生产环境加密异常

Question

我在生产环境中遇到了加密问题。

以下代码是问题的根源：

public static void standardExceptionHandling(Exception exc, Logger alog) {
    StringWriter sw = new StringWriter();
    PrintWriter pw = new PrintWriter(sw);
    exc.printStackTrace(pw);
    alog.info(sw.toString()); /* Line 292 */
}

/**
 * Method that takes a key/value set, converts it into a standard web parameter string
 * and then encrypts the string.
 *
 * @param values the key value set
 * @return the encrypted string
 *
 */
public static String encrypt(Map<String, String> values) {
    StringBuilder unencrypted = new StringBuilder();
    boolean first = true;
    for (Map.Entry<String, String> value : values.entrySet()) {
        if (first) {
            first = false;
        } else {
            unencrypted.append("&");
        }
        unencrypted.append(value.getKey())
                .append("=")
                .append(value.getValue());
    }

    try {
        Cipher cipher = Cipher.getInstance("AES");
        Key aesKey = new SecretKeySpec(AES_KEY.getBytes(), "AES");
        cipher.init(Cipher.ENCRYPT_MODE, aesKey);
        byte[] encrypted = cipher.doFinal(unencrypted.toString().getBytes("UTF8"));

        String enc = new sun.misc.BASE64Encoder().encode(encrypted);
        return enc;
    } catch (Exception e) {
        standardExceptionHandling(e, log);
        return "";
    }
}

/**
 * Method that takes an encrypted string containing a standard web parameter string
 * and converts it to a key/value set
 *
 * @param encrypted the encrypted string
 * @return the key value set
 */
public static Map<String, String> decrypt(String encrypted) {
    String decrypted = "";
    try {
        Cipher cipher = Cipher.getInstance("AES");
        Key aesKey = new SecretKeySpec(AES_KEY.getBytes(), "AES");
        cipher.init(Cipher.DECRYPT_MODE, aesKey);
        byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(encrypted);
        decrypted = new String(cipher.doFinal(dec), "UTF8");
    } catch (Exception e) {
        standardExceptionHandling(e, log);
    }

    Map<String, String> values = new HashMap<String, String>();
    for (String pair : decrypted.split("&")) {
        String[] split_pair = pair.split("=");
        String key, value;
        if (split_pair.length == 1) {
            key = split_pair[0];
            value = "";
        } else if (split_pair.length == 2) {
            key = split_pair[0];
            value = split_pair[1];
        } else if (split_pair.length > 2) {
            log.debug("Error when decrypting string, parameter found with more than 2 parts (" + pair + ")");
            continue;
        } else {
            // We should never reach this, as it is impossible to split a string into a 0 length array.
            log.debug("The impossible happened, we split a String into a 0 length array (" + pair + ")");
            continue;
        }
        // This is only reach when key and value have been initialised thank to the continue statements when we hit
        // an error state.
        values.put(key, value);
    }
    return values;
}

加密文本时不会抛出异常。 加密后，通过 servlet 通过 URL 传回

即http://URL/servlet?hash=TVgYDScPqQ3eaJfEBmwuSCZUN0GCEshOBZ9H0YKH%2BS2b96BYdLRPBa6Dl8Z0mMmpPM1r2uxdv0sq%0A5BNbWTMcww%3D%3D

在我们的生产服务器上，我们得到以下异常：

INFO 10/mar/2017 06:02:37 [http-nio-80-exec-104] (HelperMethods.java:292) - javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:913)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:824)
at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:436)
at javax.crypto.Cipher.doFinal(Cipher.java:2165)
at com.gg.gomoenterprise.utils.HelperMethods.decrypt(HelperMethods.java:349)
at com.gg.gomomessenger.servlets.EmailServlet.doPost(EmailServlet.java:60)
at com.gg.gomomessenger.servlets.EmailServlet.doGet(EmailServlet.java:46)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
DEBUG 10/mar/2017 06:02:37 [http-nio-80-exec-104] (EmailServlet.java:88) - com.gg.gomomessenger.commons.exceptions.EmailSeverletException: <h1>We do not see your email address in this program. You may have already unsubscribed or be subscribed with a different email address. If you need assistance, email support@mymobilemsg.com.</h1>
at com.gg.gomomessenger.commons.exceptions.EmailSeverletException.dataMisingException(EmailSeverletException.java:39)
at com.gg.gomomessenger.servlets.EmailOptInServlet.handleOpt(EmailOptInServlet.java:91)
at com.gg.gomomessenger.servlets.EmailServlet.doPost(EmailServlet.java:82)
at com.gg.gomomessenger.servlets.EmailServlet.doGet(EmailServlet.java:46)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)

这只发生在生产上，而不是本地、开发或登台。 所有服务器运行 Tomcat 8.0.26

本地 JRE java版本“1.8.0_121” Java(TM) SE 运行时环境 (build 1.8.0_121-b13) Java HotSpot(TM) 64 位服务器 VM（内部版本 25.121-b13，混合模式）

暂存 JRE java版本“1.8.0_66” Java(TM) SE 运行时环境 (build 1.8.0_66-b17) Java HotSpot(TM) 64 位服务器 VM（内部版本 25.66-b17，混合模式）

Stagin JRE java版本“1.8.0_66” Java(TM) SE 运行时环境 (build 1.8.0_66-b17) Java HotSpot(TM) 64 位服务器 VM（内部版本 25.66-b17，混合模式）

生产 JRE java版本“1.8.0_60” Java(TM) SE 运行时环境 (build 1.8.0_60-b27) Java HotSpot(TM) 64 位服务器 VM（内部版本 25.60-b23，混合模式）

这可能是代码问题吗？

Answer 1

我注意到这个例子：

TVgYDScPqQ3eaJfEBmwuSCZUN0GCEshOBZ9H0YKH%2BS2b96BYdLRPBa6Dl8Z0mMmpPM1r2uxdv0sq%0A5BNbWTMcww%3D%3D

采用 URL 编码并包含换行符 (%0A)。 Base64 需要去掉 URL 编码。

Base64 编码也不应该添加换行符，应该有一个选项。无论如何，它们都需要在 Base64 解码中被剥离。

正确解码为十六进制：

4D58180D270FA90DDE6897C4066C2E48265437418212C84E059F47D18287F92D9BF7A05874B44F05AE8397C67498C9A93CCD6BDAEC5DBF4B2AE4135B59331CC3

Answer 2

正如@zaph 指出的那样，解析密文可能存在问题，这导致密文长度不同于块大小的倍数（16 bytes）。正确编解码密文后，应该可以验证密文长度为n * 16字节。

此外，获得Cipher 类实例Cipher.getInstance("AES"); 的行并不理想。 AES 在 Java 中默认为 AES/ECB/PKCS5Padding（但这也可能因提供者而异）。 ECB 是不推荐/弃用/损坏的block cipher mode。除了在不知不觉中选择了糟糕的操作模式之外，这里的模棱两可是不必要的。评估可用模式并明确选择合适的模式（可能是GCM，或者可能是CBC 或CTR 与强大的HMAC 函数结合使用）。

您还应该为每个消息加密使用唯一且不可预测的初始化向量 (IV)。