Android传递IV参数加密/Decryption文本

Question

我希望你能帮我把我的密码联系起来。

我试图传递参数IV来加密/解码

加密功能：

我试图将文本连接起来；

encryptedText.setText(Base64.encodeToString(vals, Base64.DEFAULT) + ";" + (Base64.encodeToString(encryptionIv, Base64.DEFAULT)));

我认为这很好，就像图像所代表的那样。

 public void encryptString(String alias) {
        try {

            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey(alias, null);
            String initialText = startText.getText().toString();
            if(initialText.isEmpty()) {
                Toast.makeText(this, "Enter text in the 'Initial Text'", Toast.LENGTH_LONG).show();
                return;
            }
            Cipher inCipher = Cipher.getInstance("AES/GCM/NoPadding");

            inCipher.init(Cipher.ENCRYPT_MODE, secretKey);

            byte[] src= initialText.getBytes("UTF-8");

            byte[] iv = inCipher.getIV();
            assert iv.length == 12;
            byte[] cipherText = inCipher.doFinal(src);
            assert cipherText.length == src.length + 16;
            byte[] message = new byte[12 + src.length + 16];
            ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(
                    outputStream, inCipher);
            cipherOutputStream.write(src);
            cipherOutputStream.close();
            byte [] vals = outputStream.toByteArray();
            encryptedText.setText(Base64.encodeToString(vals, Base64.DEFAULT));
        } catch (Exception e) {
            Toast.makeText(this, "Exception " + e.getMessage() + " occurred", Toast.LENGTH_LONG).show();
            Log.e(TAG, Log.getStackTraceString(e));
        }
    }

你能帮我举个例子让解密工作正常吗？

谢谢你的帮助

更新:你好，我试图传递IV作为示例：

我的密码是：

 public void encryptString(String alias) {
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry)keyStore.getEntry(alias, null);
            RSAPublicKey publicKey = (RSAPublicKey) privateKeyEntry.getCertificate().getPublicKey();

            String initialText = startText.getText().toString();
            if(initialText.isEmpty()) {
                Toast.makeText(this, "Enter text in the 'Initial Text' widget", Toast.LENGTH_LONG).show();
                return;
            }

            Cipher inCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
            inCipher.init(Cipher.ENCRYPT_MODE, publicKey);

            ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(
                    outputStream, inCipher);
            cipherOutputStream.write(initialText.getBytes("UTF-8"));
            cipherOutputStream.close();

            byte [] vals = outputStream.toByteArray();
            encryptedText.setText(Base64.encodeToString(vals, Base64.DEFAULT));
        } catch (Exception e) {
            Toast.makeText(this, "Exception " + e.getMessage() + " occurred", Toast.LENGTH_LONG).show();
            Log.e(TAG, Log.getStackTraceString(e));
        }
    }

新更新：

加密码

public void encryptString(String alias) {
        try {

            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey(alias, null);
            String initialText = startText.getText().toString();
            if(initialText.isEmpty()) {
                Toast.makeText(this, "Enter text in the 'Initial Text'", Toast.LENGTH_LONG).show();
                return;
            }
            Cipher inCipher = Cipher.getInstance("AES/GCM/NoPadding");

            inCipher.init(Cipher.ENCRYPT_MODE, secretKey);

            byte[] src= initialText.getBytes("UTF-8");
            byte[] iv = inCipher.getIV();
            assert iv.length == 12;
            byte[] cipherText = inCipher.doFinal(src);
            assert cipherText.length == src.length + 16;
            byte[] message = new byte[12 + src.length + 16];
            System.arraycopy(iv, 0, message, 0, 12);
            System.arraycopy(cipherText, 0, message, 12, cipherText.length);
            //ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
            //CipherOutputStream cipherOutputStream = new CipherOutputStream(
              //      outputStream, inCipher);
            //cipherOutputStream.write(message);
            //cipherOutputStream.close();
            //byte [] vals = outputStream.toByteArray();
            encryptedText.setText(Base64.encodeToString(message, Base64.DEFAULT));
        } catch (Exception e) {
            Toast.makeText(this, "Exception " + e.getMessage() + " occurred", Toast.LENGTH_LONG).show();
            Log.e(TAG, Log.getStackTraceString(e));
        }
    }

解密码：(不起作用)

public void decryptString(String alias) {
        try {

            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey(alias, null);
            String cipherText = encryptedText.getText().toString();

            byte[] src = cipherText.getBytes();
            byte[] message = new byte[12 + src.length + 16];
            Cipher output = Cipher.getInstance("AES/GCM/NoPadding");
            GCMParameterSpec params = new GCMParameterSpec(128, message, 0, 12);
            output.init(Cipher.DECRYPT_MODE, secretKey, params);
          //  output.doFinal(message, 12, message.length - 12);



