MbedTLS AES 128在Java中加密和解密

huangapple go评论123阅读模式
英文:

MbedTLS AES 128 encrypt and decrypt in Java

问题

mbedTLS代码段:

unsigned char key[17] = "asdfghjklqwertzu";
unsigned char iv[17] = "qwertzuiopasdfgh";
unsigned char output[1024];
size_t olen;
size_t total_len = 0;

mbedtls_cipher_context_t ctx;
mbedtls_cipher_init(&ctx);
mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_PKCS7);
mbedtls_cipher_setup(&ctx,
                    mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
                                                    MBEDTLS_MODE_CBC));
mbedtls_cipher_setkey(&ctx, key, 128, MBEDTLS_ENCRYPT);
mbedtls_cipher_set_iv(&ctx, iv, 16);
mbedtls_cipher_reset(&ctx);

char aa[] = "hello world! test long padd";
for (int offset = 0; offset < strlen(aa); offset += mbedtls_cipher_get_block_size(&ctx)) {
    int ilen = ((unsigned int)strlen(aa) - offset > mbedtls_cipher_get_block_size(&ctx)) ?
                mbedtls_cipher_get_block_size(&ctx) : (unsigned int)(strlen(aa) - offset);

    char sub[100];

    strncpy(sub, aa + offset, ilen);
    unsigned char *sub2 = reinterpret_cast<unsigned char *>(sub);
    mbedtls_cipher_update(&ctx, sub2, ilen, output, &olen);
    total_len += olen;
}
// 循环结束后
mbedtls_cipher_finish(&ctx, output, &olen);
total_len += olen;
mbedtls_cipher_free(&ctx);

Java代码:

try {
    IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes());
    SecretKeySpec skey = new SecretKeySpec(encryptionKey.getBytes(), "AES");
    Cipher cipherDecrypt = Cipher.getInstance("AES/CBC/PKCS7Padding");
    cipherDecrypt.init(Cipher.DECRYPT_MODE, skey, ivParameterSpec);
    return Optional.ofNullable(ByteString.copyFrom(cipherDecrypt.doFinal(message.toByteArray())));
} catch (BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
    log.error("Error during message decryption: ", e);
}

Java抛出javax.crypto.BadPaddingException: pad block corrupted错误。

// 编辑:

尝试使用一次更新的方法仍然没有成功,仍然出现相同的异常:

unsigned char key[17] = "asdfghjklqwertzu";
unsigned char iv[17] = "qwertzuiopasdfgh";
unsigned char output[1024];
size_t olen;

unsigned char text[] = "abc abc abc abc abc abc abc abc abc abc abc abc abc abc abc";

mbedtls_cipher_context_t ctx;
mbedtls_cipher_init(&ctx);
mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_PKCS7);
mbedtls_cipher_setup(&ctx,
                    mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
                                                    MBEDTLS_MODE_CBC));
mbedtls_cipher_setkey(&ctx, key, 128, MBEDTLS_ENCRYPT);
mbedtls_cipher_set_iv(&ctx, iv, 16);
mbedtls_cipher_reset(&ctx);
mbedtls_cipher_update(&ctx, text, strlen((char*) text), output, &olen); // Olen is 48
mbedtls_cipher_finish(&ctx, output, &olen); // Olen is 16
mbedtls_cipher_free(&ctx);

// 48 + 16 = 64,根据https://www.devglan.com/online-tools/aes-encryption-decryption 的信息是正确的

Java得到了64字节的数据,但仍然抛出相同的异常。

Topaco,请你能提供一下update和finish函数的简短用法示例吗?谢谢。

<details>
<summary>英文:</summary>

I am trying to encrypt some text on microprocessor running FreeRTOS with mbedTLS. I am using AES 128 CBC with PKCS7 padding. If I try to encrypt in mbedTLS and decrypt in Java when text is shorter than 16 characters it works. I can decrypt it in Java and the text matches. If it is longer then it no longer works. What am I doing wrong?

mbedTLS code:

    unsigned char key[17] = &quot;asdfghjklqwertzu&quot;;
    unsigned char iv[17] = &quot;qwertzuiopasdfgh&quot;;
    unsigned char output[1024];
    size_t olen;
    size_t total_len = 0;
    
    mbedtls_cipher_context_t ctx;
    mbedtls_cipher_init(&amp;ctx);
    mbedtls_cipher_set_padding_mode(&amp;ctx, MBEDTLS_PADDING_PKCS7);
    mbedtls_cipher_setup(&amp;ctx,
    		mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
    				MBEDTLS_MODE_CBC));
    mbedtls_cipher_setkey(&amp;ctx, key, 128, MBEDTLS_ENCRYPT);
    mbedtls_cipher_set_iv(&amp;ctx, iv, 16);
    mbedtls_cipher_reset(&amp;ctx);
    
    char aa[] = &quot;hello world! test long padd&quot;;
    for( int offset = 0; offset &lt; strlen(aa); offset += mbedtls_cipher_get_block_size( &amp;ctx ) ) {
    	int ilen = ( (unsigned int) strlen(aa) - offset &gt; mbedtls_cipher_get_block_size( &amp;ctx ) ) ?
    			mbedtls_cipher_get_block_size( &amp;ctx ) : (unsigned int) ( strlen(aa) - offset );

    	  char sub[100];
    
    	  strncpy ( sub, aa+offset, ilen );
    	  unsigned char* sub2 = reinterpret_cast&lt;unsigned char *&gt;(sub);
    	  mbedtls_cipher_update(&amp;ctx, sub2, ilen, output, &amp;olen);
    	  total_len += olen;
    }
    // After the loop
    mbedtls_cipher_finish(&amp;ctx, output, &amp;olen);
    total_len += olen;
    mbedtls_cipher_free(&amp;ctx);


