使用 Bouncy Castle 进行 CMSEncryptedData 解密会引发 BadPaddingException:垫块损坏

【问题标题】:CMSEncryptedData decryption with Bouncy Castle throws BadPaddingException: pad block corrupted使用 Bouncy Castle 进行 CMSEncryptedData 解密会引发 BadPaddingException:垫块损坏
【发布时间】:2016-11-28 15:15:22
【问题描述】:

我有使用 Bouncy Castle 加密的 CMS 数据,我想解密它的内容。但是,我遇到了获取javax.crypto.BadPaddingException: pad block corrupted 的问题。我相信,密钥有问题

val provider = new BouncyCastleProvider()

// output encoder
val gen = new CMSEncryptedDataGenerator()
val encoder = new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BouncyCastleProvider.PROVIDER_NAME).build()

// secrete key
val spec = new DESedeKeySpec(encoder.getKey.getRepresentation.asInstanceOf[Array[Byte]])
val keyFactory = SecretKeyFactory.getInstance("DESEDE", provider)
val secretKey = keyFactory.generateSecret(spec)

// Encryption
val cmsEncryptedData: CMSEncryptedData = gen.generate(new CMSProcessableByteArray("Hello World!".getBytes()), encoder)

// Decryption
val decryptedContententBinary: Array[Byte] = {
  cmsEncryptedData.getContent(new InputDecryptorProvider {
    override def get(algorithm: AlgorithmIdentifier): InputDecryptor = new InputDecryptor {

      override def getAlgorithmIdentifier: AlgorithmIdentifier = algorithm

      override def getInputStream(encIn: InputStream): InputStream = {
        val parameters = new JceAlgorithmIdentifierConverter().setProvider(provider).getAlgorithmParameters(algorithm)
        val cipher = Cipher.getInstance(parameters.getAlgorithm, provider)
        cipher.init(Cipher.DECRYPT_MODE, secretKey, parameters) // throws javax.crypto.BadPaddingException: pad block corrupted
        new CipherInputStream(encIn, cipher)
      }
    }
  })
}

【问题讨论】:

  • 这是 Scala,对吧?如果不是scala,请edit您的问题包括语言标签。

标签: scala encryption bouncycastle jce


【解决方案1】:

我刚刚解决了我遇到的问题。这是工作代码:

// output encoder
val gen = new CMSEncryptedDataGenerator()
val random = new SecureRandom()
val encoder = new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BouncyCastleProvider.PROVIDER_NAME).setSecureRandom(random).build()


// secrete key
val key = new SecretKeySpec(encoder.getKey.getRepresentation.asInstanceOf[Array[Byte]], "DESede")

// Encryption
val cmsEncryptedData: CMSEncryptedData = gen.generate(new CMSProcessableByteArray("Hello World!".getBytes()), encoder)


// Decryption
val decryptedContententBinary: Array[Byte] = {
  cmsEncryptedData.getContent(new InputDecryptorProvider {
    override def get(algorithm: AlgorithmIdentifier): InputDecryptor = new InputDecryptor {

      override def getAlgorithmIdentifier: AlgorithmIdentifier = algorithm

      override def getInputStream(encIn: InputStream): InputStream = {

        val parameters = new JceAlgorithmIdentifierConverter().setProvider(provider).getAlgorithmParameters(encoder.getAlgorithmIdentifier)
        val cipher = Cipher.getInstance(algorithm.getAlgorithm.getId, provider)
        cipher.init(Cipher.DECRYPT_MODE, key, parameters)
        new CipherInputStream(encIn, cipher)
      }
    }
  })
}

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2010-10-26
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2012-04-25
    • 1970-01-01
    • 2017-03-17
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode