英文:
MbedTLS AES 128 encrypt and decrypt in Java
问题
mbedTLS代码段:
unsigned char key[17] = "asdfghjklqwertzu";
unsigned char iv[17] = "qwertzuiopasdfgh";
unsigned char output[1024];
size_t olen;
size_t total_len = 0;
mbedtls_cipher_context_t ctx;
mbedtls_cipher_init(&ctx);
mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_PKCS7);
mbedtls_cipher_setup(&ctx,
mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
MBEDTLS_MODE_CBC));
mbedtls_cipher_setkey(&ctx, key, 128, MBEDTLS_ENCRYPT);
mbedtls_cipher_set_iv(&ctx, iv, 16);
mbedtls_cipher_reset(&ctx);
char aa[] = "hello world! test long padd";
for (int offset = 0; offset < strlen(aa); offset += mbedtls_cipher_get_block_size(&ctx)) {
int ilen = ((unsigned int)strlen(aa) - offset > mbedtls_cipher_get_block_size(&ctx)) ?
mbedtls_cipher_get_block_size(&ctx) : (unsigned int)(strlen(aa) - offset);
char sub[100];
strncpy(sub, aa + offset, ilen);
unsigned char *sub2 = reinterpret_cast<unsigned char *>(sub);
mbedtls_cipher_update(&ctx, sub2, ilen, output, &olen);
total_len += olen;
}
// 循环结束后
mbedtls_cipher_finish(&ctx, output, &olen);
total_len += olen;
mbedtls_cipher_free(&ctx);
Java代码:
try {
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes());
SecretKeySpec skey = new SecretKeySpec(encryptionKey.getBytes(), "AES");
Cipher cipherDecrypt = Cipher.getInstance("AES/CBC/PKCS7Padding");
cipherDecrypt.init(Cipher.DECRYPT_MODE, skey, ivParameterSpec);
return Optional.ofNullable(ByteString.copyFrom(cipherDecrypt.doFinal(message.toByteArray())));
} catch (BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
log.error("Error during message decryption: ", e);
}
Java抛出javax.crypto.BadPaddingException: pad block corrupted错误。
// 编辑:
尝试使用一次更新的方法仍然没有成功,仍然出现相同的异常:
unsigned char key[17] = "asdfghjklqwertzu";
unsigned char iv[17] = "qwertzuiopasdfgh";
unsigned char output[1024];
size_t olen;
unsigned char text[] = "abc abc abc abc abc abc abc abc abc abc abc abc abc abc abc";
mbedtls_cipher_context_t ctx;
mbedtls_cipher_init(&ctx);
mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_PKCS7);
mbedtls_cipher_setup(&ctx,
mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
MBEDTLS_MODE_CBC));
mbedtls_cipher_setkey(&ctx, key, 128, MBEDTLS_ENCRYPT);
mbedtls_cipher_set_iv(&ctx, iv, 16);
mbedtls_cipher_reset(&ctx);
mbedtls_cipher_update(&ctx, text, strlen((char*) text), output, &olen); // Olen is 48
mbedtls_cipher_finish(&ctx, output, &olen); // Olen is 16
mbedtls_cipher_free(&ctx);
// 48 + 16 = 64,根据https://www.devglan.com/online-tools/aes-encryption-decryption 的信息是正确的
Java得到了64字节的数据,但仍然抛出相同的异常。
Topaco,请你能提供一下update和finish函数的简短用法示例吗?谢谢。
<details>
<summary>英文:</summary>
I am trying to encrypt some text on microprocessor running FreeRTOS with mbedTLS. I am using AES 128 CBC with PKCS7 padding. If I try to encrypt in mbedTLS and decrypt in Java when text is shorter than 16 characters it works. I can decrypt it in Java and the text matches. If it is longer then it no longer works. What am I doing wrong?
mbedTLS code:
unsigned char key[17] = "asdfghjklqwertzu";
unsigned char iv[17] = "qwertzuiopasdfgh";
unsigned char output[1024];
size_t olen;
size_t total_len = 0;
mbedtls_cipher_context_t ctx;
mbedtls_cipher_init(&ctx);
mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_PKCS7);
mbedtls_cipher_setup(&ctx,
mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
MBEDTLS_MODE_CBC));
mbedtls_cipher_setkey(&ctx, key, 128, MBEDTLS_ENCRYPT);
mbedtls_cipher_set_iv(&ctx, iv, 16);
mbedtls_cipher_reset(&ctx);
char aa[] = "hello world! test long padd";
for( int offset = 0; offset < strlen(aa); offset += mbedtls_cipher_get_block_size( &ctx ) ) {
int ilen = ( (unsigned int) strlen(aa) - offset > mbedtls_cipher_get_block_size( &ctx ) ) ?
