Question

我在使用私钥加密时使用Microsoft Internet Explorer证书时遇到问题，并使用有问题的公钥解密

1）加密工作文件

public String encryption(String inputData, String key, String certificate) // Certificate is nothing but aliase name
{
    String encriptData = null;

    String verify = checkForCertificateConfig();
    if (!verify.equals("OK")) {
        return verify;
    }
    System.out.println("ENCRYPTION INPUTDATA : " + inputData);
    System.out.println("ENCRYPTION KEY : " + key);
    System.out.println("ENCRYPTION CERTIFICATE : " + certificate);
    try {
        if (key.equalsIgnoreCase("Private")) {
            // System.out.println("ENCRYPTION WITH PRIVATE KEY");
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(
                    certificate, null);
            encriptData = encryptString(inputData, privateKey);
        } else {
            // System.out.println("ENCRYPTION WITH PUBLIC KEY");
            encriptData = encryptString(inputData,
                    keyStore.getCertificate(certificate).getPublicKey());
        }
    } catch (NoSuchPaddingException ex) {
        encriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (IllegalBlockSizeException ex) {
        encriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (NoSuchAlgorithmException ex) {
        encriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (UnrecoverableKeyException ex) {
        encriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (InvalidKeyException ex) {
        encriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (KeyStoreException ex) {
        encriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (BadPaddingException ex) {
        encriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (Exception ex) {
        encriptData = ex.getMessage();
        ex.printStackTrace();

    }
    return encriptData;
}

private String encryptString(String encStr, PrivateKey key)
        throws NoSuchAlgorithmException, NoSuchPaddingException,
        InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
    String encoutStr = null;

    /**
     * first check key generation algorithm and initialize Cipher object
     * according algorithm
     */
    if (key.getAlgorithm().equalsIgnoreCase("RSA")) {
        edCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    } else if (key.getAlgorithm().equalsIgnoreCase("DSA")) {
        edCipher = Cipher.getInstance("DSA/ECB/PKCS1Padding");
    }

    /**
     * Initialize Cipher Object with Private key and mode of Encryption
     */
    edCipher.init(Cipher.ENCRYPT_MODE, key);
    byte[] buff = encStr.getBytes();
    /**
     * Encrypt the String and get binary data
     */
    byte[] encryptedDataStringBytes = edCipher.doFinal(buff);
    /**
     * Encode the binary data into String formate
     */
    encoutStr = this.bASE64Encoder.encode(encryptedDataStringBytes);

    return encoutStr;
}

2）解密得到错误，如

public String decryption(String inputData, String key, String certificate) {
    String decriptData = null;

    String verify = checkForCertificateConfig();
    if (!verify.equals("OK")) {
        return verify;
    }

    System.out.println("DECRYPTION INPUTDATA : " + inputData);
    System.out.println("DECRYPTION KEY : " + key);
    System.out.println("DECRYPTION CERTIFICATE : " + certificate);
    try {
        if (key.equalsIgnoreCase("Private")) {
            // System.out.println("DECRYPTION WITH PRIVATE KEY");
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(
                    certificate, null);
            decriptData = decryptString(inputData, privateKey);
        } else {
            // System.out.println("DECRYPTION WITH PUBLIC KEY");
            decriptData = decryptString(inputData,
                    keyStore.getCertificate(certificate).getPublicKey());
        }
    } catch (NoSuchPaddingException ex) {
        decriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (IllegalBlockSizeException ex) {
        decriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (NoSuchAlgorithmException ex) {
        decriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (UnrecoverableKeyException ex) {
        decriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (InvalidKeyException ex) {
        decriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (KeyStoreException ex) {
        decriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (BadPaddingException ex) {
        decriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (IOException ex) {
        decriptData = ex.getMessage();
        ex.printStackTrace();

    } catch (Exception ex) {
        decriptData = ex.getMessage();
        ex.printStackTrace();

    }
    return decriptData;
}   

private String decryptString(String dncStr, PrivateKey key)
        throws NoSuchAlgorithmException, NoSuchPaddingException,
        InvalidKeyException, IOException, IllegalBlockSizeException,
        BadPaddingException {
    String decStr = null;

    /**
     * first check key generation algorithm and initialize Cipher object
     * according algorithm
     */
    if (key.getAlgorithm().equalsIgnoreCase("RSA")) {
        edCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    } else if (key.getAlgorithm().equalsIgnoreCase("DSA")) {
        edCipher = Cipher.getInstance("DSA/ECB/PKCS1Padding");
    }
    /**
     * Initialize Cipher Object with Private key and mode of Decryption
     */
    edCipher.init(Cipher.DECRYPT_MODE, key);
    /**
     * Decode the encrypted String convert into binary formate
     */
    byte[] encryptedDataStringBytes = this.bASE64Decoder
            .decodeBuffer(dncStr);
    /**
     * Decrypt the binary data and get Original encrypted String.
     */
    decStr = new String(edCipher.doFinal(encryptedDataStringBytes));

    return decStr;
}

错误如...

javax.crypto.BadPaddingException: Blocktype mismatch: 0
at sun.security.rsa.RSAPadding.unpadV15(Unknown Source)
at sun.security.rsa.RSAPadding.unpad(Unknown Source)
at com.sun.crypto.provider.RSACipher.a(DashoA13*..)
at com.sun.crypto.provider.RSACipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at eTokenApplet.decryptString(eTokenApplet.java:1255)
at eTokenApplet.decryption(eTokenApplet.java:1099)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSInvoke.invoke(Unknown Source)
at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Answer 1

对于可变长度消息，大多数加密/解密算法都具有所需的块大小。如果数据没有正确填充块 - 发生了不好的事情 - 所以你需要填充数据

有关http://www.di-mgt.com.au/cryptopad.html

的填充的详细信息

加密证书

1 个答案: