我想使用CryptoAPI在C++中进行加密,并使用SunJCE对Java进行解密。我已经获得了RSA密钥的工作 - 并在一个测试字符串上进行了验证。但是,我的AES密钥无法使用 - 我收到javax.crypto.BadPaddingException: Given final block not properly padded
。CryptoAPI C++使用AES与Java互操作
C++加密:
// init and gen key
HCRYPTPROV provider;
CryptAcquireContext(&provider, NULL, MS_ENH_RSA_AES_PROV, PROV_RSA_AES, CRYPT_VERIFYCONTEXT);
// Use symmetric key encryption
HCRYPTKEY sessionKey;
DWORD exportKeyLen;
CryptGenKey(provider, CALG_AES_128, CRYPT_EXPORTABLE, &sessionKey);
// Export key
BYTE exportKey[1024];
CryptExportKey(sessionKey, NULL, PLAINTEXTKEYBLOB, 0, exportKey, &exportKeyLen);
// skip PLAINTEXTKEYBLOB header
// { uint8_t bType, uint8_t version, uint16_t reserved, uint32_t aiKey, uint32_t keySize }
DWORD keySize = *((DWORD*)(exportKey + 8));
BYTE * rawKey = exportKey + 12;
// reverse bytes for java
for (unsigned i=0; i<keySize/2; i++) {
BYTE temp = rawKey[i];
rawKey[i] = rawKey[keySize-i-1];
rawKey[keySize-i-1] = temp;
}
// Encrypt message
BYTE encryptedMessage[1024];
const char * message = "Decryption Works";
BYTE messageLen = (BYTE)strlen(message);
memcpy(encryptedMessage, message, messageLen);
DWORD encryptedMessageLen = messageLen;
CryptEncrypt(sessionKey, NULL, TRUE, 0, encryptedMessage, &encryptedMessageLen, sizeof(encryptedMessage));
// reverse bytes for java
for (unsigned i=0; i<encryptedMessageLen/2; i++) {
BYTE temp = encryptedMessage[i];
encryptedMessage[i] = encryptedMessage[encryptedMessageLen - i - 1];
encryptedMessage[encryptedMessageLen - i - 1] = temp;
}
BYTE byteEncryptedMessageLen = (BYTE)encryptedMessageLen;
FILE * f = fopen("test.aes", "wb");
fwrite(rawKey, 1, keySize, f);
fwrite(&byteEncryptedMessageLen, 1, sizeof(byteEncryptedMessageLen), f);
fwrite(encryptedMessage, 1, encryptedMessageLen, f);
fclose(f);
// destroy session key
CryptDestroyKey(sessionKey);
CryptReleaseContext(provider, 0);
爪哇解密:
try
{
FileInputStream in = new FileInputStream("test.aes");
DataInputStream dataIn = new DataInputStream(in);
// stream key and message
byte[] rawKey = new byte[16];
dataIn.read(rawKey);
byte encryptedMessageLen = dataIn.readByte();
byte[] encryptedMessage = new byte[encryptedMessageLen];
dataIn.read(encryptedMessage);
// use CBC/PKCS5PADDING, with 0 IV -- default for Microsoft Base Cryptographic Provider
SecretKeySpec sessionKey = new SecretKeySpec(rawKey, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, sessionKey, new IvParameterSpec(new byte[16]));
cipher.doFinal(encryptedMessage);
}
catch (Exception e) {
e.printStackTrace();
}
在类似的例子中,我试图不可逆密钥的字节,并在该消息中没有反转的字节排列。如果我使用java导入的密钥进行加密和解密,我会得到有效的结果。我也可以用C++专门加密和解密。
问题:
- 我应该使用CBC/PKCS5PADDING?这是
MS_ENH_RSA_AES_PROV
的默认值吗? - 是否归零IV确实是
MS_ENH_RSA_AES_PROV
的默认值? - 有没有什么方法可以诊断密钥行为的细节?
- 我想坚持使用标准的Java包,而不是安装BouncyCastle的,但在那里,这将使第三方包工作做得更好什么不同吗?
如果使用加密,它可能是高度完整的软件(或至少某些部分)。停止忽略来自CryptoAPI的返回值。 – jww 2012-01-06 22:34:26
缺少的返回值只是为了简化这里的代码。实际的单元测试检查所有返回代码。 – RunHolt 2012-01-09 11:26:17