AES 安卓加密 C# 解密填充无效,无法删除
本文关键字:无效 删除 填充 解密 加密 AES | 更新日期: 2023-09-27 18:31:42
我在服务器端遇到了与AES解密有关的问题。在 android 客户端中加密数据并将其发送到 WCF 服务器时,服务器总是返回异常,例如
System.Security.Cryptography.CryptographicException: 填充是 无效且无法删除。 在 System.Security.Cryptography.CapiSymmetricAlgorithm.DepadBlock(Byte[] 块,Int32 偏移量,Int32 计数)在 System.Security.Cryptography.CapiSymmetricAlgorithm.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.FlushFinalBlock() at WindowsFormsApplication1.Form1.Decrypt(Byte[] p_EncryptedMsg, Byte[] p_key, Byte[] p_iv) in c:''users''omr''documents''visual studio 2010''Projects''WindowsFormsApplication1''WindowsFormsApplication1''Form1.cs:line 76 在 WindowsFormsApplication1.Form1.button1_Click(对象发送者, EventArgs e) in c:''users''omr''documents''visual studio 2010''Projects''WindowsFormsApplication1''WindowsFormsApplication1''Form1.cs:line 94}
我的安卓加密是
public static String enc(String message) {
byte[] keyInBytes = KEY.getBytes();
byte[] encryptedData = null;
KeyGenerator kgen;
try {
kgen = KeyGenerator.getInstance("AES");
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
secureRandom.setSeed(keyInBytes);
kgen.init(256, secureRandom);
SecretKey skey = kgen.generateKey();
key = skey.getEncoded();
try {
encryptedData = encrypt(key, message.getBytes());
Log.w("ENC ", new String(encryptedData));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} catch (NoSuchAlgorithmException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
return Base64.encodeToString(encryptedData, Base64.DEFAULT);
// return message;
}
private static byte[] encrypt(byte[] raw, byte[] testMessage)
throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, /* "PBEWithSHA1And128BitAES-CBC-BC" */
"AES");
final byte[] iv = KEY.getBytes();
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, ivParameterSpec);
byte[] encrypted = cipher.doFinal(testMessage);
try {
decrypt(raw, encrypted);
} catch (Exception e) {
e.getMessage();
// TODO: handle exception
}
return encrypted;
}
我的 C# 代码是
public String Decrypt(byte[] p_EncryptedMsg, byte[] p_key, byte[] p_iv)
{
m_key = new byte[32];
m_iv = new byte[16];
Array.Clear(m_key, 0, 32);
Array.Clear(m_iv, 0, 16);
Array.Copy(p_key, m_key, p_key.Length > 32 ? 32 : p_key.Length);
Array.Copy(p_iv, m_iv, p_iv.Length > 16 ? 16 : p_iv.Length);
if (m_key == null || m_iv == null)
throw new ArgumentNullException("Key or IV is equal to null");
using (AesCryptoServiceProvider aesProvider = new AesCryptoServiceProvider())
{
aesProvider.Key = m_key;
aesProvider.IV = m_iv;
aesProvider.Mode = CipherMode.CBC;
aesProvider.Padding = PaddingMode.PKCS7;
using (MemoryStream memStream = new MemoryStream())
{
CryptoStream decStream = new CryptoStream(memStream, aesProvider.CreateDecryptor(), CryptoStreamMode.Write);
decStream.Write(p_EncryptedMsg, 0, p_EncryptedMsg.Length);
decStream.FlushFinalBlock();
String res = System.Text.Encoding.Default.GetString(memStream.ToArray());
return res;
}
}
}
注意:我可以在安卓端再次正确加密和解密文本。
好吧,我看到的一个问题是,.Net端的密码模式应该是ECB以匹配Java端。试一试,看看是否有效。
我发现问题是由于使用SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG")而发生的;
由于服务器端只从我这里获取密钥InBytes而不是随机密钥,因此他无法生成正确的解密密钥。
C# 代码示例
using (AesCryptoServiceProvider aesCryptoServiceProvider = new AesCryptoServiceProvider())
{
aesCryptoServiceProvider.Key = key;
aesCryptoServiceProvider.IV = iv;
aesCryptoServiceProvider.Mode = CipherMode.CBC;
aesCryptoServiceProvider.Padding = PaddingMode.PKCS7;
using (MemoryStream memoryStream = new MemoryStream())
{
CryptoStream cryptoStream = new CryptoStream(memoryStream, aesCryptoServiceProvider.CreateDecryptor(), CryptoStreamMode.Write);
cryptoStream.Write(p_EncryptedMsg, 0, encryptedMsg.Length);
cryptoStream.FlushFinalBlock();
return memoryStream.ToArray();
}
}