mbedtls_cipher_get_block_size( &ctx ) : (unsigned int) ( strlen(aa) - offset );
char sub[100];
strncpy ( sub, aa+offset, ilen );
unsigned char* sub2 = reinterpret_cast<unsigned char *>(sub);
mbedtls_cipher_update(&ctx, sub2, ilen, output, &olen);
total_len += olen;
}
// After the loop
mbedtls_cipher_finish(&ctx, output, &olen);
total_len += olen;
mbedtls_cipher_free(&ctx);
Java code:
try {
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes());
SecretKeySpec skey = new SecretKeySpec(encryptionKey.getBytes(), "AES");
Cipher cipherDecrypt = Cipher.getInstance("AES/CBC/PKCS7Padding");
cipherDecrypt.init(Cipher.DECRYPT_MODE, skey, ivParameterSpec);
return Optional.ofNullable(ByteString.copyFrom(cipherDecrypt.doFinal(message.toByteArray())));
} catch (BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
log.error("Error during message decryption: ", e);
}
Java throws javax.crypto.BadPaddingException: pad block corrupted
Thanks
// EDIT:
Tried with one update approach and still no luck, the same exception:
unsigned char key[17] = "asdfghjklqwertzu";
unsigned char iv[17] = "qwertzuiopasdfgh";
//unsigned char buffer[1024];
unsigned char output[1024];
size_t olen;
unsigned char text[] = "abc abc abc abc abc abc abc abc abc abc abc abc abc abc abc";
mbedtls_cipher_context_t ctx;
mbedtls_cipher_init(&ctx);
mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_PKCS7);
mbedtls_cipher_setup(&ctx,
mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
MBEDTLS_MODE_CBC));
mbedtls_cipher_setkey(&ctx, key, 128, MBEDTLS_ENCRYPT);
mbedtls_cipher_set_iv(&ctx, iv, 16);
mbedtls_cipher_reset(&ctx);
mbedtls_cipher_update(&ctx, text, strlen((char*) text), output, &olen); // Olen is 48
mbedtls_cipher_finish(&ctx, output, &olen); // Olen is 16
mbedtls_cipher_free(&ctx);
// 48 + 16 = 64 which is according to https://www.devglan.com/online-tools/aes-encryption-decryption correct
Java gets a 64 bytes of data but still throws the same exception.
Topaco please can you provide short example of usage of update and finish functions? Thank you
</details>
# 答案1
**得分**: 1
Here is the translated content:
自从在评论中写明仍然不起作用以来,这里是按照@Topaco在评论中建议的更改的代码:
```c
#include <stdio.h>
#include <string.h>
#include <mbedtls/cipher.h>
int main() {
unsigned char key[17] = "asdfghjklqwertzu";
unsigned char iv[17] = "qwertzuiopasdfgh";
unsigned char output[1024];
size_t olen;
size_t total_len = 0;
mbedtls_cipher_context_t ctx;
mbedtls_cipher_init(&ctx);
mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_PKCS7);
mbedtls_cipher_setup(&ctx,
mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
MBEDTLS_MODE_CBC));
mbedtls_cipher_setkey(&ctx, key, 128, MBEDTLS_ENCRYPT);
mbedtls_cipher_set_iv(&ctx, iv, 16);
mbedtls_cipher_reset(&ctx);
char aa[] = "hello world! test long padd";
for (int offset = 0; offset < strlen(aa); offset += mbedtls_cipher_get_block_size(&ctx)) {
int ilen = ((unsigned int) strlen(aa) - offset > mbedtls_cipher_get_block_size(&ctx)) ?
