Java 使用AES ECB模式加密和解密'；BadPaddingException'；在某些情况下

在android/java应用程序中

   public static void setKey(String myKey) {

        MessageDigest sha = null;
        try {
            key = new byte[]{(byte) '5', (byte) 'F', (byte) '8', (byte) 'p', (byte) 'J', (byte) 't', (byte) 'v', (byte) 'U', (byte) 'm', (byte) 'q', (byte) 'k', (byte) '7', (byte) 'A', (byte) 'M', (byte) 'v', (byte) 'b', (byte) 'q', (byte) 'o', (byte) 'H', (byte) 'M', (byte) '9', (byte) 'a', (byte) 'p', (byte) '4', (byte) '9', (byte) 'm', (byte) 'c', (byte) 'u', (byte) 'u', (byte) '5', (byte) 'B', (byte) 'X'};
            System.out.println(new String(key, "UTF-8"));
            secretKey = new SecretKeySpec(key, "AES");
        } catch (UnsupportedEncodingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }


    public static String encrypt(String strToEncrypt) {
        try {
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(Cipher.ENCRYPT_MODE, secretKey);
            setEncryptedarr(cipher.doFinal(strToEncrypt.getBytes("UTF-8")));
            setEncryptedString(String.valueOf(Base64.encode(cipher.doFinal(strToEncrypt.getBytes("UTF-8")), Base64.DEFAULT)));
            //setEncryptedString(Base64.encodeBase64String(cipher.doFinal(strToEncrypt.getBytes("UTF-8"))));
        } catch (Exception e) {
            e.printStackTrace();
            System.out.println("Error while encrypting: " + e.toString());
        }
        return null;
    }

    public static String decryptbyte(byte[] strToDecrypt) {
        try {
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
            cipher.init(Cipher.DECRYPT_MODE, secretKey);
            setDecryptedarr(cipher.doFinal(strToDecrypt));
            System.out.println("encrypt : decropted size : " + getDecryptedarr().length);
            setDecryptedString(new String(cipher.doFinal(strToDecrypt)));
        } catch (Exception e) {
            System.out.println("Error wnhile decrypting: " + e.toString());
            e.printStackTrace();
        }
        return null;
    }

    public static String decrypt(String strToDecrypt) {
        try {
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
            cipher.init(Cipher.DECRYPT_MODE, secretKey);
            setDecryptedarr(cipher.doFinal(Base64.decode(strToDecrypt, Base64.DEFAULT)));
            setDecryptedString(new String(cipher.doFinal(Base64.decode(strToDecrypt, Base64.DEFAULT))));

        } catch (Exception e) {
            e.printStackTrace();
            System.out.println("Error while decrypting: " + e.toString());

        }
        return null;
    }

我正在编写此代码： 在以下情况下，我使用此截取的代码可以很好地工作： encryptbyte和decryptbyte which take byte[] 我在这个网站上测试了它的加密结果

但我需要它来描述来自服务器的数据（响应是字符串） 当我将字符串转换为字节[]时，代码总是会出现异常： javax.crypto.IllegalBlockSizeException:错误：0606506D:数字信封例程：EVP_DecryptFinal_ex:错误的最终块长度**

我认为这是当将字符串转换为byte[]时，它会改变，如果这是正确的转换方式。 请给我一些建议

此代码包含以下异常：

try {
    AES.setKey("");
    final String strToDecrypt = "tATTXSdXI4w0oiu/fzgpyA==";
    AES.decryptbyte(toBytes(strToDecrypt.toCharArray()));
} catch (Exception ex) {
    ex.printStackTrace();
}

