每次執行都一致的AES加密密鑰生成？

Question

我找到了如何使用AES加密的寫得很好的示例，並且我承認一些更高級的方面超出了我的范圍。 只要我使用的是同一個實例對象，該類就可以正常工作。 如果我使用相同的完全相同的passPhrase創建另一個對象，則該對象將無法再正確解碼先前對象創建的任何類型的字符串或數據。 我只能得出結論，由於此代碼采用了相當弱的passPhrase字符串，混合了SALT，並構建了一個更強的128位密鑰-密鑰構建過程每次都以某種方式隨機化。 意義是：

new AESEncrypter("MyPassword") <> new AESEncrypter("MyPassword")

有人可以幫我修改下面的類以獲得所需的行為：

AESEncrypter a = new AESEncrypter("MyPassword")
String encoded = a.encrypt("my message")

AESEncrypter b = new AESEncrypter("MyPassword")
b.decrypt(encoded) == "my message"

import java.security.spec.KeySpec;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

public class AESEncrypter {

    private static final byte[] SALT = {
            (byte) 0xA9, (byte) 0x9B, (byte) 0xC8, (byte) 0x32,
            (byte) 0x56, (byte) 0x35, (byte) 0xE3, (byte) 0x03
    };
    private static final int ITERATION_COUNT = 65536;
    private static final int KEY_LENGTH = 128;
    public Cipher ecipher;
    public Cipher dcipher;

    AESEncrypter(String passPhrase) throws Exception {

    SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
        KeySpec spec = new PBEKeySpec(passPhrase.toCharArray(), SALT, ITERATION_COUNT, KEY_LENGTH);
        SecretKey tmp = factory.generateSecret(spec);

        // I Think the problem is here???

        SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");

        ecipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        ecipher.init(Cipher.ENCRYPT_MODE, secret);

        dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        byte[] iv = ecipher.getParameters().getParameterSpec(IvParameterSpec.class).getIV();
        dcipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
    }

    public String encrypt(String encrypt) throws Exception {
        byte[] bytes = encrypt.getBytes("UTF8");
        byte[] encrypted = encrypt(bytes);
        return new BASE64Encoder().encode(encrypted);
    }

    public byte[] encrypt(byte[] plain) throws Exception {
        return ecipher.doFinal(plain);
    }

    public String decrypt(String encrypt) throws Exception {
        byte[] bytes = new BASE64Decoder().decodeBuffer(encrypt);
        byte[] decrypted = decrypt(bytes);
        return new String(decrypted, "UTF8");
    }

    public byte[] decrypt(byte[] encrypt) throws Exception {
        return dcipher.doFinal(encrypt);
    }

   public static void main(String[] args) throws Exception {

        String message = "MESSAGE";
        String password = "PASSWORD";

        AESEncrypter encrypter1 = new AESEncrypter(password);
        AESEncrypter encrypter2 = new AESEncrypter(password);

        String encrypted1 = encrypter1.encrypt(message);
        String encrypted2 = encrypter2.encrypt(message);

        System.out.println("Display Encrypted from object 1 and 2..why do they differ?" );

        System.out.println(encrypted1) ;
        System.out.println(encrypted2) ;

        System.out.println("Display Each object decrypting its own encrypted msg. Works as expected" );

        System.out.println(encrypter1.decrypt(encrypted1)) ;
        System.out.println(encrypter2.decrypt(encrypted2)) ;

        System.out.println("Attempt to decrypt the each others msg.. will fail" );

        System.out.println(encrypter1.decrypt(encrypted2)) ;
        System.out.println(encrypter2.decrypt(encrypted1)) ;

    }

}

從對象1和2加密顯示。為什么它們不同？

drGy+BNSHPy34NWkkcNqLQ==

9p06VfBgTuh7TizZSbvKjw==

顯示每個對象解密自己的加密消息。 按預期工作

MESSAGE

MESSAGE

嘗試解密對方味精..將會失敗

錯誤：

Exception in thread "main" javax.crypto.BadPaddingException: Given final block not properly padded
    at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:966)
    at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:824)
    at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:436)
    at javax.crypto.Cipher.doFinal(Cipher.java:2165)

Answer 1

問題在於，當您在CBC模式下初始化新Cipher時，它將為您生成一個新的隨機IV。 這個初始化向量不必是秘密的，但是提供語義安全性必須是不可預測的。 您只需將IV放在密文前面，然后將其用於解密。

public byte[] encrypt(byte[] plain) throws Exception {
    byte[] iv = ecipher.getParameters().getParameterSpec(IvParameterSpec.class).getIV();
    byte[] ct = ecipher.doFinal(plain);
    byte[] result = new byte[ct.length + iv.length];
    System.arraycopy(iv, 0, result, 0, iv.length);
    System.arraycopy(ct, 0, result, iv.length, ct.length);
    return result;
}

public byte[] decrypt(byte[] encrypt) throws Exception {
    byte[] iv = new byte[dcipher.getBlockSize()];
    byte[] ct = new byte[encrypt.length - dcipher.getBlockSize()];
    System.arraycopy(encrypt, 0, iv, 0, dcipher.getBlockSize());
    System.arraycopy(encrypt, dcipher.getBlockSize(), ct, 0, ct.length);

    dcipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
    return dcipher.doFinal(ct);
}

您需要在初始化步驟中將secret存儲在私有變量中，解密才能起作用。

---

請記住，PBDKF2的鹽也應該是隨機的，且長度為16個字節。 您可以將其與IV一起存儲。