AES128 解密:javax.crypto.badpaddingexception pad 块损坏
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/23491143/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
AES128 Decryption :javax.crypto.badpaddingexception pad block corrupted
提问by iAviatorJose
I try to decrypt an encrypted data that I receive from a web service.
我尝试解密从 Web 服务收到的加密数据。
The encryption is done using AES 128.
加密是使用AES 128.
I use the following code to decrypt the data:
我使用以下代码解密数据:
public static String decrypt(String strToDecrypt)
{
try
{
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); //AES/CBC/PKCS7Padding
SecretKeySpec secretKey = new SecretKeySpec(AppConstants.AESEncryptionKey.getBytes("UTF8"), "AES");
int blockSize = cipher.getBlockSize();
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(new byte[blockSize])); //new IvParameterSpec(new byte[16])
byte decBytes[] = cipher.doFinal(Base64.decode(strToDecrypt, 0));
// byte decBytes[] = cipher.doFinal(Base64.decodeBase64(strToDecrypt));
String decStr = new String(decBytes);
System.out.println("After decryption :" + decStr);
return decStr;
}
catch (Exception e)
{
System.out.println("Exception in decryption : " + e.getMessage());
}
return null;
}
At
在
cipher.doFinal()
cipher.doFinal()
I got the following Exception:
我得到以下异常:
javax.crypto.badpaddingexception pad block corrupted
javax.crypto.badpaddingexception 填充块损坏
I went through my post but ended up with no solution. I am badly stuck over here.
我浏览了我的帖子,但最终没有解决方案。我被困在这里了。
采纳答案by Maarten Bodewes
AES keys should consist of random data. If you store them as a String then you are likely to loose information, especially if you use encodings such as UTF-8. Your line:
AES 密钥应由随机数据组成。如果将它们存储为字符串,则可能会丢失信息,尤其是在使用 UTF-8 等编码时。您的线路:
AppConstants.AESEncryptionKey.getBytes("UTF8")
Makes it likely that you've lost data during conversion to/from a string. Use hexadecimals instead if you require a string, or simply store the key as a byte array.
很可能您在与字符串之间进行转换时丢失了数据。如果需要字符串,请改用十六进制,或者只是将密钥存储为字节数组。
Note that this answer doesn't indicate any security related hints. In general you only want to derive keys or store them in containers. You don't want to use CBC over an insecure channel either.
请注意,此答案不表示任何与安全相关的提示。通常,您只想派生密钥或将它们存储在容器中。您也不希望通过不安全的渠道使用 CBC。
回答by Pavan Pyati
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG","Crypto");
works perfectly
完美运行
Note:This code works only on devices up to Android 6. Starting with Android 7.0 the "Crypto"provider has been removed, therefore this code will fail.
注意:此代码仅适用于 Android 6 以下的设备。从 Android 7.0 开始,"Crypto"提供程序已被删除,因此此代码将失败。
回答by Yogesh Rathi
In my case issue is came because encrypted key and decrypted key both are different, when I check both key with same value then issue is not came
在我的情况下,问题出现是因为加密密钥和解密密钥都不同,当我检查两个具有相同值的密钥时,问题就没有出现