Java code:

    		try {
    	        IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes());
    			SecretKeySpec skey = new SecretKeySpec(encryptionKey.getBytes(), &quot;AES&quot;);
    	        Cipher cipherDecrypt = Cipher.getInstance(&quot;AES/CBC/PKCS7Padding&quot;);
    	        cipherDecrypt.init(Cipher.DECRYPT_MODE, skey, ivParameterSpec);
    	        return Optional.ofNullable(ByteString.copyFrom(cipherDecrypt.doFinal(message.toByteArray())));
    		} catch (BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
    			log.error(&quot;Error during message decryption: &quot;, e);
    		}

Java throws javax.crypto.BadPaddingException: pad block corrupted

Thanks

// EDIT:

Tried with one update approach and still no luck, the same exception:

	unsigned char key[17] = &quot;asdfghjklqwertzu&quot;;
	unsigned char iv[17] = &quot;qwertzuiopasdfgh&quot;;
	//unsigned char buffer[1024];
	unsigned char output[1024];
	size_t olen;

	unsigned char text[] = &quot;abc abc abc abc abc abc abc abc abc abc abc abc abc abc abc&quot;;

	mbedtls_cipher_context_t ctx;
	mbedtls_cipher_init(&amp;ctx);
	mbedtls_cipher_set_padding_mode(&amp;ctx, MBEDTLS_PADDING_PKCS7);
	mbedtls_cipher_setup(&amp;ctx,
			mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
					MBEDTLS_MODE_CBC));
	mbedtls_cipher_setkey(&amp;ctx, key, 128, MBEDTLS_ENCRYPT);
	mbedtls_cipher_set_iv(&amp;ctx, iv, 16);
	mbedtls_cipher_reset(&amp;ctx);
	mbedtls_cipher_update(&amp;ctx, text, strlen((char*) text), output, &amp;olen); // Olen is 48
	mbedtls_cipher_finish(&amp;ctx, output, &amp;olen); // Olen is 16
	mbedtls_cipher_free(&amp;ctx);

	// 48 + 16 = 64 which is according to https://www.devglan.com/online-tools/aes-encryption-decryption correct

Java gets a 64 bytes of data but still throws the same exception.

Topaco please can you provide short example of usage of update and finish functions? Thank you

</details>


# 答案1
**得分**: 1

Here is the translated content:

