关于Java编程语言中AES/CBC/PKCS5Padding解密的问题。

huangapple go评论79阅读模式
英文:

Question about AES / CBC / PKCS5Padding Decryption in the Java Programming Language

问题

我正在开发一个Java代码,当用户输入密钥、初始化向量和密文时,程序会根据AES/CBC/PKCS5Padding模式返回解密后的文本。

这段代码目前存在NullPointerException错误:

package encryptdecryptvideo;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class EncryptDecryptVideo {

    byte[] input;
    String inputString;
    byte[] keyBytes = "9008873522F55634679EF64CC25E73354".getBytes();
    byte[] ivBytes = "B8A112A270D9634EFF3818F6CCBDF5EC".getBytes();

    SecretKeySpec key = new SecretKeySpec(keyBytes, "DES");
    IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
    Cipher cipher;
    byte[] cipherText = "625F094A1FB1677521B6014321A807EC".getBytes();
    int ctLength;

    public static void main(String args[]) throws InvalidKeyException, InvalidAlgorithmParameterException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
        EncryptDecryptVideo decryptionobject = new EncryptDecryptVideo();
        decryptionobject.decrypt();
    }

    public void decrypt() throws InvalidKeyException, InvalidAlgorithmParameterException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
        cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);

        byte[] plainText = new byte[cipher.getOutputSize(ctLength)];

        int ptLength = cipher.update(cipherText, 0, ctLength, plainText);

        ptLength += cipher.doFinal(plainText, ptLength);

        System.out.println("Plain: " + new String(plainText));
    }
}

希望这能帮助你修复代码中的问题。

英文:

I am developing a code in Java, in which when a user enters the key, the Initialization Vector and the ciphertext, the program returns the deciphered text, according to the AES / CBC / PKCS5Padding Mode.
This code is NOT working, and I would like someone to help me correct it, or to present a better code, please.
This Key, this Initialization Vector and this ciphertext were got from this website:
https://www.di-mgt.com.au/properpassword.html
That is, the plain text must return a simple "Hello World" message.
If you know of any Java code that does this, can you please post?

My code, which is experiencing a NullPointerException error:

package encryptdecryptvideo;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
//import javax.crypto.*;
public class EncryptDecryptVideo {
byte[] input;
String inputString;
byte[] keyBytes = "9008873522F55634679EF64CC25E73354".getBytes();
byte[] ivBytes = "B8A112A270D9634EFF3818F6CCBDF5EC".getBytes();
SecretKeySpec key = new SecretKeySpec(keyBytes, "DES");
IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
Cipher cipher;
byte[] cipherText = "625F094A1FB1677521B6014321A807EC".getBytes();
int ctLength;
public static void main(String args[]) throws InvalidKeyException, InvalidAlgorithmParameterException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
EncryptDecryptVideo decryptionobject = new EncryptDecryptVideo();
decryptionobject.decrypt();
}
public void decrypt() throws InvalidKeyException, InvalidAlgorithmParameterException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
byte[] plainText = new byte[cipher.getOutputSize(ctLength)];
int ptLength = cipher.update(cipherText, 0, ctLength, plainText);
ptLength+= cipher.doFinal(plainText, ptLength);
System.out.println("Plain: "+new String(plainText));
}
}```
</details>
# 答案1
**得分**: 2
一些无需深入解释的明显要点:
首先:不存在类似于(“AES/CBC/PKCS5Padding”)的密码实例化。
其次:您的“SecretKeySpec”将会将输入转换为DES密钥(而不是您在标题中所要求的“AES”)。
第三:通常,“cipher.doFinal”调用会返回一个字节数组,而不是任何整数值。
第四:您所有的输入数据似乎都是十六进制字符串,应该通过类似于“hexStringToByteArray”的方法将其转换为字节数组,而不是直接通过“.getBytes”方法。
第五:您链接的网页并未将“密码”直接输入到密码编码中,而是执行了一种需要在Java代码中复制的密码派生(如PBKDF2)。
第六:请不要再使用“DES”,因为它已被破解且**不安全**。
我的建议是使用其他来源进行加密/解密,而不是https://www.di-mgt.com.au/properpassword.html。
<details>
<summary>英文:</summary>
Some points that are obvious without deep in further: 
First: there is no Cipher instantiation like (&quot;AES/CBC/PKCS5Padding&quot;). 
Second: Your &quot;SecretKeySpec&quot; will transform the input to a DES-key (and not &quot;AES&quot; as you are asking for in the title). 
Third: the &quot;cipher.doFinal&quot; call usually returns a byte array and not any integer value. 
Fourth: All of your input data seem to be a hexstring that should be converted to a byte array by something like &quot;hexStringToByteArray&quot; and not by &quot;.getBytes&quot; directly. 
Fifth: the webpage you linked to does not use the &quot;password&quot; as direct input to the cipher but performs a password derivation (like PBKDF2) that needs to get replicated in Java code as well. 
Sixth: please do not use &quot;DES&quot; anymore as it is broken and **UNSECURE**. 
My recommendation is to use another source for your encryption/decryption than https://www.di-mgt.com.au/properpassword.html.
</details>

huangapple
  • 本文由 发表于 2020年9月27日 00:43:46
  • 转载请务必保留本文链接:https://go.coder-hub.com/64080192.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定