没有解密我加密的

2023-09-06 00:04:27 作者：無奈年華、

我有一个奇怪的问题...

I have a weird problem...

立足我的解决方案解密硬codeD文件byte []的

所以，我写了一个小的Cypher类，以帮助有crypting /解密......它用来模拟一键硬codeD在一些地方，存在别处另pre-加密的密钥。但是，这有点不相关的ATM。

So, I wrote a small Cypher class to help out with crypting/decrypting... It used to mock-up a key hardcoded at some place and another pre-crypted key stored somewhere else. But that's somewhat irrelevant atm.

在crypting过程是这样的：

the crypting process went like this:

检索硬codeD字节数组使用它来解密密钥2 使用密钥2解密数据使用键1，进一步解密数据在已经解密的数据

我是存储加密的数据为十六进制字符串，将这两种功能来获得在淘汰有

I was storing the crypted data as a hex-string, used these two functions to get in-out of there

private static String byteArrayToHexString(byte[] b)
{
    StringBuffer sb = new StringBuffer(b.length * 2);
    for (int i = 0; i < b.length; i++)
    {
        int v = b[i] & 0xff;
        if (v < 16)
        {
            sb.append('0');
        }
        sb.append(Integer.toHexString(v));
    }
    return sb.toString().toUpperCase();
}

private static byte[] hexStringToByteArray(String s)
{
    byte[] b = new byte[s.length() / 2];
    for (int i = 0; i < b.length; i++)
    {
        int index = i * 2;
        int v = Integer.parseInt(s.substring(index, index + 2), 16); //THIS LINE
        b[i] = (byte) v;
    }
    return b;
}

这工作得十分完美;其实它的工作这么好，我在真实的项目付诸实施。该项目无法运行由于这样的事实，我没有彻底的测试。

That worked flawlessly; in fact it worked so good that I implemented it in my real project. The project failed to run due to the fact that i didn't thoroughly test.

原来这隐窝/解密pretty的多所有文件确定除了一个 - 一个不希望解密

Turns out it crypts/decrypts pretty much all files OK except one - that one doesn't want to decrypt.

我已经查明但是这个问题 - 这条线抛出IllegalNumberFormat异常;在某些时候我认识了这个 http://bugs.sun.com/bugdatabase /view_bug.do?bug_id=6259307 为好。我想，可以恢复到该方法，如果有人介绍了一种方法来绕过时，长度为2的字符串转换为四个字节其抛出IllegalNumberFormatException的情况。

I have pinpointed the issue however - THIS line throws an IllegalNumberFormat exception; at some point i got acquainted with this http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6259307 as well. I would and can revert to this method if someone describes a way to bypass a case when a string of length 2 is converted to four bytes which throw an IllegalNumberFormatException.

所以，我想，既然我不能去codeA文件（显然不能共享在这里为你们尝试），我需要转换它在某种程度上，使其运输安全。输入的Base64 codeR类，它连接codeS为base64字符串...

So, I figured that since I cannot decode a file (and obviously cannot share it here for you guys to try out) I needed to transform it somehow to make it transport-safe. Enter the Base64Coder class which encodes to base64 strings...

这似乎已经推出了一个新的问题 - 填充被越来越effed了

That seemed to have introduced a new issue - padding was getting effed up.

现在的问题很简单 - 我究竟做错了什么？我需要符合这个数据，它有能够隐窝/解密正确和同等。我想在最轻量级的解决方案，能够以最少的复制/粘贴的建议......伪code不会做的伎俩在这里。

The question is simple - what am I doing wrong? I need to conform to this data and it has to be able to crypt/decrypt properly and equally. I'd like a proposal on the most light-weight solution possible with least copy/pasting... pseudocode won't do the trick here.

下面是我在做什么现在....

Here's what I'm doing now....

public static char[] encrypt2(byte[] value) throws GeneralSecurityException, IOException
{
    SecretKeySpec key1 = getSecretKeySpec(true);
    System.err.println("encrypt():\t" + key1.toString());
    Cipher cipher = Cipher.getInstance(CRYPTOSYS);
    cipher.init(Cipher.ENCRYPT_MODE, key1, cipher.getParameters());
    byte[] encrypted = cipher.doFinal(value);

    SecretKeySpec key2 = getSecretKeySpec(false);
    cipher = Cipher.getInstance(CRYPTOSYS);
    cipher.init(Cipher.ENCRYPT_MODE, key2, cipher.getParameters());
    byte[] encrypted2 = cipher.doFinal(encrypted);

    return Base64Coder.encode(encrypted2);
}

public static byte[] decrypt2(char[] message) throws GeneralSecurityException, IOException
{
    SecretKeySpec key1 = getSecretKeySpec(false);
    System.err.println("decrypt():\t" + key1.toString());
    Cipher cipher = Cipher.getInstance(CRYPTOSYS);
    cipher.init(Cipher.DECRYPT_MODE, key1);
    byte[] decrypted = cipher.doFinal(Base64Coder.decode(message));

