所以我有一个学校项目,遇到一些麻烦。我们给了加密方法,然后要求为它创建一个解密方法。
public static byte[] encrypt(byte[] plaintext, BlockCipher64 cipher, long IV) {
if(plaintext.length <= 8)
throw new IllegalArgumentException("plaintext must be longer than 8 bytes!");
byte[] ciphertext = new byte[plaintext.length];
int blocks = plaintext.length / 8;
if(plaintext.length % 8 != 0) ++blocks;
long prev = IV;
for(int block = 0; block < blocks; ++block) {
prev = cipher.encrypt(prev ^ longAt(plaintext, block * 8));
storeLongAt(ciphertext, prev, block * 8);
}
// copy penultimate to last, then prev to penultimate (ciphertext stealing)
int lastBlock = (blocks - 1) * 8;
int secondLastBlock = (blocks - 2) * 8;
storeLongAt(ciphertext, longAt(ciphertext, secondLastBlock), lastBlock);
storeLongAt(ciphertext, prev, secondLastBlock);
return ciphertext;
}
因此,当字符串长度恰好为16(2个块)时,我已经使用了解密方法。其他带有偶数块(8的倍数)的字符串不起作用,例如24、32等。同样,部分块不起作用;如果我对长度为18的字符串进行加密并再次对其进行解密,则最后2个字符总是错误的。任何帮助深表感谢!这是我的解密方法:
public static byte[] decrypt(byte[] ciphertext, BlockCipher64 cipher, long IV) {
// code here
// check for an illegal argument
if(ciphertext.length <= 8)
throw new IllegalArgumentException("ciphertext must be longer than 8 bytes!");
// create a byte[] for the plaintext
byte[] plaintext = new byte[ciphertext.length];
// calculate how many blocks there are
int blocks = plaintext.length / 8;
if(plaintext.length % 8 != 0) ++blocks;
// handle the last two blocks (which are special because of ciphertext stealing)
int lastBlock = (blocks - 1) * 8;
int secondLastBlock = (blocks - 2) * 8;
long lBlock = longAt(ciphertext, lastBlock);
int lBlockSize = ciphertext.length % 8;
// if block sizes are even; swap, if block size is partial;
if (lBlockSize != 0) {
//get blocks to switch
byte[] NLB = new byte[lBlockSize];
for (int i=secondLastBlock, j=0; i<secondLastBlock + lBlockSize; i++, j++) {
NLB[j] = ciphertext[i];
}
byte[] NSLB = new byte[lBlockSize];
for (int i=lastBlock, j=0; i<lastBlock + lBlockSize; i++, j++) {
NSLB[j] = ciphertext[i];
}
//build ciphertext
for (int i=secondLastBlock, j=0; i<secondLastBlock + lBlockSize; i++, j++) {
ciphertext[i] = NSLB[j];
}
for (int i=lastBlock, j=0; i<lastBlock + lBlockSize; i++, j++) {
ciphertext[i] = NLB[j];
}
} else {
storeLongAt(ciphertext, longAt(ciphertext, secondLastBlock), lastBlock);
storeLongAt(ciphertext, lBlock, secondLastBlock);
}
// loop over all other blocks, decrypting and xor'ing, and saving the results
long prev = IV;
for(int block = 0; block < blocks; ++block) {
prev = cipher.decrypt(prev ^ longAt(ciphertext, block * 8));
storeLongAt(plaintext, prev, block * 8);
}
return plaintext;
}
如果需要其他任何信息,请告诉我...我真的很困惑。
编辑:其他方法和类
storeLongAt()和longAt():
public static void storeLongAt(byte[] b, long x, int pos) {
byte[] c = BlockCipher64.longToBytes(x);
for(int i = 0; i < 8 && (pos + i) < b.length; ++i) {
b[pos + i] = c[i];
}
}
public static long longAt(byte[] b, int pos) {
return BlockCipher64.bytesToLong(Arrays.copyOfRange(b, pos, pos + 8));
}
和BlockCipher64类:
public interface BlockCipher64 {
long encrypt(long block);
long decrypt(long block);
public static byte[] longToBytes(long l) {
byte[] result = new byte[8];
for (int i = 7; i >= 0; i--) {
result[i] = (byte) l;
l >>= 8;
}
return result;
}
public static long bytesToLong(byte[] b) {
long result = 0;
for (int i = 0; i < 8; i++) {
result <<= 8;
result |= ((long) b[i]) & 0xffL; // notice the L
}
return result;
}
}
最佳答案
您交换的是密文字节,而不是明文字节。注意,交换发生在最后一个块的加密之前(及时)。如果反向,则必须在解密最后一个块之后将其交换。
当前,您正在创建一个无效的密文,并尝试对其进行解密。
关于java - Java中的密文窃取,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/38732994/