【发布时间】:2017-04-02 02:35:12
【问题描述】:
我正在尝试从服务器解密加密的字符串。但是当我解密它时,我得到以下错误。我需要成功解密字符串。我们正在使用 AES 256 cbc
> java.lang.Exception: [decrypt] error:1e06b065:Cipher
> functions:EVP_DecryptFinal_ex:BAD_DECRYPT
11-18 12:32:12.976 14325-14325/aes.example.com.aes_encyrption_demo W/art: Before Android 4.1, method android.graphics.PorterDuffColorFilter android.support.graphics.drawable.VectorDrawableCompat.updateTintFilter(android.graphics.PorterDuffColorFilter, android.content.res.ColorStateList, android.graphics.PorterDuff$Mode) would have incorrectly overridden the package-private method in android.graphics.drawable.Drawable
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: java.lang.Exception: [decrypt] error:1e06b065:Cipher functions:EVP_DecryptFinal_ex:BAD_DECRYPT
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at aes.example.com.aes_encyrption_demo.MCrypt.decrypt(MCrypt.java:73)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at aes.example.com.aes_encyrption_demo.MainActivity.onCreate(MainActivity.java:59)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at android.app.Activity.performCreate(Activity.java:6303)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1108)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2376)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2483)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at android.app.ActivityThread.access$900(ActivityThread.java:153)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1349)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at android.os.Handler.dispatchMessage(Handler.java:102)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at android.os.Looper.loop(Looper.java:148)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at android.app.ActivityThread.main(ActivityThread.java:5442)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at java.lang.reflect.Method.invoke(Native Method)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:738)
11-18 12:32:13.069 14325-14325/aes.example.com.aes_encyrption_demo W/System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:628)
当我使用 AES/CBC/NoPadding 时,我可以解密但文本是 附加垃圾字符。
解密 a:2:{s:5:"email";s:24:"afroj.alam@broc.com";s:8:"password";s:7: "Test123";}��
实际字符串 a:2:{s:5:"email";s:24:"afroj.alam@broc.com";s:8:"password";s:7:"Test123";}
案例 1:AES/CBC/PKCS5Padding : BAD_DECRYPT 或 BAD PADDING 错误
案例 2:AES/CBC/NoPadding:解密文本末尾的垃圾值
public class MCrypt {
private String iv = "fedcba9876543210";//Dummy iv (CHANGE IT!)
private IvParameterSpec ivspec;
private SecretKeySpec keyspec;
private Cipher cipher;
private String SecretKey = "0123456789abcdef";//Dummy secretKey (CHANGE IT!)
public MCrypt()
{
ivspec = new IvParameterSpec(iv.getBytes());
keyspec = new SecretKeySpec(SecretKey.getBytes(), "AES");
try {
cipher = Cipher.getInstance("AES/CBC/NoPadding");
// cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public byte[] encrypt(String text) throws Exception
{
if(text == null || text.length() == 0)
throw new Exception("Empty string");
byte[] encrypted = null;
try {
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
encrypted = cipher.doFinal(padString(text).getBytes());
} catch (Exception e)
{
throw new Exception("[encrypt] " + e.getMessage());
}
return encrypted;
}
public byte[] decrypt(String code) throws Exception
{
if(code == null || code.length() == 0)
throw new Exception("Empty string");
byte[] decrypted = null;
try {
cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
decrypted = cipher.doFinal(hexToBytes(code));
} catch (Exception e)
{
throw new Exception("[decrypt] " + e.getMessage());
}
return decrypted;
}
public static String bytesToHex(byte[] data)
{
if (data==null)
{
return null;
}
int len = data.length;
String str = "";
for (int i=0; i<len; i++) {
if ((data[i]&0xFF)<16)
str = str + "0" + java.lang.Integer.toHexString(data[i]&0xFF);
else
str = str + java.lang.Integer.toHexString(data[i]&0xFF);
}
return str;
}
public static byte[] hexToBytes(String str) {
if (str==null) {
return null;
} else if (str.length() < 2) {
return null;
} else {
int len = str.length() / 2;
byte[] buffer = new byte[len];
for (int i=0; i<len; i++) {
buffer[i] = (byte) Integer.parseInt(str.substring(i*2,i*2+2),16);
}
return buffer;
}
}
private static String padString(String source)
{
char paddingChar = ' ';
int size = 16;
int x = source.length() % size;
int padLength = size - x;
for (int i = 0; i < padLength; i++)
{
source += paddingChar;
}
return source;
}
Activity.java
try{
decrypted = new String( mcrypt.decrypt( msg ) );
}catch (Exception e){
e.printStackTrace();
}
System.out.println("decrypted: " + decrypted);
PHP
<?php
class MCrypt
{
private $iv = 'fedcba9876543210'; #Same as in JAVA
private $key = '0123456789abcdef'; #Same as in JAVA
function __construct()
{
}
function encrypt($str) {
//$key = $this->hex2bin($key);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$encrypted = mcrypt_generic($td, $str);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return bin2hex($encrypted);
}
function decrypt($code) {
//$key = $this->hex2bin($key);
$code = $this->hex2bin($code);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$decrypted = mdecrypt_generic($td, $code);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return utf8_encode(trim($decrypted));
}
protected function hex2bin($hexdata) {
$bindata = '';
for ($i = 0; $i < strlen($hexdata); $i += 2) {
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
}
return $bindata;
}
}
我已经在stackoverflow上尝试了很多链接。
参考: http://www.androidsnippets.com/encrypt-decrypt-between-android-and-php.html
编辑
当我使用 AES/CBC/PKCS5Padding 时,解密失败并出现错误,这是因为服务器 php 代码未正确应用填充,还是我的结果?如何解决。
编辑 2
发现问题 我尝试使用 16 byte key ,但得到一个 Bad padding 异常,这是因为服务器端代码没有实现 PKCS7。在服务器端实施 PKCS7 填充后,问题得到解决。如果加密字符串中没有添加填充,AES/CBC/PKCS5Padding 模式将给出错误填充异常。
【问题讨论】:
-
在明文末尾添加填充以将 t 扩展到下一个块边界。 AES 是一种分组密码。最后的那些垃圾字符是padding。查看它们,查看正在使用哪种类型的填充,并将您的解密方法设置为期望该类型的填充。对于其他错误,请查看错误消息告诉您的内容。
-
@Robert 我不只得到垃圾值,我得到正确的文本后跟垃圾值
-
@rosum 当我使用 AES/CBC/PKCS5Padding 时,解密失败并出现错误,这是因为服务器 php 代码未正确应用填充,还是我的结果?
标签: java php android encryption cryptography