[英]Java Encrypt a file using aes256/ CBC/PKCS7Padding
我正在嘗試使用aes256-CBC-PKCS7Padding加密文件。 我正在使用充氣城堡圖書館,但我得到例外
java.lang.IllegalArgumentException: invalid parameter passed to AES init - org.bouncycastle.crypto.params.ParametersWithIV
at org.bouncycastle.crypto.engines.AESEngine.init(Unknown Source)
at org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher.init(Unknown Source)
這里的源代碼:
public class Crypto {
public static final int AES_Key_Size = 256;
public static int blockSize = 16;
private final BlockCipher AESCipher = new AESEngine();
private PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(AESCipher, new PKCS7Padding());
private byte[] IV;
private KeyParameter key;
public Crypto() throws NoSuchAlgorithmException {
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(AES_Key_Size);
SecretKey sk = kg.generateKey();
key = new KeyParameter(sk.getEncoded());
}
public void CryptoZip(File plikZip, File plikAES) throws IOException, DataLengthException, IllegalStateException, InvalidCipherTextException {
byte[] input = Files.readAllBytes(plikZip.toPath());
byte[] cryptOut = encrypt(input);
FileOutputStream fos = new FileOutputStream(plikAES);
fos.write(cryptOut);
fos.close();
}
private byte[] encrypt(byte[] input) throws DataLengthException, IllegalStateException, InvalidCipherTextException {
IV = new byte[blockSize];
SecureRandom random = new SecureRandom();
random.nextBytes(IV);
cipher.init(true, new ParametersWithIV(key, IV)); // problem here
byte[] output = new byte[cipher.getOutputSize(input.length)];
int bytesWrittenOut = cipher.processBytes(
input, 0, input.length, output, 0);
cipher.doFinal(output, bytesWrittenOut);
return output;
}
}
任何建議如何解決它並解釋我做錯了什么將是非常有幫助的。
你缺少的是模式的指示。 如果缺少那么則假定ECB模式,並且ECB模式不采用IV。 所以PaddedBufferedBlockCipher
確實做了緩沖,但對於ECB模式。 所以init模式只是將參數傳遞給AESEngine
, AESEngine
拒絕IV,因為它只接受密鑰。
在您的代碼中,以下內容將直接解決問題:
private final CBCBlockCipher AESCipherCBC = new CBCBlockCipher(AESCipher);
private final PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(AESCipherCBC, new PKCS7Padding());
我將包括以下重寫,以向您展示一種不同的寫法。 請注意,我沒有觸及正確處理IV或異常。 顯然,對於大型文件,您可能希望流式傳輸內容和/或映射文件。
// renamed as crypto is a horrible name
public class FileEncryptor {
// lets use all uppercase constant names
public static final int AES_KEY_SIZE = 256;
// only field needed, the rest can be generated on the fly
private final KeyParameter key;
public FileEncryptor() throws NoSuchAlgorithmException {
key = generateKey();
}
private static KeyParameter generateKey() {
// removed KeyGenerator as that's dependent on JCA crypto-API
SecureRandom keyRNG = new SecureRandom();
byte[] keyData = new byte[AES_KEY_SIZE / Byte.SIZE];
keyRNG.nextBytes(keyData);
return new KeyParameter(keyData);
}
// the code doesn't do anything with zip itself, so no need to include it in the method name
public void encryptFile(File plaintextFile, File ciphertextFile) throws IOException, DataLengthException, IllegalStateException, InvalidCipherTextException {
byte[] plaintext = Files.readAllBytes(plaintextFile.toPath());
byte[] ciphertext = encrypt(plaintext);
// try and be symmetric, use Files functionality for reading *and writing*
Files.write(ciphertextFile.toPath(), ciphertext);
}
private byte[] encrypt(byte[] plaintext) throws DataLengthException, IllegalStateException, InvalidCipherTextException {
// create cipher
final BlockCipher aes = new AESFastEngine();
CBCBlockCipher aesCBC = new CBCBlockCipher(aes);
PaddedBufferedBlockCipher aesCBCPadded =
new PaddedBufferedBlockCipher(aesCBC, new PKCS7Padding());
// create IV
byte[] iv = new byte[aes.getBlockSize()];
SecureRandom random = new SecureRandom();
random.nextBytes(iv);
// initialize cipher with IV
ParametersWithIV paramsWithIV = new ParametersWithIV(key, iv);
aesCBCPadded.init(true, paramsWithIV); // problem here
// encrypt
byte[] ciphertext = new byte[aesCBCPadded.getOutputSize(plaintext.length)];
int bytesWrittenOut = aesCBCPadded.processBytes(
plaintext, 0, plaintext.length, ciphertext, 0);
aesCBCPadded.doFinal(ciphertext, bytesWrittenOut);
// that's great, but where is your IV now? you need to include it in the returned ciphertext!
return ciphertext;
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.