android - AES 密码未获取 IV

标签 android aes salt initialization-vector

我正在尝试将 IV 与 AES 结合使用,以便加密文本不可预测。但是,加密后的十六进制字符串始终相同。

我实际上已经尝试了一些方法来尝试通过将一些额外的参数传递给 cipher init 调用来增加一些随机性:

1) 手动生成IV

byte[] iv = generateIv();
IvParameterSpec ivspec = new IvParameterSpec(iv);

2) 要求密码生成IV

AlgorithmParameters params = cipher.getParameters();
params.getParameterSpec(IvParameterSpec.class);

3) 使用 PBEParameterSpec

byte[] encryptionSalt = generateSalt();
PBEParameterSpec pbeParamSpec = new PBEParameterSpec(encryptionSalt, 1000);

所有这些似乎都对加密文本没有影响....求救!!!

我的代码:

package com.citc.testencryption;

import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;

import android.app.Activity;
import android.os.Bundle;
import android.util.Log;

public class Main extends Activity {

 public static final int SALT_LENGTH = 20;
 public static final int PBE_ITERATION_COUNT = 1000;

 private static final String RANDOM_ALGORITHM = "SHA1PRNG";
 private static final String PBE_ALGORITHM = "PBEWithSHA256And256BitAES-CBC-BC";
 private static final String CIPHER_ALGORITHM = "PBEWithSHA256And256BitAES-CBC-BC";

 private static final String TAG = Main.class.getSimpleName();

 @Override
 public void onCreate(Bundle savedInstanceState) {

  super.onCreate(savedInstanceState);
  setContentView(R.layout.main);

  try {

   String password = "password";
   String plainText = "plaintext message to be encrypted";

   // byte[] salt = generateSalt();
   byte[] salt = "dfghjklpoiuytgftgyhj".getBytes();
   Log.i(TAG, "Salt: " + salt.length + " " + HexEncoder.toHex(salt));
   PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, PBE_ITERATION_COUNT);
   SecretKeyFactory keyFac = SecretKeyFactory.getInstance(PBE_ALGORITHM);
   SecretKey secretKey = keyFac.generateSecret(pbeKeySpec);
   byte[] key = secretKey.getEncoded();
   Log.i(TAG, "Key: " + HexEncoder.toHex(key));

   // PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, ITERATION_COUNT);

   Cipher encryptionCipher = Cipher.getInstance(CIPHER_ALGORITHM);

   // byte[] encryptionSalt = generateSalt();
   // Log.i(TAG, "Encrypted Salt: " + encryptionSalt.length + " " + HexEncoder.toHex(encryptionSalt));
   // PBEParameterSpec pbeParamSpec = new PBEParameterSpec(encryptionSalt, 1000);
   // byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
   // Log.i(TAG, encryptionCipher.getParameters() + " ");
   byte[] iv = generateIv();
   IvParameterSpec ivspec = new IvParameterSpec(iv);

   encryptionCipher.init(Cipher.ENCRYPT_MODE, secretKey, ivspec);
   byte[] encryptedText = encryptionCipher.doFinal(plainText.getBytes());
   Log.i(TAG, "Encrypted: " + HexEncoder.toHex(encryptedText)); // <== Why is this always the same :(

   Cipher decryptionCipher = Cipher.getInstance(CIPHER_ALGORITHM);
   decryptionCipher.init(Cipher.DECRYPT_MODE, secretKey, ivspec);
   byte[] decryptedText = decryptionCipher.doFinal(encryptedText);
   Log.i(TAG, "Decrypted: " + new String(decryptedText));

  } catch (Exception e) {
   e.printStackTrace();
  }

 }

 private byte[] generateSalt() throws NoSuchAlgorithmException {
  SecureRandom random = SecureRandom.getInstance(RANDOM_ALGORITHM);
  byte[] salt = new byte[SALT_LENGTH];
  random.nextBytes(salt);
  return salt;
 }

 private byte[] generateIv() throws NoSuchAlgorithmException {
  SecureRandom random = SecureRandom.getInstance(RANDOM_ALGORITHM);
  byte[] iv = new byte[16];
  random.nextBytes(iv);
  return iv;
 }