    SecretKeySpec key2 = getSecretKeySpec(true);
    cipher = Cipher.getInstance(CRYPTOSYS);
    cipher.init(Cipher.DECRYPT_MODE, key2);
    byte[] decrypted2 = cipher.doFinal(decrypted);

    return decrypted2;
}

请注意，键目前全曝光（硬codeD）用于测试目的。

Note that keys are currently fully-exposed (hardcoded) for testing purposes.

下面是我的测试用例

public static void main(String... args) throws Exception
{
    //      byte[] data = "hello".getBytes();
    File PEM = new File(PATH_TO_FILES + SOURCE_PEM);
    File DER = new File(PATH_TO_FILES + SOURCE_DER);
    File cryptoPEM = new File(PATH_TO_FILES + "cryptopem");
    File cryptoDER = new File(PATH_TO_FILES + "cryptoder");

    byte[] cryptokey = encryptA(ASSET_KEY);
    System.out.println(new String(cryptokey));

    //pem key
    System.out.println("PEM");
    byte[] data = getBytesFromFile(PEM);
    char[] crypted = encrypt2(data);
    //      FileOutputStream fos = new FileOutputStream(cryptoPEM);
    FileWriter fw = new FileWriter(cryptoPEM);
    fw.write(crypted);
    fw.flush();

    //der key
    System.out.println("DER");
    data = getBytesFromFile(DER);
    crypted = encrypt2(data);
    fw = new FileWriter(cryptoDER);
    fw.write(crypted);
    fw.flush();

    //opentext
    System.out.println("checking PEM...");
    crypted = Base64Coder.encode(getBytesFromFile(cryptoPEM));
    byte[] decrypted = decrypt2(crypted,  false);
    byte[] decryptedData = decrypted;

    if (!Arrays.equals(getBytesFromFile(PEM), decryptedData)) { throw new Exception("PEM Data was not decrypted successfully"); }

    System.out.println("checking DER...");
    crypted = Base64Coder.encode(getBytesFromFile(cryptoDER));
    decrypted = decrypt2(crypted,  false);
    decryptedData = decrypted;

    if (!Arrays.equals(getBytesFromFile(DER), decryptedData)) { throw new Exception("DER Data was not decrypted successfully"); }
}

和我收到一个InvalidBlockSizeException现在....请，有人流下了一些这，我只是希望这个工作...

And I'm getting an InvalidBlockSizeException now.... Please, someone shed some light on this, I just want this to work...

替换键2为四在AES / CBC / PKCS5Padding以后使用是一个选项，我正在考虑现在。基本上什么都不会改变，除非加密的第二个步骤。从理论上和metodically我让事情一样 - 除非当然是一个更好的解决方案描述

Replacing 'key2' for an IV to be later used in a "AES/CBC/PKCS5Padding" is an option I'm considering right now. Essentially nothing will change except the second step of encrypting. Theoretically and metodically I'd keep things the same - unless of course a better solution is described.

最后我想指出的是，这是一个程序员的问题，不是那么正确的code比，涵盖不大可能边缘的情况下理论上的响应更看重一个IT安全和学生的问题。

At the end I'd like to point out that this is a programmer question, not a IT security-student question so proper code is valued more than a theoretical response that covers unlikely fringe cases.

编辑：好了，我不能给你造成的IllegalNumberFormatException，因为我失去了从今天上午的code中的数字。我似乎无法复制的问题，所以我想试图找出这部分是没有用的。

well, I can't give you the numbers that cause the IllegalNumberFormatException because I lost the code from this morning. I can't seem to replicate the issue so I guess trying to figure that part is of no use.

下面是从样品测试的输出：

Here's the output from the sample test:

encrypt():  javax.crypto.spec.SecretKeySpec@15dd7
5@��_׵G�j��!�c;D�i�lR?z�j\
PEM
encrypt():  javax.crypto.spec.SecretKeySpec@15dd7
DER
encrypt():  javax.crypto.spec.SecretKeySpec@15dd7
checking PEM...
decrypt():  javax.crypto.spec.SecretKeySpec@15c78
Exception in thread "main" javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher

这意味着Base64的是有点搞乱起来......

which means that Base64 is kinda messing it up...

没有解密我加密的

推荐答案