我跟很多this post,其目标是实现我的软件AES 256加密和它工作得很好AES 256(而不是128)与BouncyCastle的
的关键点在这里是整个实施上述链接使用AESEngine类。看看类代码和javadoc reference,AESEngine是128位而不是256位块密码
搜索通过代码和文档我找不到192或256位的实现。他们在哪里?
为了完整,这是我的实际加密类的核心:
private void init(String passphrase) {
try {
String algorithm = "PBEWithSHA256And256BitAES-CBC-BC";
encryptCipher = createCipher();
decryptCipher = createCipher();
randomGenerator = new RandomGenerator();
PBEKeySpec keySpec = new PBEKeySpec(passphrase.toCharArray(), KEY_SALT, ITERATIONS);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
key = keyFactory.generateSecret(keySpec);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("NoSuchAlgorithmException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
} catch (InvalidKeySpecException e) {
throw new RuntimeException("InvalidKeySpecException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
}
}
private BufferedBlockCipher createCipher() {
return new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESFastEngine()), new PKCS7Padding());
}
public byte[] encrypt(byte[] data) {
if (data == null)
throw new NullPointerException("Cannot encrypt null data");
byte[] iv = randomGenerator.generateRandom(IV_SIZE);
byte[] encrypted;
synchronized (encryptCipher) {
encrypted = runCipher(encryptCipher, true, data, iv);
}
return DataUtil.append(iv, encrypted);
}
public byte[] decrypt(byte[] data) {
if (data == null)
throw new NullPointerException("Cannot decrypt null data");
byte[] iv = DataUtil.extract(data, 0, IV_SIZE);
byte[] cipherText = DataUtil.extract(data, IV_SIZE, data.length - IV_SIZE);
byte[] decrypted;
synchronized (decryptCipher) {
decrypted = runCipher(decryptCipher, false, cipherText, iv);
}
return decrypted;
}
private byte[] runCipher(BufferedBlockCipher cipher, boolean forEncryption, byte[] data, byte[] iv) {
String operation = forEncryption ? "encrypt" : "decrypt";
try {
KeyParameter keyParam = new KeyParameter(key.getEncoded());
ParametersWithIV cipherParams = new ParametersWithIV(keyParam, iv);
cipher.init(forEncryption, cipherParams);
byte[] result = new byte[cipher.getOutputSize(data.length)];
int len = cipher.processBytes(data, 0, data.length, result, 0);
len += cipher.doFinal(result, len);
//Remove padding se estiver decriptografando
if(!forEncryption)
result = DataUtil.extract(result, 0, len);
return result;
} catch (DataLengthException e) {
throw new RuntimeException("DataLengthException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
} catch (IllegalStateException e) {
throw new RuntimeException("IllegalStateException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
} catch (InvalidCipherTextException e) {
throw new IllegalArgumentException("InvalidCipherTextException occured while trying to " + operation + " data with length " + data.length, e);
}
}
只有128位块大小的AES版本。有更高版本的Rijndael,底层算法。 AES-256中的256是该算法的*密钥大小*,但它也对内部向量和轮次数有所影响。 –
PS我假设你使用Bouncy来获得256位AES,否则你不需要使用Bouncy Castle的轻量级API。作为一个小的优化,你可以使用'BlockCipher.getBlockSize()'而不是你的IV大小的常量。 –
假设owlstead对于您的真实目标是正确的(即使用256位*键*),我可以问您是否必须从头开始实施这么多过程?只是想仔细检查一下这是一个有趣的非工作时间项目或学校工作。否则,我们可以向您展示*更多更容易的路线,以实现您的目标。 –