我正在使用Pycryptodome(pycryptofork)创建AES-GCM密文。我使用以下Python代码进行加密:
cek = os.urandom(16)
nonce = os.urandom(12)
cipher = AES.new(cek, AES.MODE_GCM, nonce=nonce, mac_len=16)
ciphertext = cipher.encrypt(message)
然后我把这个传递给Java解密:
^{pr2}$但是,我得到了以下错误:
Exception in thread "main" javax.crypto.AEADBadTagException: Tag mismatch!
at com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:524)
at com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1023)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:960)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:824)
at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:436)
at javax.crypto.Cipher.doFinal(Cipher.java:2165)
您缺少一件事:Pycryptodome不会将哈希标记添加到消息中—您必须将其附加到加密的消息中:
例如
感谢Alastair McCormack's answer above,以下是对我有用的(Python代码):
以及相关的Java代码:
^{pr2}$相关问题 更多 >
编程相关推荐