Java 使用SecureRandom生成AES密钥和IV的替代方法

我正在尝试使用AES加密算法加密文本，将加密文本保存到一个文件中，然后稍后重新打开并解密这些文本。下面是我的加密和解密逻辑

    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    cipher.init(Cipher.ENCRYPT_MODE, key, iv);
    byte[] stringBytes = clear_text.getBytes();
    byte[] raw = cipher.doFinal(stringBytes);
    return Base64.encodeBase64String(raw);

这就是解密逻辑

    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    cipher.init(Cipher.DECRYPT_MODE, key, iv);
    byte[] raw = Base64.decodeBase64(encText);
    byte[] stringBytes = cipher.doFinal(raw);
    String clear_text = new String(stringBytes, "UTF8");
    return clear_text;

---

我得到一个BadPaddingSize异常。我的猜测是，通过使用SecureRandom类，这两种方法在加密或解密文本时使用不同的密钥。有没有办法在两个例程中使用相同的键？

是的，您可以使用相同的键；甚至需要使用相同的密钥。但是，您不应使用不安全的相同钥匙/IV组合。因此，通常情况下，IV的前缀是密文

请注意，以下实现向您展示了如何在不使用

SecureRandom

的情况下生成随机IV，但这有点不合理，因为

Cipher

类只会在内部使用默认IV创建IV。对于CBC，攻击者可能知道IV，但攻击者不应该能够将其与随机数据区分开来

在此示例中，键数据仅存储在“常量”中。将密钥存储在源代码中可能无法提供足够的安全性。取而代之的是，它通常使用公钥、密码进行加密，存储在USB密钥上，存储在智能卡或HSM等中。然而，密钥管理是一个广泛的主题，因此我将不进一步讨论这个问题

但是，在Java中，您应该使用

SecretKey

/

SecretKeySpec

从已知数据创建密钥，并使用

IvParameterSpec

为已知IV（或Nonce）创建密钥

导入java.nio.charset.StandardCharset；
导入java.security.AlgorithmParameters；
导入java.security.invalidalgorithParameterException；
导入java.security.InvalidKeyException；
导入java.security.NoSuchAlgorithmException；
导入java.security.spec.InvalidParameterSpecException；
导入javax.crypto.BadPaddingException；
导入javax.crypto.Cipher；
导入javax.crypto.IllegalBlockSizeException；
导入javax.crypto.NoSuchPaddingException；
导入javax.crypto.ShortBufferException；
导入javax.crypto.spec.IvParameterSpec；
导入javax.crypto.spec.SecretKeySpec；
公共类Aestatickeyandrandomiv{
私有静态字节[]键=新字节[]{（字节）0x14，（字节）0x0b，
（字节）0x41，（字节）0xb2，（字节）0x2a，（字节）0x29，（字节）0xbe，
（字节）0xb4，（字节）0x06，（字节）0x1b，（字节）0xda，（字节）0x66，
（字节）0xb6，（字节）0x74，（字节）0x7e，（字节）0x14}；
公共静态字节[]加密（字节[]明文）{
试一试{
Cipher Cipher=Cipher.getInstance（“AES/CBC/PKCS5Padding”）；
SecretKey key=新的SecretKey规范（key，“AES”）；
cipher.init（cipher.ENCRYPT_模式，密钥）；
AlgorithmParameters params=cipher.getParameters（）；
字节[]iv=params.getParameterSpec（IvParameterSpec.class）.getIV（）；
字节[]密文=新字节[iv.长度
+cipher.getOutputSize（明文.length）]；
数组复制（iv，0，密文，0，iv.length）；
cipher.doFinal（明文，0，明文.length，密文，
iv.长度）；
返回密文；
}catch（InvalidKeyException | NoSuchAlgorithmException
|NoSuchPaddingException | InvalidParameterSpecException
|ShortBufferException | IllegalBlockSizeException
|BadPadding（例外情况e）{
抛出新的非法状态异常(
“使用标准算法的CBC加密永远不会失败”，
e） )；
}
}
公共静态字节[]解密（字节[]密文）引发IllegalBlockSizeException，
BadPaddingException{
试一试{
Cipher Cipher=Cipher.getInstance（“AES/CBC/PKCS5Padding”）；
SecretKeySpec key=新的SecretKeySpec（key，“AES”）；
if（ciphertext.length

