所以我有一个学校项目,遇到一些麻烦。我们给了加密方法,然后要求为它创建一个解密方法。

public static byte[] encrypt(byte[] plaintext, BlockCipher64 cipher, long IV) {
    if(plaintext.length <= 8)
        throw new IllegalArgumentException("plaintext must be longer than 8 bytes!");

    byte[] ciphertext = new byte[plaintext.length];
    int blocks = plaintext.length / 8;
    if(plaintext.length % 8 != 0) ++blocks;

    long prev = IV;
    for(int block = 0; block < blocks; ++block) {
        prev = cipher.encrypt(prev ^ longAt(plaintext, block * 8));
        storeLongAt(ciphertext, prev, block * 8);
    }

    // copy penultimate to last, then prev to penultimate (ciphertext stealing)
    int lastBlock = (blocks - 1) * 8;
    int secondLastBlock = (blocks - 2) * 8;
    storeLongAt(ciphertext, longAt(ciphertext, secondLastBlock), lastBlock);
    storeLongAt(ciphertext, prev, secondLastBlock);

    return ciphertext;
}


因此,当字符串长度恰好为16(2个块)时,我已经使用了解密方法。其他带有偶数块(8的倍数)的字符串不起作用,例如24、32等。同样,部分块不起作用;如果我对长度为18的字符串进行加密并再次对其进行解密,则最后2个字符总是错误的。任何帮助深表感谢!这是我的解密方法:

public static byte[] decrypt(byte[] ciphertext, BlockCipher64 cipher, long IV) {
    // code here
    // check for an illegal argument
    if(ciphertext.length <= 8)
        throw new IllegalArgumentException("ciphertext must be longer than 8 bytes!");

    // create a byte[] for the plaintext
    byte[] plaintext = new byte[ciphertext.length];

    // calculate how many blocks there are
    int blocks = plaintext.length / 8;
    if(plaintext.length % 8 != 0) ++blocks;

    // handle the last two blocks (which are special because of ciphertext stealing)
    int lastBlock = (blocks - 1) * 8;
    int secondLastBlock = (blocks - 2) * 8;
    long lBlock = longAt(ciphertext, lastBlock);
    int lBlockSize = ciphertext.length % 8;
    // if block sizes are even; swap, if block size is partial;
    if (lBlockSize != 0) {
        //get blocks to switch
        byte[] NLB = new byte[lBlockSize];
        for (int i=secondLastBlock, j=0; i<secondLastBlock + lBlockSize; i++, j++) {
            NLB[j] = ciphertext[i];
        }
        byte[] NSLB = new byte[lBlockSize];
        for (int i=lastBlock, j=0; i<lastBlock + lBlockSize; i++, j++) {
            NSLB[j] = ciphertext[i];
        }
        //build ciphertext
        for (int i=secondLastBlock, j=0; i<secondLastBlock + lBlockSize; i++, j++) {
            ciphertext[i] = NSLB[j];
        }
        for (int i=lastBlock, j=0; i<lastBlock + lBlockSize; i++, j++) {
            ciphertext[i] = NLB[j];
        }
    } else {
        storeLongAt(ciphertext, longAt(ciphertext, secondLastBlock), lastBlock);
        storeLongAt(ciphertext, lBlock, secondLastBlock);
    }

    // loop over all other blocks, decrypting and xor'ing, and saving the results
    long prev = IV;
    for(int block = 0; block < blocks; ++block) {
        prev = cipher.decrypt(prev ^ longAt(ciphertext, block * 8));
        storeLongAt(plaintext, prev, block * 8);
    }

    return plaintext;
}


如果需要其他任何信息,请告诉我...我真的很困惑。

编辑:其他方法和类
storeLongAt()和longAt():

public static void storeLongAt(byte[] b, long x, int pos) {
    byte[] c = BlockCipher64.longToBytes(x);
    for(int i = 0; i < 8 && (pos + i) < b.length; ++i) {
        b[pos + i] = c[i];
    }
}

public static long longAt(byte[] b, int pos) {
    return BlockCipher64.bytesToLong(Arrays.copyOfRange(b, pos, pos + 8));
}


和BlockCipher64类:

public interface BlockCipher64 {
long encrypt(long block);
long decrypt(long block);

public static byte[] longToBytes(long l) {
    byte[] result = new byte[8];
    for (int i = 7; i >= 0; i--) {
        result[i] = (byte) l;
        l >>= 8;
    }
    return result;
}

public static long bytesToLong(byte[] b) {
    long result = 0;
    for (int i = 0; i < 8; i++) {
        result <<= 8;
        result |= ((long) b[i]) & 0xffL; // notice the L
    }
    return result;
}
}

最佳答案

您交换的是密文字节,而不是明文字节。注意,交换发生在最后一个块的加密之前(及时)。如果反向,则必须在解密最后一个块之后将其交换。

当前,您正在创建一个无效的密文,并尝试对其进行解密。

关于java - Java中的密文窃取,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/38732994/

10-10 01:12