带BouncyCastle的java AES 256(而不是128)
我遵循了this post的大部分内容,目的是在我的软件中实现aes 256加密,它工作得很好
这里的关键点是,上面链接中描述的整个实现使用了AESENGE类。查看类代码和javadoc reference,AESEngine是128位而不是256位的分组密码
通过搜索代码和文档,我找不到192位或256位的实现。他们在哪里
为了完整起见,这是我实际加密类的核心:
private void init(String passphrase) {
try {
String algorithm = "PBEWithSHA256And256BitAES-CBC-BC";
encryptCipher = createCipher();
decryptCipher = createCipher();
randomGenerator = new RandomGenerator();
PBEKeySpec keySpec = new PBEKeySpec(passphrase.toCharArray(), KEY_SALT, ITERATIONS);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
key = keyFactory.generateSecret(keySpec);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("NoSuchAlgorithmException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
} catch (InvalidKeySpecException e) {
throw new RuntimeException("InvalidKeySpecException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
}
}
private BufferedBlockCipher createCipher() {
return new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESFastEngine()), new PKCS7Padding());
}
public byte[] encrypt(byte[] data) {
if (data == null)
throw new NullPointerException("Cannot encrypt null data");
byte[] iv = randomGenerator.generateRandom(IV_SIZE);
byte[] encrypted;
synchronized (encryptCipher) {
encrypted = runCipher(encryptCipher, true, data, iv);
}
return DataUtil.append(iv, encrypted);
}
public byte[] decrypt(byte[] data) {
if (data == null)
throw new NullPointerException("Cannot decrypt null data");
byte[] iv = DataUtil.extract(data, 0, IV_SIZE);
byte[] cipherText = DataUtil.extract(data, IV_SIZE, data.length - IV_SIZE);
byte[] decrypted;
synchronized (decryptCipher) {
decrypted = runCipher(decryptCipher, false, cipherText, iv);
}
return decrypted;
}
private byte[] runCipher(BufferedBlockCipher cipher, boolean forEncryption, byte[] data, byte[] iv) {
String operation = forEncryption ? "encrypt" : "decrypt";
try {
KeyParameter keyParam = new KeyParameter(key.getEncoded());
ParametersWithIV cipherParams = new ParametersWithIV(keyParam, iv);
cipher.init(forEncryption, cipherParams);
byte[] result = new byte[cipher.getOutputSize(data.length)];
int len = cipher.processBytes(data, 0, data.length, result, 0);
len += cipher.doFinal(result, len);
//Remove padding se estiver decriptografando
if(!forEncryption)
result = DataUtil.extract(result, 0, len);
return result;
} catch (DataLengthException e) {
throw new RuntimeException("DataLengthException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
} catch (IllegalStateException e) {
throw new RuntimeException("IllegalStateException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
} catch (InvalidCipherTextException e) {
throw new IllegalArgumentException("InvalidCipherTextException occured while trying to " + operation + " data with length " + data.length, e);
}
}
# 1 楼答案
AES支持3种密钥大小-Wikipedia、NIST
您可能指的是块大小,它固定为128位
此外,我还尝试了遍历代码,它是假设不同的密钥大小编写的—128、192和256。复制-从代码粘贴-“AES指定了128位的固定块大小和128/192/256位的密钥大小。编写此代码时假定这些是唯一可能的值”
# 2 楼答案
如果要使用256位的块大小执行类似AES的加密,应使用:
http://www.docjar.org/docs/api/org/bouncycastle/crypto/engines/RijndaelEngine.html
但这可能不是你想要的;AES-256中的256大约是密钥大小。然后,基础128位AES分组密码使用该密钥大小。AES是Rijndael的标准化128位块版本