自从在评论中写明仍然不起作用以来,这里是按照@Topaco在评论中建议的更改的代码

```c
#include <stdio.h>
#include <string.h>
#include <mbedtls/cipher.h>

int main() {
    unsigned char key[17] = "asdfghjklqwertzu";
    unsigned char iv[17] = "qwertzuiopasdfgh";
    unsigned char output[1024];
    size_t olen;
    size_t total_len = 0;

    mbedtls_cipher_context_t ctx;
    mbedtls_cipher_init(&ctx);
    mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_PKCS7);
    mbedtls_cipher_setup(&ctx,
                         mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
                                                         MBEDTLS_MODE_CBC));
    mbedtls_cipher_setkey(&ctx, key, 128, MBEDTLS_ENCRYPT);
    mbedtls_cipher_set_iv(&ctx, iv, 16);
    mbedtls_cipher_reset(&ctx);

    char aa[] = "hello world! test long padd";
    for (int offset = 0; offset < strlen(aa); offset += mbedtls_cipher_get_block_size(&ctx)) {
        int ilen = ((unsigned int) strlen(aa) - offset > mbedtls_cipher_get_block_size(&ctx)) ?
                   mbedtls_cipher_get_block_size(&ctx) : (unsigned int) (strlen(aa) - offset);

        char sub[100];

        strncpy(sub, aa + offset, ilen);
        unsigned char *sub2 = (unsigned char *)(sub);
        mbedtls_cipher_update(&ctx, sub2, ilen, output + total_len, &olen);
        total_len += olen;
    }
    mbedtls_cipher_finish(&ctx, output + total_len, &olen);
    total_len += olen;
    for (int i = 0; i < total_len; i++)
        printf("%02X", output[i]);
    mbedtls_cipher_free(&ctx);
    return 0;
}

测试

我添加了两行额外的代码:

for (int i = 0; i < total_len; i++)
    printf("%02X", output[i]);

这将产生以下输出:

2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0

如果我稍微修改Java端并传递消息:

byte[] message = hexStringToByteArray("2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0");

其中hexStringToByteArray 是从这个答案中获取的:https://stackoverflow.com/a/140861/2331445

我在Java端得到以下代码:

public Optional<ByteString> test() {
    String encryptionKey = "asdfghjklqwertzu";
    String iv = "qwertzuiopasdfgh";
    byte[] message = hexStringToByteArray("2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0");
    Security.addProvider(new BouncyCastleProvider());

    try {
        IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes());
        SecretKeySpec skey = new SecretKeySpec(encryptionKey.getBytes(), "AES");
        Cipher cipherDecrypt = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipherDecrypt.init(Cipher.DECRYPT_MODE, skey, ivParameterSpec);
        return Optional.ofNullable(ByteString.copyFrom(cipherDecrypt.doFinal(message)));
    } catch (BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
        System.out.println("Error during message decryption: " + e);
    }
    return null;
}

最终在调试控制台上得到以下输出:

Optional[<ByteString@1e127982 size=27 contents="hello world! test long padd">]

这就是原始消息 - 这样它就能工作了。

英文:

Since it was written in comments that it still doesn't work. Here your code with the changes suggested by @Topaco in the comments:

#include &lt;stdio.h&gt;
#include &lt;string.h&gt;
#include &lt;mbedtls/cipher.h&gt;
int main() {
unsigned char key[17] = &quot;asdfghjklqwertzu&quot;;
unsigned char iv[17] = &quot;qwertzuiopasdfgh&quot;;
unsigned char output[1024];
size_t olen;
size_t total_len = 0;
mbedtls_cipher_context_t ctx;
mbedtls_cipher_init(&amp;ctx);
mbedtls_cipher_set_padding_mode(&amp;ctx, MBEDTLS_PADDING_PKCS7);
mbedtls_cipher_setup(&amp;ctx,
mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
MBEDTLS_MODE_CBC));
mbedtls_cipher_setkey(&amp;ctx, key, 128, MBEDTLS_ENCRYPT);
mbedtls_cipher_set_iv(&amp;ctx, iv, 16);
mbedtls_cipher_reset(&amp;ctx);
char aa[] = &quot;hello world! test long padd&quot;;
for (int offset = 0; offset &lt; strlen(aa); offset += mbedtls_cipher_get_block_size(&amp;ctx)) {
int ilen = ((unsigned int) strlen(aa) - offset &gt; mbedtls_cipher_get_block_size(&amp;ctx)) ?
mbedtls_cipher_get_block_size(&amp;ctx) : (unsigned int) (strlen(aa) - offset);
char sub[100];
strncpy (sub, aa + offset, ilen);
unsigned char *sub2 = (unsigned char *) (sub);
mbedtls_cipher_update(&amp;ctx, sub2, ilen, output + total_len, &amp;olen);
total_len += olen;
}
mbedtls_cipher_finish(&amp;ctx, output + total_len, &amp;olen);
total_len += olen;
for (int i = 0; i &lt; total_len; i++)
printf(&quot;%02X&quot;, output[i]);
mbedtls_cipher_free(&amp;ctx);
return 0;
}

Test

I added two additional lines:

for (int i = 0; i &lt; total_len; i++)
printf(&quot;%02X&quot;, output[i]);

This gives the output:

2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0

If I modify Java side a bit and transfer message with:

byte[] message = hexStringToByteArray(&quot;2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0&quot;);

where hexStringToByteArray is taken from this answer: https://stackoverflow.com/a/140861/2331445

I get on Java side the following code:

public Optional&lt;ByteString&gt; test() {
String encryptionKey = &quot;asdfghjklqwertzu&quot;;
String iv = &quot;qwertzuiopasdfgh&quot;;
byte[] message = hexStringToByteArray(&quot;2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0&quot;);
Security.addProvider(new BouncyCastleProvider());
try {
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes());
SecretKeySpec skey = new SecretKeySpec(encryptionKey.getBytes(), &quot;AES&quot;);
Cipher cipherDecrypt = Cipher.getInstance(&quot;AES/CBC/PKCS7Padding&quot;);
cipherDecrypt.init(Cipher.DECRYPT_MODE, skey, ivParameterSpec);
return Optional.ofNullable(ByteString.copyFrom(cipherDecrypt.doFinal(message)));
} catch (BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
System.out.println(&quot;Error during message decryption: &quot; + e);
}
return null;
}

which finally gives the following output onto the debug console:

Optional[&lt;ByteString@1e127982 size=27 contents=&quot;hello world! test long padd&quot;&gt;]

That is the original message - so this way it works.

答案2

得分: 0

还有一个问题留在你的代码中。
在设置填充模式之前,您需要设置密码信息。否则,函数mbedtls_cipher_set_padding_mode将返回一个错误。

英文:

There is still one issue left in your code.
You will need to setup cipher info before setting padding mode. Otherwise function
mbedtls_cipher_set_padding_mode will return an error

huangapple
  • 本文由 发表于 2020年8月13日 23:00:48
  • 转载请务必保留本文链接:https://go.coder-hub.com/63397882.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定