---

使用密钥存储（您现在必须使用JCEKS）：

import java.io.IOException；
导入java.nio.charset.StandardCharset；
导入java.security.AlgorithmParameters；
导入java.security.invalidalgorithParameterException；
导入java.security.InvalidKeyException；
导入java.security.KeyStore；
导入java.security.KeyStore.ProtectionParameter；
导入java.security.KeyStore.SecretKeyEntry；
导入java.security.KeyStoreException；
导入java.security.NoSuchAlgorithmException；
导入java.security.UnrecoverableEntryException；
导入java.security.cert.CertificateException；
导入java.security.spec.InvalidParameterSpecException；
导入javax.crypto.BadPaddingException；
导入javax.crypto.Cipher；
导入javax.crypto.IllegalBlockSizeException；
导入javax.crypto.NoSuchPaddingException；
感应电动机
import java.nio.charset.StandardCharsets;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidParameterSpecException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class AESWithStaticKeyAndRandomIV {

    private static byte[] KEY = new byte[] { (byte) 0x14, (byte) 0x0b,
            (byte) 0x41, (byte) 0xb2, (byte) 0x2a, (byte) 0x29, (byte) 0xbe,
            (byte) 0xb4, (byte) 0x06, (byte) 0x1b, (byte) 0xda, (byte) 0x66,
            (byte) 0xb6, (byte) 0x74, (byte) 0x7e, (byte) 0x14 };

    public static byte[] encrypt(byte[] plaintext) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            SecretKey key = new SecretKeySpec(KEY, "AES");
            cipher.init(Cipher.ENCRYPT_MODE, key);

            AlgorithmParameters params = cipher.getParameters();
            byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();

            byte[] ciphertext = new byte[iv.length
                    + cipher.getOutputSize(plaintext.length)];
            System.arraycopy(iv, 0, ciphertext, 0, iv.length);
            cipher.doFinal(plaintext, 0, plaintext.length, ciphertext,
                    iv.length);
            return ciphertext;
        } catch (InvalidKeyException | NoSuchAlgorithmException
                | NoSuchPaddingException | InvalidParameterSpecException
                | ShortBufferException | IllegalBlockSizeException
                | BadPaddingException e) {
            throw new IllegalStateException(
                    "CBC encryption with standard algorithm should never fail",
                    e);
        }
    }

    public static byte[] decrypt(byte[] ciphertext) throws IllegalBlockSizeException,
            BadPaddingException {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            SecretKeySpec key = new SecretKeySpec(KEY, "AES");

            if (ciphertext.length < cipher.getBlockSize()) {
                throw new IllegalArgumentException(
                        "Ciphertext too small to contain IV");
            }

            IvParameterSpec ivSpec = new IvParameterSpec(ciphertext, 0,
                    cipher.getBlockSize());
            cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);

            byte[] plaintext = new byte[cipher.getOutputSize(ciphertext.length
                    - cipher.getBlockSize())];
            cipher.doFinal(ciphertext, cipher.getBlockSize(), ciphertext.length
                    - cipher.getBlockSize(), plaintext, 0);
            return plaintext;
        } catch (InvalidKeyException | NoSuchAlgorithmException
                | NoSuchPaddingException | ShortBufferException
                | InvalidAlgorithmParameterException e) {
            throw new IllegalStateException(
                    "CBC decryption with standard algorithm should be available",
                    e);
        }
    }

    public static void main(String[] args) throws Exception {
           byte[] plaintext = decrypt(encrypt("owlstead".getBytes(StandardCharsets.UTF_8)));
           System.out.println(new String(plaintext, StandardCharsets.UTF_8));
    }
}

