问题描述
我有一个硬编码的密钥,我想用它在将字符串存储在 SharedPreferences
之前对其进行加密.这是我到目前为止的代码:
I have a hardcoded key with which I want to encrypt a string before storing it in SharedPreferences
. This is the code I have so far:
public class TokenEncryptor {
private final static String TOKEN_KEY = "91a29fa7w46d8x41";
public static String encrypt(String plain) {
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
AlgorithmParameterSpec ivSpec = new IvParameterSpec(new byte[16]);
SecretKeySpec newKey = new SecretKeySpec(TOKEN_KEY.getBytes(), "AES");
cipher.init(Cipher.ENCRYPT_MODE, newKey, ivSpec);
return new String(cipher.doFinal(plain.getBytes()));
} catch (Exception e) {
Ln.e(e);
return null;
}
}
public static String decrypt(String encoded) {
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
AlgorithmParameterSpec ivSpec = new IvParameterSpec(new byte[16]);
SecretKeySpec newKey = new SecretKeySpec(TOKEN_KEY.getBytes(), "AES");
cipher.init(Cipher.DECRYPT_MODE, newKey, ivSpec);
return new String(cipher.doFinal(encoded.getBytes()));
} catch (Exception e) {
Ln.e(e);
return null;
}
}
}
它似乎在decrypt
方法的末尾捕获异常:
It seems to be catching an exception at the end of decrypt
method:
javax.crypto.IllegalBlockSizeException:错误:0606506D:数字信封例程:EVP_DecryptFinal_ex:最终块长度错误
有人能指出我正确的方向吗?我有一种感觉,我在实例化 IvParameterSpec
时做错了什么.
Can someone point me in the right direction? I have a feeling I'm doing something wrong instantiating IvParameterSpec
.
推荐答案
当你用 AES 加密一个字符串时,你会得到一个字节数组.尝试将这些字节直接转换为字符串 (new String(cipher.doFinal(plaintextBytes))
) 会导致各种问题.如果您要求加密方法的输出是字符串,请使用 Base64
而不是尝试直接转换.在您的解密方法中,在解密字节数组之前,将 Base64
字符串转换回字节数组.
When you encrypt a string with AES, you get an array of bytes back. Trying to convert those bytes directly to a string (new String(cipher.doFinal(plaintextBytes))
) will cause all sorts of problems. If you require the output from your encryption method to be a string, then use Base64
rather than attempting a direct conversion. In your decryption method, convert the Base64
string back into a byte array before decrypting the byte array.
另外,不要使用 getBytes()
因为输出取决于系统默认值.使用 getBytes("utf-8")
或其他什么.这消除了歧义.
Also, do not use getBytes()
since the output depends on the system defaults. Use getBytes("utf-8")
or whatever. That eliminates ambiguity.
这篇关于尝试使用 AES 加密和解密字符串时出现 IllegalBlockSizeException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!