java aes javax.crypto.BadPaddingException:给定的最终块未正确填充
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/26529950/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
java aes javax.crypto.BadPaddingException: Given final block not properly padded
提问by Allen Arcenal
public class AES {
public String getEncrypt(String pass){
String password = encrypt(pass);
return password;
}
public String getDecrypt(String pass){
String key = "AesSEcREtkeyABCD";
byte[] passwordByte = decrypt(key,pass);
String password = new String(passwordByte);
return password;
}
private byte[] decrypt(String key, String encrypted) {
try {
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(skeySpec.getEncoded(), "AES"));
//getting error here
byte[] original = cipher.doFinal(encrypted.getBytes());
return original;
} catch (IllegalBlockSizeException ex) {
ex.printStackTrace();
} catch (BadPaddingException ex) {
ex.printStackTrace();
} catch (InvalidKeyException ex) {
ex.printStackTrace();
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
} catch (NoSuchPaddingException ex) {
ex.printStackTrace();
}
return null;
}
private String encrypt(String value) {
try {
byte[] raw = new byte[]{'A', 'e', 's', 'S', 'E', 'c', 'R', 'E', 't', 'k', 'e', 'y','A','B','C','D'};
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(value.getBytes());
System.out.println("encrypted string:" + (new String(encrypted)));
return new String(encrypted);
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
} catch (IllegalBlockSizeException ex) {
ex.printStackTrace();
} catch (BadPaddingException ex) {
ex.printStackTrace();
} catch (InvalidKeyException ex) {
ex.printStackTrace();
} catch (NoSuchPaddingException ex) {
ex.printStackTrace();
}
return null;
}
** I am having a null pointer whenever I decrypt. sometimes it gives me the correct decrypted password but sometimes it gives me a null pointer. can't guess what the problem is here **
** 每当我解密时,我都会有一个空指针。有时它会给我正确的解密密码,但有时它会给我一个空指针。无法猜测这里的问题是什么**
采纳答案by rossum
You are mixing Strings and byte arrays. That is not always a good thing to do. At the very least specify what charset you are using for the byte to char conversion. Even then it is not 100% safe. Better to treat strings as strings and byte arrays as byte arrays.
您正在混合字符串和字节数组。这并不总是一件好事。至少指定用于字节到字符转换的字符集。即便如此,它也不是 100% 安全的。最好将字符串视为字符串,将字节数组视为字节数组。
If that does not solve it then there are many things that can cause a "Bad Padding" error. Basically anything that causes the end of the last block not to match the expected padding will throw the error. Possible causes include: incorrect padding setting, incorrect key, corrupted cyphertext and others.
如果这不能解决它,那么有很多事情会导致“Bad Padding”错误。基本上任何导致最后一个块的结尾与预期的填充不匹配的东西都会抛出错误。可能的原因包括:填充设置不正确、密钥不正确、密文损坏等。
To try and diagnose the problem, set the decryption side to NoPadding. This will accept anything, and allow you to examine the output:
要尝试诊断问题,请将解密端设置为NoPadding。这将接受任何内容,并允许您检查输出:
complete garbage: you probably have an error in the key or different mode settings.
first block garbage: you may have a key error or an IV error.
last block garbage: likely a corrupt end to the cyphertext file.
a correct decryption with some strange bytes at the end: the strange bytes are the padding.
完全垃圾:您可能在键或不同模式设置中出错。
第一个块垃圾:您可能有一个关键错误或 IV 错误。
最后一个块垃圾:可能是密文文件的损坏结尾。
以一些奇怪的字节结尾的正确解密:奇怪的字节是填充。
If it really is just the padding, then set the decryption function to expect that sort of padding. Otherwise check that the key/IV/cyphertext is byte-for-bytethe same for both encryption and decryption.
如果它真的只是填充,那么将解密函数设置为期望那种填充。否则,请检查密钥/IV/密文对于加密和解密是否逐字节相同。
It is vitalthat you set a padding mode after diagnosis. NoPaddingis insecure.
这是至关重要的,你设置诊断后的填充模式。 NoPadding是不安全的。