mbedtls_cipher_get_block_size(&ctx) : (unsigned int) (strlen(aa) - offset);
char sub[100];
strncpy(sub, aa + offset, ilen);
unsigned char *sub2 = (unsigned char *)(sub);
mbedtls_cipher_update(&ctx, sub2, ilen, output + total_len, &olen);
total_len += olen;
}
mbedtls_cipher_finish(&ctx, output + total_len, &olen);
total_len += olen;
for (int i = 0; i < total_len; i++)
printf("%02X", output[i]);
mbedtls_cipher_free(&ctx);
return 0;
}
测试
我添加了两行额外的代码:
for (int i = 0; i < total_len; i++)
printf("%02X", output[i]);
这将产生以下输出:
2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0
如果我稍微修改Java端并传递消息:
byte[] message = hexStringToByteArray("2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0");
其中hexStringToByteArray 是从这个答案中获取的:https://stackoverflow.com/a/140861/2331445
我在Java端得到以下代码:
public Optional<ByteString> test() {
String encryptionKey = "asdfghjklqwertzu";
String iv = "qwertzuiopasdfgh";
byte[] message = hexStringToByteArray("2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0");
Security.addProvider(new BouncyCastleProvider());
try {
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes());
SecretKeySpec skey = new SecretKeySpec(encryptionKey.getBytes(), "AES");
Cipher cipherDecrypt = Cipher.getInstance("AES/CBC/PKCS7Padding");
cipherDecrypt.init(Cipher.DECRYPT_MODE, skey, ivParameterSpec);
return Optional.ofNullable(ByteString.copyFrom(cipherDecrypt.doFinal(message)));
} catch (BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
System.out.println("Error during message decryption: " + e);
}
return null;
}
最终在调试控制台上得到以下输出:
Optional[<ByteString@1e127982 size=27 contents="hello world! test long padd">]
这就是原始消息 - 这样它就能工作了。
英文:
Since it was written in comments that it still doesn't work. Here your code with the changes suggested by @Topaco in the comments:
#include <stdio.h>
#include <string.h>
#include <mbedtls/cipher.h>
int main() {
unsigned char key[17] = "asdfghjklqwertzu";
unsigned char iv[17] = "qwertzuiopasdfgh";
unsigned char output[1024];
size_t olen;
size_t total_len = 0;
mbedtls_cipher_context_t ctx;
mbedtls_cipher_init(&ctx);
mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_PKCS7);
mbedtls_cipher_setup(&ctx,
mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, 128,
MBEDTLS_MODE_CBC));
mbedtls_cipher_setkey(&ctx, key, 128, MBEDTLS_ENCRYPT);
mbedtls_cipher_set_iv(&ctx, iv, 16);
mbedtls_cipher_reset(&ctx);
char aa[] = "hello world! test long padd";
for (int offset = 0; offset < strlen(aa); offset += mbedtls_cipher_get_block_size(&ctx)) {
int ilen = ((unsigned int) strlen(aa) - offset > mbedtls_cipher_get_block_size(&ctx)) ?
mbedtls_cipher_get_block_size(&ctx) : (unsigned int) (strlen(aa) - offset);
char sub[100];
strncpy (sub, aa + offset, ilen);
unsigned char *sub2 = (unsigned char *) (sub);
mbedtls_cipher_update(&ctx, sub2, ilen, output + total_len, &olen);
total_len += olen;
}
mbedtls_cipher_finish(&ctx, output + total_len, &olen);
total_len += olen;
for (int i = 0; i < total_len; i++)
printf("%02X", output[i]);
mbedtls_cipher_free(&ctx);
return 0;
}
Test
I added two additional lines:
for (int i = 0; i < total_len; i++)
printf("%02X", output[i]);
This gives the output:
2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0
If I modify Java side a bit and transfer message with:
byte[] message = hexStringToByteArray("2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0");
where hexStringToByteArray is taken from this answer: https://stackoverflow.com/a/140861/2331445
I get on Java side the following code:
public Optional<ByteString> test() {
String encryptionKey = "asdfghjklqwertzu";
String iv = "qwertzuiopasdfgh";
byte[] message = hexStringToByteArray("2FE64A72125E30B15C376FD2142D36FA778142DC4FD4A1F36EECDBCDA19BFAA0");
Security.addProvider(new BouncyCastleProvider());
try {
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes());
SecretKeySpec skey = new SecretKeySpec(encryptionKey.getBytes(), "AES");
Cipher cipherDecrypt = Cipher.getInstance("AES/CBC/PKCS7Padding");
cipherDecrypt.init(Cipher.DECRYPT_MODE, skey, ivParameterSpec);
return Optional.ofNullable(ByteString.copyFrom(cipherDecrypt.doFinal(message)));
} catch (BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
System.out.println("Error during message decryption: " + e);
}
return null;
}
which finally gives the following output onto the debug console:
Optional[<ByteString@1e127982 size=27 contents="hello world! test long padd">]
That is the original message - so this way it works.
答案2
得分: 0
还有一个问题留在你的代码中。
在设置填充模式之前,您需要设置密码信息。否则,函数mbedtls_cipher_set_padding_mode将返回一个错误。
英文:
There is still one issue left in your code.
You will need to setup cipher info before setting padding mode. Otherwise function
mbedtls_cipher_set_padding_mode will return an error
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论