javax.crypto.BadPaddingException:给定最终块,解密时未正确填充错误

我正在按以下方式进行数据的加密和解密,但出现错误

protected Cipher aes_Gen_with_Key(byte[] key)
    {
        Cipher cipher=null;
        try
        {
        byte[] key_hash = (key).toString().getBytes("UTF-8");
        key_hash = Arrays.copyOf(key_hash, 32); // use only first 256 bit
        SecretKeySpec secretKeySpec = new SecretKeySpec(key_hash, "AES"); 
        cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);

        } catch (Exception e) {
            System.out.println("Error Occured");
        }
        return cipher;
    }

    protected Cipher aes_Dec_with_Key(byte[] key,byte[] iv)
    {
        Cipher cipher=null;
        try
        {
        byte[] key_hash = (key).toString().getBytes("UTF-8");
        key_hash = Arrays.copyOf(key_hash, 32); // use only first 256 bit
        SecretKeySpec secretKeySpec = new SecretKeySpec(key_hash, "AES");
        cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE,secretKeySpec,new IvParameterSpec(iv));
        }
        catch (Exception e) {
            System.out.println(e);
        }

        return cipher;
    }

使用上面的2个函数,我将获得用于加密和解密的密码,但是会得到javax.crypto.BadPaddingException:给定的最终块未正确填充为错误.解密字节数组的长度为752,解密时的IV为16字节长.有人可以建议吗?

这里是一些其他相关的代码块.
无效使用Java命名约定的道歉

   // Key Class
    import java.io.Serializable;
    @SuppressWarnings("serial")
    public class Key implements Serializable{
        byte[] gsmodp_hash=null;
        byte[] iv_pass=null;
        byte[] Nonce_Enc=null;
        byte[] iv_non=null;
        public Key() {
        }

        public Key(byte[] gsmodp_hash,byte[] iv_pass,byte[] Nonce_Enc,byte[] iv_non) {
            this.gsmodp_hash=gsmodp_hash;
            this.iv_pass=iv_pass;
            this.Nonce_Enc=Nonce_Enc;
            this.iv_non=iv_non;
        }
    }

    // Client side code

            JSONObject auth_step_obj=new JSONObject();
            try {

                BigInteger gsmodp=get_modu_frm_server(receivePacket);
                BigInteger R2=get_R2_frm_server(receivePacket);
                BigInteger N2=get_N2_frm_server(receivePacket);
                N2=crypto.dec_NonceG(N2);
                BigInteger a=crypto.get_RandLong();
                BigInteger gamodp= crypto.dh_GenerationG(a, crypto.g, crypto.p);
                BigInteger key=crypto.dh_GenerationG(a, gsmodp, crypto.p);

                // Got hash of g^abmodp

                byte[] dhkey=crypto.sha256G(key.toString());
                key=null;
                //Mixing passwords

                SecretKey secretkey=(SecretKey) userCredentials.get("password");
                byte[] mixed_hash=crypto.passwordMixerG(R2, secretkey.getEncoded());

                //Working Fine Till now
                // Getting Cipher for encrypting gsmodp using password and nonce
                Cipher cipher_password=crypto.aes_Gen_with_Key(mixed_hash);
                Cipher cipher_key=crypto.aes_Gen_with_Key(dhkey);

                // Generating quantities for JSON Object        
                byte[] gsmodp_hash=cipher_password.doFinal(gamodp.toString().getBytes());
                byte[] gsmodp_hash_iv=cipher_password.getIV();
                byte[] nonce_enc=cipher_key.doFinal(N2.toString().getBytes());
                byte[] nonce_enc_iv=cipher_key.getIV();
                Key authetication_parameters=new Key(gsmodp_hash,gsmodp_hash_iv,nonce_enc,nonce_enc_iv);
                auth_step_obj.put("obj",authetication_parameters);

            } catch (Exception e) {
                // TODO Auto-generated catch block
                System.out.println("Hi:sec_DH_Step");
            } 
            // This sends JSONObject to calling method which generates UDP packet and sends to server 
            return auth_step_obj;
        }

    // Server side code
    // Once packet received on server following happens
    ds.receive(receivePacket);
    SecretKey userKey=cryptoObj.get_from_KeyStoreG(user_name);
    // Adding R2 and userKey byte by byte
    byte[] mixed_hash=cryptoObj.passwordMixerG(R2, userKey.getEncoded());
    JSONObject authentication_nonce=new JSONObject();
    authentication_nonce=cryptoObj.readRecievedPacket(receivePacket);
    Key obj=(Key)authentication_nonce.get("obj");
    Cipher cipher=cryptoObj.aes_Dec_with_Key(mixed_hash,obj.iv_pass);
    // I am getting error on do final
    System.out.println(new String(cipher.doFinal(obj.gsmodp_hash)));

解决方法:

您提供的代码可以正常工作.错误必须出在您尚未与我们共享的代码中(即实际使用Cipher对象的代码).

我写了下面的代码来测试您的问题代码:

public static void main(String[] args) throws Exception {

  Random random = new Random();
  byte[] key = new byte[32];
  random.nextBytes(key);

  byte[] plaintext = new byte[100];
  random.nextBytes(plaintext);

  Cipher enc = aes_Gen_with_Key(key);

  byte[] ciphertext = enc.doFinal(plaintext);
  byte[] iv = enc.getIV();

  Cipher dec = aes_Dec_with_Key(key, iv);

  byte[] recoveredPlaintext = dec.doFinal(ciphertext);

  System.out.println(Arrays.equals(plaintext, recoveredPlaintext));    
}

注意,我将您的两个方法设为静态.您应该这样做,因为它们不使用任何实例变量.

上一篇:分析WordPress Hack:解密idca.php


下一篇:将openSSH rsa密钥转换为javax.crypto.Cipher兼容格式