            CipherInputStream cipherInputStream = new CipherInputStream(
             new ByteArrayInputStream(Base64.decode(cipherText, Base64.DEFAULT)), output);
            ArrayList<Byte> values = new ArrayList<>();
           int nextByte;
           while ((nextByte = cipherInputStream.read()) != -1) {
                values.add((byte)nextByte);
            }

          byte[] bytes = new byte[values.size()];
         for(int i = 0; i < bytes.length; i++) {
            bytes[i] = values.get(i).byteValue();
         }

            String finalText = new String(bytes, 0, bytes.length, "UTF-8");
            decryptedText.setText(finalText);

        } catch (Exception e) {
            Toast.makeText(this, "Exception " + e.getMessage() + " occurred", Toast.LENGTH_LONG).show();
            Log.e(TAG, Log.getStackTraceString(e));
        }
    }

你能帮我处理图像中的错误显示吗？

<--更新的解决方案->

文字记录功能：

 public void encryptString(String alias) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey(alias, null);
            String initialText = startText.getText().toString();
            if(initialText.isEmpty()) {
                Toast.makeText(this, "Enter text in the 'Initial Text'", Toast.LENGTH_LONG).show();
                return;
            }
            Cipher inCipher = Cipher.getInstance("AES/GCM/NoPadding");
            inCipher.init(Cipher.ENCRYPT_MODE, secretKey);
            byte[] src= initialText.getBytes("UTF-8");
            byte[] iv = inCipher.getIV();
            assert iv.length == 12;
            byte[] cipherText = inCipher.doFinal(src);
            assert cipherText.length == src.length + 16;
            byte[] message = new byte[12 + src.length + 16];
            System.arraycopy(iv, 0, message, 0, 12);
            System.arraycopy(cipherText, 0, message, 12, cipherText.length);
            encryptedText.setText(Base64.encodeToString(message, Base64.DEFAULT));
        } catch (Exception e) {
            Toast.makeText(this, "Exception " + e.getMessage() + " occurred", Toast.LENGTH_LONG).show();
            Log.e(TAG, Log.getStackTraceString(e));
        }
    }

解密功能：

    public void decryptString(String alias) {
        try {

            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey(alias, null);
            String cipherText = encryptedText.getText().toString();
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            byte[] nonceCiphertextTag = Base64.decode(cipherText, Base64.DEFAULT);
            GCMParameterSpec params = new GCMParameterSpec(128, nonceCiphertextTag, 0, 12);
            cipher.init(Cipher.DECRYPT_MODE, secretKey, params);
            byte[] decrypted = cipher.doFinal(nonceCiphertextTag, 12, nonceCiphertextTag.length - 12);
            String finalText = new String(decrypted, 0, decrypted.length, "UTF-8");
            decryptedText.setText(finalText);
        } catch (Exception e) {
            Toast.makeText(this, "Exception " + e.getMessage() + " occurred", Toast.LENGTH_LONG).show();
            Log.e(TAG, Log.getStackTraceString(e));
        }
    }

非常感谢你的帮助@Topaco

Answer 1

在最新发布的加密代码中，现在、密文和标记连接在一起，Base64被编码，在下面的代码中称为nonceCiphertextTagB64。

解密时

• nonceCiphertextTagB64必须首先被Base64解码为nonceCiphertextTag，
• 必须封装在GCMParameterSpec实例中；nonce是nonceCiphertextTag的前12个字节，
• 必须创建AES/GCM/NoPadding的密码实例，该实例必须以密钥和解密模式的GCMParameterSpec实例初始化，H 213H 114H 114密文和标签的连接解密；密文和标签的连接是在解密后的数据。H 215F 216

在下面的示例实现中，对于一个repro，使用了32字节键01234567890123456789012345678901 (而不是来自密钥存储的密钥)。密文是用已发布的加密代码创建的，密码使用的是相同的密钥，而明文则是快速的棕色狐狸跳过懒惰的狗。

...
String nonceCiphertextTagB64 =
        "UpyxMnzPrw+zJGANL4wBbaC+UX5KnMKYwhR0u2iF/GDCcU38YKWlvJp1zJ+mrN0POP7lz9y+eweH\n" +
        "vIxAH4R4U3At8T0fVe0=";
SecretKeySpec secretKey = new SecretKeySpec("01234567890123456789012345678901".getBytes(StandardCharsets.UTF_8),"AES");
byte[] nonceCiphertextTag = Base64.decode(nonceCiphertextTagB64, Base64.DEFAULT);
GCMParameterSpec params = new GCMParameterSpec(128, nonceCiphertextTag, 0, 12);
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, secretKey, params);
byte[] decrypted = cipher.doFinal(nonceCiphertextTag, 12, nonceCiphertextTag.length - 12);
System.out.println(new String(decrypted, StandardCharsets.UTF_8)); // The quick brown fox jumps over the lazy dog
... 

产出如下：

The quick brown fox jumps over the lazy dog