}

最佳答案

我更改了生成 key 的方式...现在已修复。 

package com.citc.testencryption;

import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

import android.app.Activity;
import android.os.Bundle;
import android.util.Log;

public class Main extends Activity {

    public static final int SALT_LENGTH = 20;
    public static final int PBE_ITERATION_COUNT = 1000;

    private static final String RANDOM_ALGORITHM = "SHA1PRNG";
    private static final String PBE_ALGORITHM = "PBEWithSHA256And256BitAES-CBC-BC";
    private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";

    private static final String TAG = Main.class.getSimpleName();

    @Override
    public void onCreate(Bundle savedInstanceState) {

        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);

        try {

            String password = "password";
            String plainText = "plaintext message to be encrypted";

            // byte[] salt = generateSalt();
            byte[] salt = "dfghjklpoiuytgftgyhj".getBytes();
            Log.i(TAG, "Salt: " + salt.length + " " + HexEncoder.toHex(salt));
            PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, PBE_ITERATION_COUNT, 256);
            SecretKeyFactory factory = SecretKeyFactory.getInstance(PBE_ALGORITHM);
            SecretKey tmp = factory.generateSecret(pbeKeySpec);
            SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
            byte[] key = secret.getEncoded();
            Log.i(TAG, "Key: " + HexEncoder.toHex(key));

            // PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, ITERATION_COUNT);

            Cipher encryptionCipher = Cipher.getInstance(CIPHER_ALGORITHM);

            // byte[] encryptionSalt = generateSalt();
            // Log.i(TAG, "Encrypted Salt: " + encryptionSalt.length + " " + HexEncoder.toHex(encryptionSalt));
            // PBEParameterSpec pbeParamSpec = new PBEParameterSpec(encryptionSalt, 1000);
            // byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
            Log.i(TAG, encryptionCipher.getParameters() + " ");
            byte[] iv = generateIv();
            IvParameterSpec ivspec = new IvParameterSpec(iv);

            encryptionCipher.init(Cipher.ENCRYPT_MODE, secret, ivspec);
            byte[] encryptedText = encryptionCipher.doFinal(plainText.getBytes());
            Log.i(TAG, "Encrypted: " + HexEncoder.toHex(encryptedText));

            Cipher decryptionCipher = Cipher.getInstance(CIPHER_ALGORITHM);
            decryptionCipher.init(Cipher.DECRYPT_MODE, secret, ivspec);
            byte[] decryptedText = decryptionCipher.doFinal(encryptedText);
            Log.i(TAG, "Decrypted: " + new String(decryptedText));

        } catch (Exception e) {
            e.printStackTrace();
        }

    }

    private byte[] generateSalt() throws NoSuchAlgorithmException {
        SecureRandom random = SecureRandom.getInstance(RANDOM_ALGORITHM);
        byte[] salt = new byte[SALT_LENGTH];
        random.nextBytes(salt);
        return salt;
    }

    private byte[] generateIv() throws NoSuchAlgorithmException {
        SecureRandom random = SecureRandom.getInstance(RANDOM_ALGORITHM);
        byte[] iv = new byte[16];
        random.nextBytes(iv);
        return iv;
    }

}

关于android - AES 密码未获取 IV,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4573392/

上一篇:安卓游戏开发与垃圾回收

下一篇:项目可聚焦时的 Android ListView,禁用点击

相关文章:

c# - 散列和 GetString/GetBytes 问题

java - 安全用户身份验证如何工作?

android - Match_parent 属性的用途

java - 在 java 中使用 python M2Crypto AES 密码

php - PHP/MySQL使用哈希算法绑定(bind) 'salt'后无法登录

javascript - 将 OpenSSL 命令行 AES 加密映射到等效的 NodeJS Crypto API

c - 预生成的公共(public)/私有(private) RSA key ,无法在 C 中解密(在 python 中工作)

android - 如何捕获 ExoPlayer 的所有错误?

java - JAVA 中的 OOP - Android

android - Google Drive API 缓存查询结果

©2024 IT工具网  联系我们