Java使用aes256 / CBC / PKCS7Padding加密文件

Question

我正在嘗試使用aes256-CBC-PKCS7Padding加密文件。 我正在使用充氣城堡圖書館，但我得到例外

java.lang.IllegalArgumentException: invalid parameter passed to AES init - org.bouncycastle.crypto.params.ParametersWithIV
at org.bouncycastle.crypto.engines.AESEngine.init(Unknown Source)
at org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher.init(Unknown Source)

這里的源代碼：

public class Crypto {

    public static final int AES_Key_Size = 256;
    public static int blockSize = 16;
    private final BlockCipher AESCipher = new AESEngine();
    private PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(AESCipher, new PKCS7Padding());
    private byte[] IV;
    private KeyParameter key;

    public Crypto() throws NoSuchAlgorithmException {
        KeyGenerator kg = KeyGenerator.getInstance("AES");
        kg.init(AES_Key_Size);
        SecretKey sk = kg.generateKey();
        key = new KeyParameter(sk.getEncoded());


    }
    public void CryptoZip(File plikZip, File plikAES) throws IOException, DataLengthException, IllegalStateException, InvalidCipherTextException {

        byte[] input = Files.readAllBytes(plikZip.toPath());
        byte[] cryptOut = encrypt(input);
        FileOutputStream fos = new FileOutputStream(plikAES);
        fos.write(cryptOut);
        fos.close();



    }


    private byte[] encrypt(byte[] input) throws DataLengthException, IllegalStateException, InvalidCipherTextException {



        IV = new byte[blockSize];
        SecureRandom random = new SecureRandom();
        random.nextBytes(IV);

        cipher.init(true, new ParametersWithIV(key, IV)); // problem here


        byte[] output = new byte[cipher.getOutputSize(input.length)];
        int bytesWrittenOut = cipher.processBytes(
            input, 0, input.length, output, 0);

        cipher.doFinal(output, bytesWrittenOut);

        return output;

    }
}

任何建議如何解決它並解釋我做錯了什么將是非常有幫助的。

Answer 1

你缺少的是模式的指示。 如果缺少那么則假定ECB模式，並且ECB模式不采用IV。 所以PaddedBufferedBlockCipher確實做了緩沖，但對於ECB模式。 所以init模式只是將參數傳遞給AESEngine ， AESEngine拒絕IV，因為它只接受密鑰。

在您的代碼中，以下內容將直接解決問題：

private final CBCBlockCipher AESCipherCBC = new CBCBlockCipher(AESCipher);
private final PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(AESCipherCBC, new PKCS7Padding());

---

我將包括以下重寫，以向您展示一種不同的寫法。 請注意，我沒有觸及正確處理IV或異常。 顯然，對於大型文件，您可能希望流式傳輸內容和/或映射文件。

// renamed as crypto is a horrible name
public class FileEncryptor {

    // lets use all uppercase constant names
    public static final int AES_KEY_SIZE = 256;

    // only field needed, the rest can be generated on the fly
    private final KeyParameter key;

    public FileEncryptor() throws NoSuchAlgorithmException {
        key = generateKey();
    }

    private static KeyParameter generateKey() {
        // removed KeyGenerator as that's dependent on JCA crypto-API 
        SecureRandom keyRNG = new SecureRandom();
        byte[] keyData = new byte[AES_KEY_SIZE / Byte.SIZE];
        keyRNG.nextBytes(keyData);
        return new KeyParameter(keyData);
    }

    // the code doesn't do anything with zip itself, so no need to include it in the method name
    public void encryptFile(File plaintextFile, File ciphertextFile) throws IOException, DataLengthException, IllegalStateException, InvalidCipherTextException {
        byte[] plaintext = Files.readAllBytes(plaintextFile.toPath());
        byte[] ciphertext = encrypt(plaintext);
        // try and be symmetric, use Files functionality for reading *and writing*
        Files.write(ciphertextFile.toPath(), ciphertext);
    }


    private byte[] encrypt(byte[] plaintext) throws DataLengthException, IllegalStateException, InvalidCipherTextException {
        // create cipher
        final BlockCipher aes = new AESFastEngine();
        CBCBlockCipher aesCBC = new CBCBlockCipher(aes);
        PaddedBufferedBlockCipher aesCBCPadded =
                new PaddedBufferedBlockCipher(aesCBC, new PKCS7Padding());

        // create IV
        byte[] iv = new byte[aes.getBlockSize()];
        SecureRandom random = new SecureRandom();
        random.nextBytes(iv);

        // initialize cipher with IV
        ParametersWithIV paramsWithIV = new ParametersWithIV(key, iv);
        aesCBCPadded.init(true, paramsWithIV); // problem here

        // encrypt
        byte[] ciphertext = new byte[aesCBCPadded.getOutputSize(plaintext.length)];
        int bytesWrittenOut = aesCBCPadded.processBytes(
            plaintext, 0, plaintext.length, ciphertext, 0);
        aesCBCPadded.doFinal(ciphertext, bytesWrittenOut);

        // that's great, but where is your IV now? you need to include it in the returned ciphertext!
        return ciphertext;
    }
}