javax.crypto.BadPaddingException: Given final block not

最新推荐文章于 2024-05-05 12:19:51 发布

一只IT小小鱼

最新推荐文章于 2024-05-05 12:19:51 发布

阅读量1.9w

点赞数 2

文章标签： Given final block no linux solaris

现象描述：

windows上加解密正常，linux上加密正常，解密时发生如下异常：

javax.crypto.BadPaddingException: Given final block not properly padded

   at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
   at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
   at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
   at javax.crypto.Cipher.doFinal(DashoA13*..)
   at chb.test.crypto.AESUtils.crypt(AESUtils.java:386)
   at chb.test.crypto.AESUtils.AesDecrypt(AESUtils.java:254)
   at chb.test.crypto.AESUtils.main(AESUtils.java:40)

解决方法：

经过检查之后，定位在生成KEY的方法上，如下：

public static SecretKey getKey (String strKey) {
try {
KeyGenerator _generator = KeyGenerator.getInstance( "AES" );
_generator.init(128, new SecureRandom(strKey.getBytes()));
return _generator.generateKey();
} catch (Exception e) {
throw new RuntimeException( " 初始化密钥出现异常 " );
}
}

复制代码

修改到如下方式，问题解决：

public static SecretKey getKey(String strKey) {
try {
KeyGenerator _generator = KeyGenerator.getInstance( "AES" );
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG" );
secureRandom.setSeed(strKey.getBytes());
_generator.init(128,secureRandom);
return _generator.generateKey();
} catch (Exception e) {
throw new RuntimeException( " 初始化密钥出现异常 " );
}
}

复制代码

原因分析
SecureRandom 实现完全隨操作系统本身的內部狀態，除非調用方在調用 getInstance 方法之後又調用了 setSeed 方法；该实现在 windows 上每次生成的 key 都相同，但是在 solaris 或部分 linux 系统上则不同。

原因二：

1、加密完byte[] 后，需要将加密了的byte[] 转换成base64保存，如：
BASE64Encoder base64encoder = new BASE64Encoder();
String encode=base64encoder.encode(bytes)；

2、解密前，需要将加密后的字符串从base64转回来再解密，如：
BASE64Decoder base64decoder = new BASE64Decoder();
byte[] encodeByte = base64decoder.decodeBuffer(str);

完整例子：

package com.travelsky.tdp.pkgStock.util;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class SecurityAES {
private final static String encoding = "UTF-8";
/**
* AES加密
*
* @param content
* @param password
* @return
*/
public static String encryptAES(String content, String password) {
byte[] encryptResult = encrypt(content, password);
String encryptResultStr = parseByte2HexStr(encryptResult);
// BASE64位加密
encryptResultStr = ebotongEncrypto(encryptResultStr);
return encryptResultStr;
}
/**
* AES解密
*
* @param encryptResultStr
* @param password
* @return
*/
public static String decrypt(String encryptResultStr, String password) {
// BASE64位解密
String decrpt = ebotongDecrypto(encryptResultStr);
byte[] decryptFrom = parseHexStr2Byte(decrpt);
byte[] decryptResult = decrypt(decryptFrom, password);
return new String(decryptResult);
}
/**
* 加密字符串
*/
public static String ebotongEncrypto(String str) {
BASE64Encoder base64encoder = new BASE64Encoder();
String result = str;
if (str != null && str.length() > 0) {
try {
byte[] encodeByte = str.getBytes(encoding);
result = base64encoder.encode(encodeByte);
} catch (Exception e) {
e.printStackTrace();
}
}
//base64加密超过一定长度会自动换行需要去除换行符
return result.replaceAll("\r\n", "").replaceAll("\r", "").replaceAll("\n", "");
}
/**
* 解密字符串
*/
public static String ebotongDecrypto(String str) {
BASE64Decoder base64decoder = new BASE64Decoder();
try {
byte[] encodeByte = base64decoder.decodeBuffer(str);
return new String(encodeByte);
} catch (IOException e) {
e.printStackTrace();
return str;
}
}
/**
* 加密
*
* @param content 需要加密的内容
* @param password 加密密码
* @return
*/
private static byte[] encrypt(String content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
//防止linux下随机生成key
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG" );
secureRandom.setSeed(password.getBytes());
kgen.init(128, secureRandom);
//kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");// 创建密码器
byte[] byteContent = content.getBytes("utf-8");
cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
byte[] result = cipher.doFinal(byteContent);
return result; // 加密
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
/**解密
* @param content 待解密内容
* @param password 解密密钥
* @return
*/
private static byte[] decrypt(byte[] content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
//防止linux下随机生成key
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG" );
secureRandom.setSeed(password.getBytes());
kgen.init(128, secureRandom);
//kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");// 创建密码器
cipher.init(Cipher.DECRYPT_MODE, key);// 初始化
byte[] result = cipher.doFinal(content);
return result; // 加密
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
/**将二进制转换成16进制
* @param buf
* @return
*/
public static String parseByte2HexStr(byte buf[]) {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < buf.length; i++) {
String hex = Integer.toHexString(buf[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
return sb.toString();
}
/**将16进制转换为二进制
* @param hexStr
* @return
*/
public static byte[] parseHexStr2Byte(String hexStr) {
if (hexStr.length() < 1)
return null;
byte[] result = new byte[hexStr.length()/2];
for (int i = 0;i< hexStr.length()/2; i++) {
int high = Integer.parseInt(hexStr.substring(i*2, i*2+1), 16);
int low = Integer.parseInt(hexStr.substring(i*2+1, i*2+2), 16);
result[i] = (byte) (high * 16 + low);
}
return result;
}
}

复制代码

改为如下代码

以上在linux测试ok 原文转自： http://konglx.iteye.com/blog/954085

KeyGenerator kgen = KeyGenerator.getInstance("AES");

// kgen.init(128, new SecureRandom(password.getBytes()));

//防止linux下随机生成key

SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG" );

secureRandom.setSeed(password.getBytes());

// 根据密钥初始化密钥生成器

kgen.init(128, secureRandom);

一只IT小小鱼

关注

2
点赞
踩
10

收藏

觉得还不错? 一键收藏
1
评论
javax.crypto.BadPaddingException: Given final block not

现象描述：windows上加解密正常，linux上加密正常，解密时发生如下异常：javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..) at com.su
复制链接

扫一扫