使用AES / CBC / PKCS5Padding正確解密文件-BadPaddingException

Question

當我嘗試解密以下文件時，在下一行得到此BadPaddingException 。 我相信文件已正確加密。

javax.crypto.BadPaddingException: Given final block not properly padded
    at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:810)
    at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:675)
    at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:313)
    at javax.crypto.Cipher.doFinal(Cipher.java:1970)
    **at MyProgram.decryptFile(MyProgram.java:1437)**
    at MyProgram.decrypt(MyProgram.java:865)
    at MyProgram.access$900(MyProgram.java:68)
    at MyProgram$1.messagesAdded(MyProgram.java:353)
    at javax.mail.event.MessageCountEvent.dispatch(MessageCountEvent.java:150)
    at javax.mail.EventQueue.run(EventQueue.java:135)
    at java.lang.Thread.run(Thread.java:722)

這是解密代碼，我也可以在加密部分發送代碼：

private static void decryptFile(String file, String password, byte[] Salt, byte[] IV, String attachmentunecryptedhash, String attachmentoriginalsizeString, String attachmentcreated)
{
        long attachmentSize = 0;
        String attachmentCreated = null;
        String attachmentModified = null;
        String attachmentHash = null;
        byte[] buffers = new byte[16];
        byte[] endOfFile = new byte[16];
        int counterForFile = 0;
        int attachmentoriginalsize = 0;
        int noBytes = 0;

        try
        {
            if(Paths.get(file.trim()).toFile().exists() == true) //If the File Exists
            {
                //Creates Secret Key For Decryption -- Passes Password, Salt, Iterations, and Key Length
                PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray(), Salt, 65536, 256);
                SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
                SecretKey secretKey = factory.generateSecret(keySpec);
                SecretKeySpec secret = new SecretKeySpec(secretKey.getEncoded(), "AES");

                //Initalizes Cipher For Decrypt Mode -- Passes Password and Salt
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(IV));

                //Prepares To Write New Buffer Containing Decrypted Information to Output File
                String unencryptedFile = file.trim().replaceAll(".aes", "");
                FileInputStream fileInputStream = new FileInputStream(file.trim());
                FileOutputStream fileOutputStream = new FileOutputStream(unencryptedFile);
                attachmentoriginalsize = Integer.parseInt(attachmentoriginalsizeString);



                //Writes Encrypted File to Disk Using Secure Cipher Output Stream
                while((noBytes = fileInputStream.read(buffers)) != -1)
                {

                    //Writes 1 encrypted byte at a time
                    fileOutputStream.write(cipher.update(buffers,0,noBytes));
                    //counterForFile += 16;
                }

                buffers = cipher.doFinal();  //Line 1437 Where the Error Exists

                fileOutputStream.write(buffers);
                fileOutputStream.flush();


                //Close Files, Cleanup
                fileInputStream.close();
                fileOutputStream.close();

                System.exit(1);

}

Answer 1

有很多事情都可能導致“填充錯誤”錯誤。 基本上，任何導致最后一個塊的末尾與預期填充不匹配的東西都將引發錯誤。 可能的原因包括：錯誤的填充設置，錯誤的密鑰，密文損壞等。

要嘗試診斷問題，請將解密方設置為NoPadding 。 這將接受任何內容，並允許您檢查輸出：

• 完全垃圾：您可能在按鍵或其他模式設置上有錯誤。

• 第一個塊垃圾：您可能遇到鍵盤錯誤或IV錯誤。

• 最后一塊垃圾：密文文件的損壞結尾。

• 正確的解密，末尾有一些奇怪的字節：奇怪的字節是填充。

如果確實只是填充，則將解密功能設置為期望這種填充。 否則檢查鍵/ IV /密文是字節對字節相同的加密和解密。

診斷后設置填充模式至關重要 。 NoPadding不安全。