在java解密期間BadPaddingException

Question

我是新加密的java。嘗試實現輕量級加密字符串並將其存儲在某個地方，並在使用之前將其解密。

隨着一些網絡搜索我想出了這個加密和解密。

public static String base64Encode(byte[] bytes) 
    { 
     return new BASE64Encoder().encode(bytes); 
    } 

    public static byte[] base64Decode(String property) throws IOException 
    { 
     return new BASE64Decoder().decodeBuffer(property); 
    } 


    public static String encrypt(String mystring) throws GeneralSecurityException, UnsupportedEncodingException 
     { 
     SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); 
     SecretKey key = keyFactory.generateSecret(new PBEKeySpec(mystring.toCharArray())); 
     Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); 
     pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); 
     return base64Encode(pbeCipher.doFinal(mystring.getBytes("UTF-8"))); 
     } 

    public static String decrypt(String estring) throws GeneralSecurityException, IOException 
     { 
     SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); 
     SecretKey key = keyFactory.generateSecret(new PBEKeySpec(estring.toCharArray())); 
     Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); 
     pbeCipher.init(Cipher.DECRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); 
     return new String(pbeCipher.doFinal(base64Decode(estring)), "UTF-8"); 
     } 

我看到加密工作，但我在解密部分，從doFinal塊看到一個填充相關的異常。這是...

encrypted string:zdrtgOKfkZMgpCOflr1ILQ== -> Encrypted String 
exceptionjavax.crypto.BadPaddingException: Given 
final block not properly padded -> Exception from the doFinal block. 

好像當我加密它，我需要做一些填充。

任何人都可以告訴我哪裏出了問題，怎麼解決？

感謝

塔斯

Answer 1

您需要將您的輸入首先解碼的解密方法。

在您的decrypt方法中調用base64Decode方法和estring參數。

這應該做到這一點。

Answer 2

您在此處使用基於密碼的加密。這意味着加密密鑰本身是基於密碼的。您必須對加密和解密使用相同的密碼。

private static char[] ENCRYPTION_PASSWORD 
    = "some password populated by configuration".toCharArray(); 

public static String encrypt(String mystring) 
    throws GeneralSecurityException, UnsupportedEncodingException { 
    SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); 
    SecretKey key = keyFactory.generateSecret(new PBEKeySpec(ENCRYPTION_PASSWORD)); 
    Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); 
    pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); 
    return DatatypeConverter 
     .printBase64Binary(pbeCipher.doFinal(mystring.getBytes("UTF-8"))); 
} 

public static String decrypt(String string) 
    throws GeneralSecurityException, IOException { 
    SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); 
    SecretKey key = keyFactory.generateSecret(new PBEKeySpec(ENCRYPTION_PASSWORD)); 
    Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); 
    pbeCipher.init(Cipher.DECRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); 
    return new String(pbeCipher.doFinal(DatatypeConverter 
              .parseBase64Binary(estring)), "UTF-8"); 
} 

還要注意對的base64操作使用javax.xml.bind.DatatypeConverter。這些天無需編寫您自己的或使用第三方。

Answer 3

更改代碼，

SecretKey key = keyFactory.generateSecret(new PBEKeySpec(mystring.toCharArray())); 

到

SecretKey key = keyFactory.generateSecret(new PBEKeySpec("PASSWORD".toCharArray(), SALT, 20));