这是个例外

01-21 15:24:55.861 15700-15700/ W/System.err: javax.crypto.IllegalBlockSizeException: error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length
01-21 15:24:55.861 15700-15700/ W/System.err:     at com.android.org.conscrypt.NativeCrypto.EVP_CipherFinal_ex(Native Method)
01-21 15:24:55.861 15700-15700/ W/System.err:     at com.android.org.conscrypt.OpenSSLCipher.doFinalInternal(OpenSSLCipher.java:430)
01-21 15:24:55.861 15700-15700/ W/System.err:     at com.android.org.conscrypt.OpenSSLCipher.engineDoFinal(OpenSSLCipher.java:466)
01-21 15:24:55.861 15700-15700/ W/System.err:     at javax.crypto.Cipher.doFinal(Cipher.java:1340)
 01-21 15:24:55.861 15700-15700/ W/System.err:     at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1118)
01-21 15:24:55.861 15700-15700/ W/System.err:     at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2648)
01-21 15:24:55.861 15700-15700/ W/System.err:     at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2769)
01-21 15:24:55.861 15700-15700/ W/System.err:     at android.app.ActivityThread.access$900(ActivityThread.java:177)
01-21 15:24:55.861 15700-15700/ W/System.err:     at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1430)
01-21 15:24:55.861 15700-15700/ W/System.err:     at android.os.Handler.dispatchMessage(Handler.java:102)
01-21 15:24:55.861 15700-15700/ W/System.err:     at android.os.Looper.loop(Looper.java:135)
01-21 15:24:55.861 15700-15700/ W/System.err:     at android.app.ActivityThread.main(ActivityThread.java:5910)
01-21 15:24:55.861 15700-15700/ W/System.err:     at java.lang.reflect.Method.invoke(Native Method)
01-21 15:24:55.861 15700-15700/ W/System.err:     at java.lang.reflect.Method.invoke(Method.java:372)
01-21 15:24:55.861 15700-15700/ W/System.err:     at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1405)
01-21 15:24:55.861 15700-15700/ W/System.err:     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1200)

---

代码的最后一位：

strodecrypt=“tATTXSdXI4w0oiu/fzgpyA==”

似乎有base64编码，请注意后面的

=

字符。这是有意义的，因为加密是面向数据字节的，而不是面向字符串的

Base64

“tATTXSdXI4w0oiu/fzgpyA==”

十六进制：

B404D35D2757238C34A22BBF7F3829C8

（16字节）

您需要将Base64解码为代码的数据字节：

AES.setKey("");
final String strToDecrypt = "tATTXSdXI4w0oiu/fzgpyA==";
AES.decryptbyte(toBytes(strToDecrypt.toCharArray()));

还要注意，上面的代码中有一个键的空字符串，这是一个错误。

我解决了它。。。。 服务器加密AES时没有填充，ZeroBytepAdd模式是唯一的工作模式。。。 工作代码：

public class AESCryptt {
    private static final String TAG = "AESCrypt";
    private static final String AES_MODE = "AES/ECB/ZeroBytePadding";
    private static final String CHARSET = "UTF-8";//
    public static boolean DEBUG_LOG_ENABLED = false;


    private static SecretKeySpec generateKey(final String password) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        byte[] key = new byte[]{your key in byte here (byte) a, (byte) f , ..... };
        SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
        return secretKeySpec;
    }


    /**
     * Encrypt and encode message using 256-bit AES with key generated from password.
     *
     *
     * @param password used to generated key
     * @param message the thing you want to encrypt assumed String UTF-8
     * @return Base64 encoded CipherText
     * @throws GeneralSecurityException if problems occur during encryption
     */
    public static String encrypt(final String password, String message)
            throws GeneralSecurityException {
        try {
            final SecretKeySpec key = generateKey(password);
            log("message", message);
            byte[] cipherText = encrypt(key, ivBytes, message.getBytes(CHARSET));
            //NO_WRAP is important as was getting \n at the end
            String encoded = String.valueOf(Base64.encodeToString(cipherText, Base64.NO_PADDING ));
            log("Base64.NO_WRAP", encoded);
            return encoded;
        } catch (UnsupportedEncodingException e) {
            if (DEBUG_LOG_ENABLED)
                Log.e(TAG, "UnsupportedEncodingException ", e);
            throw new GeneralSecurityException(e);
        }
    }


    /**
     * More flexible AES encrypt that doesn't encode
     * @param key AES key typically 128, 192 or 256 bit
     * @param iv Initiation Vector
     * @param message in bytes (assumed it's already been decoded)
     * @return Encrypted cipher text (not encoded)
     * @throws GeneralSecurityException if something goes wrong during encryption
     */
    public static byte[] encrypt(final SecretKeySpec key, final byte[] iv, final byte[] message)
            throws GeneralSecurityException {
        final Cipher cipher = Cipher.getInstance(AES_MODE);
        IvParameterSpec ivSpec = new IvParameterSpec(iv);
        cipher.init(Cipher.ENCRYPT_MODE, key);//, ivSpec
        byte[] cipherText = cipher.doFinal(message);
        log("cipherText", cipherText);
        return cipherText;
    }


