當嘗試初始化Bouncy Castle密碼時，密鑰長度不是128/192/256位Java中

我試圖使用Bouncy Castle 1.58（org.bouncycastle：bcprov-jdk15on：1.58）從密碼開始加密有效載荷：當嘗試初始化Bouncy Castle密碼時，密鑰長度不是128/192/256位Java中

import org.bouncycastle.jce.provider.BouncyCastleProvider; 

import javax.crypto.Cipher; 
import javax.crypto.SecretKey; 
import javax.crypto.SecretKeyFactory; 
import javax.crypto.spec.PBEKeySpec; 
import javax.crypto.spec.PBEParameterSpec; 
import java.security.SecureRandom; 
import java.security.Security; 

public class Scratch { 
    public static void main(String[] args) throws Exception { 
     int keyLength = 128; 

     Security.addProvider(new BouncyCastleProvider()); 

     String password = "password"; 

     SecureRandom randomGenerator = new SecureRandom(); 
     byte[] salt = randomGenerator.generateSeed(128/8); 
     PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 872791, keyLength); 
     SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512"); 
     SecretKey passwordKey = secretKeyFactory.generateSecret(keySpec); 
     System.out.println("passwordKey: " + passwordKey); 
     System.out.println("passwordKey.getEncoded(): " + Arrays.toString(passwordKey.getEncoded())); 
     System.out.println("passwordKey.getEncoded().length: " + passwordKey.getEncoded().length); 
     System.out.println("passwordKey.getFormat():" + passwordKey.getFormat()); 
     System.out.println("passwordKey.getAlgorithm(): " + passwordKey.getAlgorithm()); 

     Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC"); 
     PBEParameterSpec parSpec = new PBEParameterSpec(salt, 872791); 
     cipher.init(Cipher.ENCRYPT_MODE, passwordKey, parSpec); 
    } 
}

，這是錯誤我得到：

Exception in thread "main" org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher$InvalidKeyOrParametersException: Key length not 128/192/256 bits. 
    at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineInit(Unknown Source) 
    at javax.crypto.Cipher.init(Cipher.java:1394) 
    at javax.crypto.Cipher.init(Cipher.java:1327) 
    at tech.dashman.dashman.Scratch.main(Scratch.java:30) 
Caused by: java.lang.IllegalArgumentException: Key length not 128/192/256 bits. 
    at org.bouncycastle.crypto.engines.AESEngine.generateWorkingKey(Unknown Source) 
    at org.bouncycastle.crypto.engines.AESEngine.init(Unknown Source) 
    at org.bouncycastle.crypto.modes.GCMBlockCipher.init(Unknown Source) 
    at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher$AEADGenericBlockCipher.init(Unknown Source) 
    ... 4 more

和調試輸出是這樣的：

passwordKey: [email protected] 
passwordKey.getEncoded(): [122, -75, -99, 114, -123, 71, 6, 50, 45, 64, -97, 10, -66, 7, 110, 17] 
passwordKey.getEncoded().length: 16 
passwordKey.getFormat():RAW 
passwordKey.getAlgorithm(): PBKDF2WithHmacSHA512

什麼我錯過了？

來源

2017-08-29 Pablo

其實是在256位的密鑰？請注意，128位密鑰與256位密鑰一樣安全，既不容易受到強力攻擊。當然，更大的一把鑰匙更像一輛紅色汽車。請參閱{爲什麼大多數人使用256位加密而不是128位？]（https://security.stackexchange.com/a/19762/5121）。 – zaph

大小128,192和256都不起作用。 – Pablo

鑑於錯誤消息：'由於：java.lang.IllegalArgumentException：密鑰長度不是128/192/256 bits.'什麼是失敗的實際密鑰？ – zaph

我發現了問題！在獲得密鑰工廠時，我沒有指定提供者。更換：

SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");

爲

SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512", "BC");

製造這個例子的工作。

來源

2017-08-29 16:48:36 Pablo

如果這是解決方案，那麼這個例外沒有多大意義。當問題是提供者時，爲什麼Bouncy Castle會拋出一個無效的關鍵異常？查看'passwordKey.getEncoded（）'，一些字符被設置爲高位。它們是否合併成一個代碼點，使得密鑰比顯示的小？也許Bouncy Castle更寬容，把它當作一個字節數組而不結合字符？ – jww

@jww我相信Pablo做了更多的改變，實際上這個代碼本身不應該幫助（它甚至可能會產生另一個異常，因爲恕我直言，定義的關鍵規範不由BC提供） – gusto2

對於AES，你需要一個AES密鑰，這是基於PBE密鑰：

SecretKeyFactory secKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512"); 
KeySpec spec = new PBEKeySpec(password, salt, iterations, 128); 
SecretKey pbeSecretKey = secKeyFactory.generateSecret(spec); 
SecretKey aesSecret = new SecretKeySpec(pbeSecretKey.getEncoded(), "AES"); 

Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding","BC");

來源

2017-08-30 12:22:24 gusto2

當嘗試初始化Bouncy Castle密碼時，密鑰長度不是128/192/256位Java中

回答

相關問題