以下代碼使用AES-128將字節數組SOURCE_DATA加密到另一個字節數組ENCRYPTED_DATA,然後再次將其解密爲DECRYPTED_DATA。對於< = 256字節的字節數組,代碼工作得很好,但如果字節數組更長,則DECRYPTED_DATA只在字節256後面包含零,並且不等於SOURCE_DATA數組。我錯過了什麼?使用AES-128加密/解密字節數組> 256字節
輸出:
源數據:... fbfcfdfeff0001
解密的數據:... fbfcfdfeff000
代碼:
// Create data array with size greater 256 bytes
byte[] SOURCE_DATA = new byte[257];
for (int i=0;i<SOURCE_DATA.length; i++) {
SOURCE_DATA[i] = (byte)((i+1) & 0xff);
}
// Init ciphers
Cipher encC = Cipher.getInstance("AES/ECB/PKCS5Padding");
Cipher decC = Cipher.getInstance("AES/ECB/PKCS5Padding");
encC.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(new byte[] {0,1,2,3,4,5,6,7,8,9,1,2,3,4,5,6}, "AES"));
decC.init(Cipher.DECRYPT_MODE, new SecretKeySpec(new byte[] {0,1,2,3,4,5,6,7,8,9,1,2,3,4,5,6}, "AES"));
// Encrypt
ByteArrayOutputStream bos = new ByteArrayOutputStream();
CipherOutputStream cos = new CipherOutputStream(bos, encC);
DataOutputStream dos = new DataOutputStream(cos);
dos.write(SOURCE_DATA, 0, SOURCE_DATA.length);
dos.close();
byte[] ENCRYPTED_DATA = bos.toByteArray();
// Decrypt
ByteArrayInputStream bis = new ByteArrayInputStream(ENCRYPTED_DATA);
CipherInputStream cis = new CipherInputStream(bis, decC);
DataInputStream dis = new DataInputStream(cis);
byte[] DECRYPTED_DATA = new byte[SOURCE_DATA.length];
dis.read(DECRYPTED_DATA, 0, DECRYPTED_DATA.length);
cis.close();
System.out.println("Source Data: "+toHex(SOURCE_DATA));
System.out.println("Decrypted Data: "+toHex(DECRYPTED_DATA));
「我錯過了什麼?」密碼算法的塊長度? –
爲什麼選擇歐洲央行?爲什麼沒有IV?爲什麼沒有認證/ MAC? – CodesInChaos
@CodeInChaos我剛剛嘗試過CBC與IV(根據[這篇文章](http://stackoverflow.com/questions/1440030/how-to-implement-java-256-bit-aes-encryption-with-cbc)和問題依然存在 – binwiederhier