通常,您不需要为具有确定性行为的算法生成随机数的对象。此外,在使用ECB块模式时,您不需要IV,这是Java默认设置。确切地说,Java默认为中的
"AES/ECB/PKCS5Padding"for
Cipher.getInstance("AES")。因此,您应该可以使用如下代码:
// lets use the actual key value instead of the platform specific character decodingbyte[] secret = Hex.depreHex("25d6c7fe35b9979a161f2136cd13b0ff".toCharArray());// that's fineSecretKeySpec secretKey = new SecretKeySpec(secret, "AES");// SecureRandom should either be slow or be implemented in hardwareSecureRandom random = new SecureRandom();// first create the cipherCipher eCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");// filled with 00h characters first, use Cipher instance so you can switch algorithmsbyte[] realIV = new byte[eCipher.getBlockSize()];// actually fill with randomrandom.nextBytes(realIV);// MISSING: create IvParameterSpecIvParameterSpec ivSpec = new IvParameterSpec(realIV);// create the cipher using the IVeCipher.init(Cipher.ENCRYPT_MODE, secretKey, ivSpec);// NOTE: you should really not encrypt passwords for verificationString stringToEncrypt = "mypassword";// convert to bytes first, but don't use the platform encodingbyte[] dataToEncrypt = stringToEncrypt.getBytes(Charset.forName("UTF-8"));// actually do the encryption using the databyte[] encryptedData = eCipher.doFinal(dataToEncrypt);现在看起来好多了。我已使用Apache Commons编解码器解码十六进制字符串。
请注意,您需要保存
realIV与
encryptedData和你有没有包括完整性保护,如MAC(口令,你可能不需要,虽然)。
