我正在尝试模拟非对称密钥系统。我使用以下代码生成密钥对,加密,解密密码。我有一个分布式环境,目前我保存在文件系统中生成的密钥。我知道这不安全,但仅用于测试目的。
private static SecureRandom random = new SecureRandom();
static {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
}
protected synchronized void generateKeys() throws InvalidKeyException, IllegalBlockSizeException,
BadPaddingException, NoSuchAlgorithmException, NoSuchProviderException,
NoSuchPaddingException {
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "BC");
generator.initialize(256, random);
KeyPair pair = generator.generateKeyPair();
Key pubKey = pair.getPublic();
Key privKey = pair.getPrivate();
//store public key
try {
storeKey(pubKey, Constants.KEY_PATH.concat(Constants.SERVER_PREFIX.concat("-publickey")));
} catch (Exception e) {
e.printStackTrace();
DBLogger.logMessage(e.toString(), Status.KEY_GENERATION_ERROR);
}
//store private key
try {
storeKey(privKey, Constants.KEY_PATH.concat(Constants.SERVER_PREFIX.concat("-privatekey")));
} catch (Exception e) {
e.printStackTrace();
DBLogger.logMessage(e.toString(), Status.KEY_GENERATION_ERROR);
}
}
protected synchronized String encryptUsingPublicKey(String plainText) throws IllegalBlockSizeException, BadPaddingException,
NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException,
FileNotFoundException, IOException, ClassNotFoundException {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
cipher.init(Cipher.ENCRYPT_MODE, readKey(Constants.KEY_PATH.concat(Constants.SERVER_PREFIX.concat("-publickey"))), random);
byte[] cipherText = cipher.doFinal(plainText.getBytes());
System.out.println("cipher: " + new String(cipherText));
return new String(cipherText);
}
protected synchronized String decryptUsingPrivatekey(String cipherText) throws NoSuchAlgorithmException,
NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, FileNotFoundException,
IOException, ClassNotFoundException, IllegalBlockSizeException, BadPaddingException {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
cipher.init(Cipher.DECRYPT_MODE, readKey(Constants.KEY_PATH.concat(Constants.SERVER_PREFIX.concat("-privatekey"))));
byte[] plainText = cipher.doFinal(cipherText.getBytes());
System.out.println("plain : " + new String(plainText));
return new String(plainText);
}
public static void main(String[] args) {
KeyGenerator keyGenerator = new KeyGenerator();
try {
keyGenerator.deleteAllKeys(Constants.KEY_PATH);
keyGenerator.generateKeys();
String cipherText = keyGenerator.encryptUsingPrivateKey("dilshan");
keyGenerator.decryptUsingPublickey(cipherText);
// String cipherText = keyGenerator.encryptUsingPublicKey("dilshan1");
// keyGenerator.decryptUsingPrivatekey(cipherText);
} catch (Exception e) {
e.printStackTrace();
DBLogger.logMessage(e.toString(), Status.KEY_GENERATION_ERROR);
}
}
这在大多数时候都非常有效。但有时它会产生以下错误。偶尔会发生这种情况。大部分时间这是有效的,所以我没有问题是代码。我相信这与文件系统的序列化/序列化过程有关。感谢帮助。
注意:我正在使用bouncycastle。
错误如下,
javax.crypto.BadPaddingException: unknown block type
at org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi.engineDoFinal(Unknown Source)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at com.dilshan.ttp.web.KeyGenerator.decryptUsingPublickey(KeyGenerator.java:105)
at com.dilshan.ttp.web.KeyGenerator.main(KeyGenerator.java:150)
发生在,
byte[] plainText = cipher.doFinal(cipherText.getBytes());
在decryptUsingPrivatekey方法中。
答案 0 :(得分:5)
密文是二进制数据。如果使用默认编码将其转换为String,则很可能遇到无法用字符表示的字节序列。因此,在解密期间,当您将String转换回字节数组时,您不会得到相同的字节,并且解密失败。
要解决此问题,请不要将密文转换为字符串,而是将字节[]转换为。