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStore.ProtectionParameter;
import java.security.KeyStore.SecretKeyEntry;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidParameterSpecException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class AESWithStaticKeyAndRandomIV {

    private static final String KEY_ALIAS = "secret";

    private static byte[] KEY = new byte[] { (byte) 0x14, (byte) 0x0b,
            (byte) 0x41, (byte) 0xb2, (byte) 0x2a, (byte) 0x29, (byte) 0xbe,
            (byte) 0xb4, (byte) 0x06, (byte) 0x1b, (byte) 0xda, (byte) 0x66,
            (byte) 0xb6, (byte) 0x74, (byte) 0x7e, (byte) 0x14 };

    private static ProtectionParameter PASSWORD = new KeyStore.PasswordProtection(
            new char[] {'p', 'a', 's', 's', 'w', 'o', 'r', 'd'});

    private final KeyStore store;

    private AESWithStaticKeyAndRandomIV(KeyStore store) {
        this.store = store;
    }

    public byte[] encrypt(byte[] plaintext) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            SecretKey key;
            try {
                key = ((SecretKeyEntry) store.getEntry(KEY_ALIAS, PASSWORD))
                        .getSecretKey();
            } catch (UnrecoverableEntryException | KeyStoreException e) {
                throw new IllegalStateException("What key?", e);
            }
            cipher.init(Cipher.ENCRYPT_MODE, key);

            AlgorithmParameters params = cipher.getParameters();
            byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();

            byte[] ciphertext = new byte[iv.length
                    + cipher.getOutputSize(plaintext.length)];
            System.arraycopy(iv, 0, ciphertext, 0, iv.length);
            cipher.doFinal(plaintext, 0, plaintext.length, ciphertext,
                    iv.length);
            return ciphertext;
        } catch (InvalidKeyException | NoSuchAlgorithmException
                | NoSuchPaddingException | InvalidParameterSpecException
                | ShortBufferException | IllegalBlockSizeException
                | BadPaddingException e) {
            throw new IllegalStateException(
                    "CBC encryption with standard algorithm should never fail",
                    e);
        }
    }

    public byte[] decrypt(byte[] ciphertext) throws IllegalBlockSizeException,
            BadPaddingException {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            SecretKey key;
            try {
                key = ((SecretKeyEntry) store.getEntry(KEY_ALIAS, PASSWORD))
                        .getSecretKey();
            } catch (UnrecoverableEntryException | KeyStoreException e) {
                throw new IllegalStateException("What key?", e);
            }

            if (ciphertext.length < cipher.getBlockSize()) {
                throw new IllegalArgumentException(
                        "Ciphertext too small to contain IV");
            }

            IvParameterSpec ivSpec = new IvParameterSpec(ciphertext, 0,
                    cipher.getBlockSize());
            cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);

            byte[] plaintext = new byte[cipher.getOutputSize(ciphertext.length
                    - cipher.getBlockSize())];
            cipher.doFinal(ciphertext, cipher.getBlockSize(), ciphertext.length
                    - cipher.getBlockSize(), plaintext, 0);
            return plaintext;
        } catch (InvalidKeyException | NoSuchAlgorithmException
                | NoSuchPaddingException | ShortBufferException
                | InvalidAlgorithmParameterException e) {
            throw new IllegalStateException(
                    "CBC decryption with standard algorithm should be available",
                    e);
        }
    }

    public static KeyStore createStoreWithSecretKey() {

        try {
            KeyStore keyStore = KeyStore.getInstance("JCEKS");
            keyStore.load(null);
            SecretKey key = new SecretKeySpec(KEY, "AES");
            keyStore.setEntry(KEY_ALIAS, new KeyStore.SecretKeyEntry(key), PASSWORD);
            return keyStore;
        } catch (KeyStoreException | NoSuchAlgorithmException
                | CertificateException | IOException e) {
            throw new IllegalStateException("Unable to create key store", e);
        }
    }

    public static void main(String[] args) throws Exception {
        AESWithStaticKeyAndRandomIV crypt = new AESWithStaticKeyAndRandomIV(
                createStoreWithSecretKey());

        byte[] plaintext = crypt.decrypt(crypt.encrypt("owlstead"
                .getBytes(StandardCharsets.UTF_8)));
        System.out.println(new String(plaintext, StandardCharsets.UTF_8));
    }
}