基于密码的 AES 加密和解密 - BadPaddingException

编程问答 2022-05-17

问题描述

大家。

我正在尝试使用密码生成的 AES 对称密钥加密和解密字符串。我当前用于生成代码代码如下:

public class AESUtils {

    public static SecretKey getKeyFromPassword(String password,String salt)
            throws NoSuchAlgorithmException,InvalidKeySpecException {
        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
        KeySpec spec = new PBEKeySpec(password.tochararray(),salt.getBytes(),65536,256);
        return new SecretKeySpec(factory.generateSecret(spec)
                .getEncoded(),"AES");
    }

    public static IvParameterSpec generateIv() {
        byte[] iv = new byte[16];
        new SecureRandom().nextBytes(iv);
        return new IvParameterSpec(iv);
    }

    public static String encryptPasswordBased(String plainText,SecretKey key,IvParameterSpec iv)
            throws NoSuchPaddingException,NoSuchAlgorithmException,InvalidAlgorithmParameterException,InvalidKeyException,BadPaddingException,IllegalBlockSizeException {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE,key,iv);
        return Base64.getEncoder().encodetoString(cipher.doFinal(plainText.getBytes()));
    }

    public static String decryptPasswordBased(String cipherText,IllegalBlockSizeException {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE,iv);
        return new String(cipher.doFinal(Base64.getDecoder().decode(cipherText)));
    }

}

生成加密字符串的代码

AESUtils.encryptPasswordBased(string_content_plain,AESUtils.getKeyFromPassword("password","salt"),AESUtils.generateIv());

生成解密字符串的代码

AESUtils.decryptPasswordBased(string_content_encrypted,AESUtils.generateIv());

encryptPasswordBased 工作正常,但是当我使用 decryptPasswordBased 时,它总是引发 javax.crypto.BadPaddingException 和消息:Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

我能做什么?生成的密钥始终相同。我已经将它与两个字节数组进行了比较。

谢谢

解决方法

正如@Topaco 所说,解决方案是在解密内容时使用相同的 IV。生成新的将无法解密。

cryptographyjavajavajava-securitysecuritysecurity