    /**
     * Decrypt and decode ciphertext using 256-bit AES with key generated from password
     *
     * @param password used to generated key
     * @param base64EncodedCipherText the encrpyted message encoded with base64
     * @return message in Plain text (String UTF-8)
     * @throws GeneralSecurityException if there's an issue decrypting
     */
    public static String decrypt(final String password, String base64EncodedCipherText)
            throws GeneralSecurityException {

        try {
            final SecretKeySpec key = generateKey(password);
            log("base64EncodedCipherText", base64EncodedCipherText);
            byte[] decodedCipherText = Base64.decode(base64EncodedCipherText, Base64.DEFAULT);
            log("decodedCipherText", decodedCipherText);
            byte[] decryptedBytes = decrypt(key, ivBytes, decodedCipherText);
            log("decryptedBytes", decryptedBytes);
            String message = new String(decryptedBytes, CHARSET);
            log("message", message);
            return message;
        } catch (UnsupportedEncodingException e) {
            if (DEBUG_LOG_ENABLED)
                Log.e(TAG, "UnsupportedEncodingException ", e);
            throw new GeneralSecurityException(e);
        }
    }


    /**
     * More flexible AES decrypt that doesn't encode
     *
     * @param key AES key typically 128, 192 or 256 bit
     * @param iv Initiation Vector
     * @param decodedCipherText in bytes (assumed it's already been decoded)
     * @return Decrypted message cipher text (not encoded)
     * @throws GeneralSecurityException if something goes wrong during encryption
     */
    public static byte[] decrypt(final SecretKeySpec key, final byte[] iv, final byte[] decodedCipherText)
            throws GeneralSecurityException {
        final Cipher cipher = Cipher.getInstance(AES_MODE );
        IvParameterSpec ivSpec = new IvParameterSpec(iv);
        cipher.init(Cipher.DECRYPT_MODE, key);//, ivSpec
        byte[] decryptedBytes = cipher.doFinal(decodedCipherText);
        log("decryptedBytes", decryptedBytes);
        return decryptedBytes;
    }




    private static void log(String what, byte[] bytes) {
        if (DEBUG_LOG_ENABLED)
            Log.d(TAG, what + "[" + bytes.length + "] [" + bytesToHex(bytes) + "]");
    }

    private static void log(String what, String value) {
        if (DEBUG_LOG_ENABLED)
            Log.d(TAG, what + "[" + value.length() + "] [" + value + "]");
    }


    /**
     * Converts byte array to hexidecimal useful for logging and fault finding
     * @param bytes
     * @return
     */
    private static String bytesToHex(byte[] bytes) {
        final char[] hexArray = {'0', '1', '2', '3', '4', '5', '6', '7', '8',
                '9', 'A', 'B', 'C', 'D', 'E', 'F'};
        char[] hexChars = new char[bytes.length * 2];
        int v;
        for (int j = 0; j < bytes.length; j++) {
            v = bytes[j] & 0xFF;
            hexChars[j * 2] = hexArray[v >>> 4];
            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
        }
        return new String(hexChars);
    }

    private AESCryptt() {
    }
}

---

数据在哪里？添加一些十六进制转储并检查它们。如果您了解各种编码，这将有所帮助。此外，ECB模式是不安全的，因为密钥字符串是不安全的，只有当您想说您使用了加密，但并不真正需要安全性时，这才合适。服务器的响应是Base64编码，我将其放入字符串中，然后放入字节数组对其进行解密，在这种情况下，我得到异常，建议如何处理字符串。关于Base64，我在站点中测试它：您可以尝试它，并且密钥是预定义的。请给出建议。加密原语接收数据字节并生成数据字节。有些实现在之前和/或之后添加编码，但这不是加密部分。这似乎是编码部分，你似乎有麻烦。您确实需要花时间了解字符串及其编码的详细信息，Base64以及使用它的原因，十六进制和纯数据字节。我解决了这个问题，我通过将加密类型更改为AES/ECB/ZeroBytePadding来解决这个问题，这会使Base64和byte[]出现问题转换并执行解密操作。这无法修复，因为PKCS#5填充用于加密：

Cipher.getInstance（“AES/ECB/PKCS5Padding”）

，只需关闭填充的移除，从而关闭任何潜在的填充错误。

    try {
        header = AESCryptt.encrypt("the key is fixed is this case",header);
    } catch (Exception ex) {
        ex.printStackTrace();
        System.out.println("eee , exception during encrypt log in data . . . .");
    }