我试图加密android上的图像,将它们发送到服务器,以便它处理它们 . 服务器必须解密收到的消息 . 我已经在这个question发布了代码
我在Android端调用了加密函数,在java服务器端调用了decrypt函数(图像是通过TCP发送的) .
但是,我收到错误:
javax.crypto.BadPaddingException: Given final block not properly padded
我在android上输出密钥并获得:
javax.crypto.spec.SecretKeySpec@652
而在Java服务器上(使用Netbeans开发)我得到:
javax.crypto.spec.SecretKeySpec@148dd
我认为填充是不同的所以我用过
AES/ECB/PKCS5Padding
而不是AES
但Java服务器输出错误:
should use AES.
我该如何解决这个问题?
对于android端发送:
public void send(Bitmap mRgbImage1_array, int port_number)
throws IOException {
socket = new Socket("192.168.0.107", port_number);
boolean encrypt = HomeScreen.checkbox2.isChecked();
ByteArrayOutputStream stream = new ByteArrayOutputStream();
mRgbImage1_array.compress(CompressFormat.JPEG, 100, stream);
InputStream photoStream = new ByteArrayInputStream(stream.toByteArray());
BufferedInputStream bis = new BufferedInputStream(photoStream);
byte[] mybytearray = new byte[photoStream.available()];
bis.read(mybytearray, 0, mybytearray.length);
photoStream.close();
if(encrypt)
{
try {
byte[] dst = Security.encrypt(mybytearray);
mybytearray = new byte[10000];
for(int i=0; i<dst.length;i++)
{
mybytearray[i] = dst[i];
}
} catch (Exception e1) {
/// TODO Auto-generated catch block
e1.printStackTrace();
}
}
os = socket.getOutputStream();
os.write(mybytearray);
os.flush();
os.close();
if (os != null)
{
try {
os.close();
}
catch (IOException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
对于Java服务器端的接收:
public static void receive(int port_number) {
boolean received = false;
Socket socket = null;
InputStream is = null;
int bytesRead;
int current = 0;
BufferedOutputStream bos = null;
try {
if (serverSocket == null) {
serverSocket = new ServerSocket(port_number);
}
System.out.println("Listening :" + port_number);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
while (!received) {
try {
socket = serverSocket.accept();
InetAddress ip = socket.getInetAddress();
String[] ip1 = ip.toString().split("/");
ip2 = ip1[1];
System.out.println("ip is " + ip2);
byte[] mybytearray = new byte[10000000];
is = socket.getInputStream();
FileOutputStream fos = new FileOutputStream("source-image.jpeg");
bos = new BufferedOutputStream(fos);
bytesRead = is.read(mybytearray, 0, mybytearray.length);
current = bytesRead;
do {
bytesRead =
is.read(mybytearray, current, (mybytearray.length - current));
if (bytesRead >= 0) {
current += bytesRead;
}
} while (bytesRead > -1);
if(Networker.should_encrypt)
{
try {
mybytearray = Security1.decrypt(mybytearray);
} catch (Exception e1) {
/// TODO Auto-generated catch block
e1.printStackTrace();
}
}
bos.write(mybytearray, 0, current);
bos.flush();
bos.close();
received = true;
} catch (IOException ex) {
Logger.getLogger(MyServer1.class.getName()).log(Level.SEVERE, null, ex);
} finally {
if (socket != null) {
try {
socket.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if (is != null) {
try {
is.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
}
}
1 回答
我相信这是问题所在:
即使您只实际编写了少量数据,也总是要解密10000000字节 . 您应该更改
decrypt方法以说明要解密的数据量,然后调用doFinal(byte[], int, int).我还建议尝试以流式方式处理加密/解密,而不是预先分配10MB(在大多数情况下这将是浪费,而在其他情况下可能会太短),但这是一个更大的变化 .
此外,这在加密代码中是个坏主意:
您假设可用的数量是整个文件 . 情况可能并非如此 . 您通常应该循环,从文件流中读取并写入加密流 . 哦,
close()调用应该在finally块中 .如果你真的想在一次调用中进行所有的加密/解密,你可以循环读取文件或网络流并写入
ByteArrayOutputStream,这样你就不需要硬编码大小或从available()开始 . . 然后使用ByteArrayOutputStream.toByteArray()获取正确大小的字节数组 . (诚然,这涉及额外的副本 . )