GCM加密内置MAC检查失败
GCM加密内置MAC检查失败
提问于 2021-08-02 17:54:04
我正在尝试编写几个函数,可以使用AES/GCM加密结合PBKDF2密钥生成对文本进行加密和解密。我正在将我的代码从CTR (原文如此)加密转换过来,而MAC检查失败在其他一切正常的情况下却要了我的命。
fun encryptAESBasic(input: String, password: String): String {
val masterpw = getKey(password)
val random = SecureRandom()
val salt = ByteArray(16)
random.nextBytes(salt)
val factory: SecretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1")
val spec: KeySpec = PBEKeySpec(masterpw.toString().toCharArray(), salt, 100, 256)
val tmp: SecretKey = factory.generateSecret(spec)
val cipher = Cipher.getInstance("AES/CTR/NoPadding")
val iv = ByteArray(16)
SecureRandom().nextBytes(iv)
cipher.init(Cipher.ENCRYPT_MODE, tmp, IvParameterSpec(iv))
val cipherText: ByteArray = cipher.doFinal(input.toByteArray(Charset.forName("UTF-8")))
val ivstring: String = Base64.encodeToString(iv, Base64.NO_WRAP)
val saltystring: String = Base64.encodeToString(salt, Base64.NO_WRAP)
val cipherstring: String = Base64.encodeToString(cipherText, Base64.NO_WRAP)
val returnstring: String = ivstring + "-" + saltystring + "-" + cipherstring
return returnstring
}
fun decryptAESBasic(text: String, password: String): String {
val arr = text.split("-")
val iv = Base64.decode(arr[0].toByteArray(Charset.forName("UTF-8")), Base64.NO_WRAP)
val salt = Base64.decode(arr[1].toByteArray(Charset.forName("UTF-8")), Base64.NO_WRAP)
val data = arr[2].toByteArray(Charset.forName("UTF-8"))
val masterpw = getKey(password)
val factory: SecretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1")
val spec: KeySpec = PBEKeySpec(masterpw.toString().toCharArray(), salt, 100, 256)
val tmp: SecretKey = factory.generateSecret(spec)
val key: ByteArray = tmp.getEncoded()
val cipher = Cipher.getInstance("AES/CTR/NoPadding")
cipher.init(Cipher.DECRYPT_MODE, tmp, IvParameterSpec(iv))
val credential: ByteArray = cipher.doFinal(Base64.decode(data, Base64.NO_WRAP))
return credential.toString(Charset.forName("UTF-8"))
}
fun getKey(masterPass: String): ByteArray {
return masterPass.padEnd(32, '.').toByteArray(Charset.forName("UTF-8"))
}同样,这段代码可以工作,但我想将它从CTR更改为GCM,但每次这样做时,我都会遇到"mac check in GCM failed“错误。任何帮助解释这是如何/为什么发生的都将不胜感激。
E/AndroidRuntime( 6461): Caused by: javax.crypto.AEADBadTagException: mac check in GCM failed
E/AndroidRuntime( 6461): at java.lang.reflect.Constructor.newInstance0(Native Method)
E/AndroidRuntime( 6461): at java.lang.reflect.Constructor.newInstance(Constructor.java:343)
E/AndroidRuntime( 6461): at com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher$AEADGenericBlockCipher.doFinal(BaseBlockCipher.java:1485)
E/AndroidRuntime( 6461): at com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineDoFinal(BaseBlockCipher.java:1217)
E/AndroidRuntime( 6461): at javax.crypto.Cipher.doFinal(Cipher.java:2055)
E/AndroidRuntime( 6461): at design.codeux.autofill_service.FlutterMyAutofillServiceKt.decryptAESBasic(FlutterMyAutofillService.kt:1003)回答 1
Stack Overflow用户
发布于 2021-10-01 21:00:46
在cipher.init()中不使用IvParameterSpec,而使用GCMParameterSpec
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/68626024
复制相关文章
相似问题
腾讯云开发者
