AES has a fixed block size of 16-bytes regardless key size. Assuming you use PKCS 5/7 padding, use this formula,

无论密钥大小如何，AES 都有 16 字节的固定块大小。假设您使用 PKCS 5/7 填充，请使用此公式，

 cipherLen = (clearLen/16 + 1) * 16;

Please note that if the clear-text is multiple of block size, a whole new block is needed for padding. Say you clear-text is 16 bytes. The cipher-text will take 32 bytes.

请注意，如果明文是块大小的倍数，则需要一个全新的块进行填充。假设您的明文是 16 个字节。密文将占用 32 个字节。

You might want to store IV (Initial Vector) with cipher-text. In that case, you need to add 16 more bytes for IV.

您可能希望使用密文存储 IV（初始向量）。在这种情况下，您需要为 IV 添加 16 个字节。

The AES cipher always works on 16-byte (128-bit) blocks. If the number of input bytes is not an exact multiple of 16, it is padded. That's why 16 appears to be the "magic number" in your calculation. What you have should work for all input sizes.

AES 密码始终适用于 16 字节（128 位）块。如果输入字节数不是 16 的精确倍数，则填充它。这就是为什么 16 在您的计算中似乎是“幻数”的原因。你所拥有的应该适用于所有输入尺寸。

AES, as a block cipher, does not change the size. The input size is always the output size.

AES 作为分组密码，不会改变大小。输入大小始终是输出大小。

But AES, being a block cipher, requires the input to be multiple of block size (16 bytes). For this, padding schemesare used like the popular PKCS5. So the answer is that the size of your encrypted data depends on the padding scheme used. But at the same time allknown padding schemes will round up to the next module 16 size (size AES has a 16 bytes block size).

但是 AES 作为块密码，要求输入是块大小（16 字节）的倍数。为此，可以像流行的PKCS5一样使用填充方案。所以答案是加密数据的大小取决于所使用的填充方案。但与此同时，所有已知的填充方案都会向上取整到下一个模块 16 的大小（大小 AES 具有 16 字节的块大小）。

AES works in 128-bit (16 bytes) blocks and converts cleartext blocks into cyphertext blocks of the same length. It pads the last block if it is shorter than 16 bytes, so your formula looks correct.

AES 在 128 位（16 字节）块中工作，并将明文块转换为相同长度的密文块。如果最后一个块小于 16 个字节，它将填充最后一个块，因此您的公式看起来是正确的。

It depends on the mode in which you use AES. What you have is accurate for most of the block oriented modes, such as ECB and CBC. OTOH, in CFB mode (for one example) you're basically just using AES to produce a stream of bytes, which you XOR with bytes of the input. In this case, the size of the output can remain the size of the input rather than being rounded up to the next block size as you've given above.

这取决于您使用 AES 的模式。您所拥有的对于大多数面向块的模式都是准确的，例如 ECB 和 CBC。OTOH，在 CFB 模式下（例如），您基本上只是使用 AES 来生成字节流，然后将其与输入的字节进行异或。在这种情况下，输出的大小可以保持输入的大小，而不是像上面给出的那样四舍五入到下一个块大小。

There are approaches to storing encrypted information which avoid the need for any padding provided the data size is at least equal to the block size. One slight difficulty is that if the data size is allowed to be smaller than the block size, and if it must be possible to reconstruct the precise size of the data, even for small blocks, the output must be at least one bit larger than the input, [i]regardless[/i] of the data size.

如果数据大小至少等于块大小，则有一些存储加密信息的方法可以避免需要任何填充。一个轻微的困难是，如果允许数据大小小于块大小，并且如果必须可以重构数据的精确大小，即使对于小块，输出也必须至少比块大小大一位输入，[i]不管[/i]数据大小。

To understand the problem, realize that there are 256^N possible files that are N bytes long, and the number of possible files that are no longer than N bytes long is 256^N plus the number of possible files that are no longer than N-1 bytes long (there is one possible file that's zero bytes long, and 257 possible files that are no longer than one byte long).

为了理解这个问题，意识到有256^N个可能的N字节长的文件，长度不超过N个字节的可能文件的数量是256^N加上不长于N的可能文件的数量-1 个字节长（有一个可能的文件长度为零字节，而 257 个可能的文件长度不超过一个字节）。

If the block size is 16 bytes, there will be 256^16 + 256^14 + 256^13 etc. possible input files that are no more than 16 bytes long, but only 256^16 possible output files that are no more than 16 bytes long (since output files can't be shorter than 16 bytes). So at least some possible 16-byte input files must grow. Suppose they would become 17 bytes. There are 256^17 possible seventeen-byte output files; if any of those are used to handle inputs of 16 bytes or less, there won't be enough available to handle all possible 17-byte input files. No matter how big the input can get, some files of that size or larger must grow.

如果块大小为 16 字节，则将有 256^16 + 256^14 + 256^13 等长度不超过 16 字节的可能输入文件，但只有 256^16 个可能的长度不超过 16 的输出文件字节长（因为输出文件不能短于 16 字节）。所以至少一些可能的 16 字节输入文件必须增长。假设它们将变成 17 个字节。有 256^17 个可能的 17 字节输出文件；如果其中任何一个用于处理 16 字节或更少的输入，则将没有足够的可用空间来处理所有可能的 17 字节输入文件。无论输入有多大，某些大小或更大的文件都必须增长。

Generally speaking, for a block cipher encryption:

一般来说，对于分组密码加密：

CipherText = PlainText + Block - (PlainText MOD Block)

ciphertext size is computed as the size of the plaintext extended to the next block. If padding is used and the size of the plaintext is an exact multiple of the block size, one extra block containing padding information will be added.

CipherText = PlainText + Block - (PlainText MOD Block)

密文大小计算为扩展到下一个块的明文大小。如果使用填充并且明文的大小是块大小的精确倍数，则将添加一个包含填充信息的额外块。

AES uses block size of 16 bytes, which produces:

AES 使用 16 字节的块大小，它产生：

CipherText = PlainText + 16 - (PlainText MOD 16)

CipherText = 纯文本 + 16 -（纯文本 MOD 16）

Source: http://www.obviex.com/articles/CiphertextSize.pdf

来源：http: //www.obviex.com/articles/CiphertextSize.pdf

Note:

笔记：

1. CipherText and PlainText represent the size of the cipher text and the size of the plain text accordingly.

1. CipherText和PlainText分别代表密文大小和明文大小。

If your input length is smaller than max size of int you could use Cipher.getOutputSize(int)

如果您的输入长度小于 int 的最大大小，您可以使用Cipher.getOutputSize(int)