如何解决javax.crypto.AEADBadTagException:GCM 中的 mac 检查失败
我正在开发 Android 客户端。我们有什么:
- 服务器使用 GCM 通过 AES 算法加密数据;
- 服务器通过 REST API 将其发送给客户端;
- 客户端必须解密数据并显示它。
我坚持了 3 步。我的问题是如何解密到达的数据。这是我已经尝试过的:
class PrivateInfoDecrypter {
companion object {
const val SECRET_KEY = "secret_key"
}
private val bytes = ByteArray(16)
private val gcmParameterSpec: GCMParameterSpec = GCMParameterSpec(128,bytes)
fun decrypt(input: String,smsCode: String): String {
val keySpec = generateKey(smsCode)
val cipher: Cipher = Cipher.getInstance("AES/GCM/nopadding")
cipher.init(Cipher.DECRYPT_MODE,keySpec,gcmParameterSpec)
val original = cipher.doFinal(input.toByteArray())
return String(original)
}
private fun generateKey(smsCode: String): SecretKeySpec {
val spec: KeySpec = PBEKeySpec(smsCode.tochararray(),SECRET_KEY.encodetoByteArray(),65536,256)
val f: SecretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1")
val key: SecretKey = f.generateSecret(spec)
return SecretKeySpec(key.encoded,"AES")
}
}
我在 logcat 中收到此错误:
E/Whoops: javax.crypto.AEADBadTagException: mac check in GCM Failed
at java.lang.reflect.Constructor.newInstance0(Native Method)
at java.lang.reflect.Constructor.newInstance(Constructor.java:430)
at com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher$AEADGenericBlockCipher.doFinal(BaseBlockCipher.java:1367)
at com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineDoFinal(BaseBlockCipher.java:1100)
at javax.crypto.Cipher.doFinal(Cipher.java:2056)
加密端:(服务器端代码)
private static final byte[] bytes = new byte[16];
static final GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(128,bytes);
String encrypt(String input) throws Exception {
KeySpec spec = new PBEKeySpec(otpCode.tochararray(),secretKey.getEncoded(),256);
SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
byte[] key = f.generateSecret(spec).getEncoded();
Cipher cipher = Cipher.getInstance("AES/GCM/nopadding");
SecretKeySpec keySpec = new SecretKeySpec(key,"AES");
cipher.init(Cipher.ENCRYPT_MODE,gcmParameterSpec);
var salted = getPseudoSaltedValue(val);
return new String(Hex.encode(cipher.doFinal(salted.getBytes())));
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。