幾件事：

throws Exception

是不能接受的。 放置它只是為了簡化代碼，切勿在實踐中使用。 盡管不大可能拋出諸如NoSuchAlgorithmException已檢查異常，但請警惕decrypt()方法將為解密失敗而拋出異常 （即，錯誤的密鑰/ IV /密文）。

接下來我要講的是，您不應該依賴引發異常的decrypt()方法來驗證輸入。 這應該是一種具有安全單向哈希函數的函數，例如SHA-2 。

注意如何一次生成用於加密/解密的密鑰。 AES是對稱的分組密碼，這意味着加密和解密使用相同的密鑰 。 請注意這一點，並且不要在加密和解密之間生成新的密鑰 （但是，只要您願意，只要使用相同的密鑰進行解密，就可以為每個加密生成一個新的密鑰）。

Answer 2

問題主要在

public static String toHex(String txt) {
return toHex(txt.getBytes());
}

public static String fromHex(String hex) {
return new String(toByte(hex));
}

public static byte[] toByte(String hexString) {
int len = hexString.length() / 2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
    result[i] = Integer.valueOf(hexString.substring(2 * i, 2 * i + 2),
            16).byteValue();
return result;

從Hex String轉換String ，您不會以前導零進行轉換，即，無論何時轉換char並且該char的可能值為零，則十六進制值也為00 ，默認情況下，您的方法將忽略一個零並僅添加十六進制字符串為零

注意：-數字零0不等於零的十六進制值。十六進制的零值為空字符，請參考ASCII表。

帶前導零 ef1b0030ef 不帶前導零 ef1b030ef

JAVA ANDROID AES CFB填充

問題描述

2 個解決方案

解決方案1
0 已采納 2014-02-06 17:19:36

解決方案2
0 2015-12-29 03:34:13

JAVA ANDROID AES CFB填充

問題描述

2 個解決方案

解決方案1 0 已采納 2014-02-06 17:19:36

解決方案2 0 2015-12-29 03:34:13

解決方案1
0 已采納 2014-02-06 17:19:36

解決方案2
0 2015-12-29 03:34:13