我的代码存在问题。
我要做的是使用ECB模式加密文件(意思是,加密文本块而不链接到下一个块)。
它有时会很完美,但有时它不会。当它加密128个字节的数据并写入129个字节时会出现问题。它将完美地工作,直到它第一次这样做,但然后解密将关闭一个字节,并将搞乱一切。我知道这一点,因为当它出错时,你可以看到密码(在第88行,一个字节数组)长度为129,而不是128,然后它被写入文件。
以下是我的意思的一个例子: 加密: testtesttesttesttesttesttest testtesttesttesttesttesttest testtesttesttesttesttesttest testtesttesttesttesttesttest testtesttesttesttesttesttest
输出: testtesttesttesttesttesttest testtesttesttesttesttesttest testtesttesttesttesttesttest testtesttesttesttesttesttest testtest(500字节的混乱数据)
我附上了我的整个代码;为了快速运行,我已经启用解密功能,在加密后立即生成stdout。
所以简单地运行: -k key(将生成key.public和key.private) -e key.public -i input -o output(将加密一些文件输入并将其存储在输出中,读取该文件,解密,发送到stdout)。
任何帮助将不胜感激!
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Arrays;
import java.util.Scanner;
import java.io.*;
import java.util.List;
import java.util.Random;
public class RSA {
public static void main(String[] args) throws UnsupportedEncodingException {
List<String> list = Arrays.asList(args);
if(list.contains("-h")) {
System.out.println("Usage:");
System.out.println("RSA -h - View command-line arguments.");
System.out.println("RSA -k <key file> -b <bit size> - Generate public/private keyfiles of size <bit size>.");
System.out.println("RSA -e <key file>.public -i <input file> -o <output file> - Encrypt <input file> with key <key file>, store in <output file>.");
System.out.println("RSA -d <key file>.private -i <input file> -o <output file> - Decrypt <input file> with key <key file>, store in <output file>.");
} else if (list.contains("-k")) {
String key_file = "";
try {
key_file = list.get(list.indexOf("-k") + 1);
if(key_file.equals("-b")) {
System.out.println("Usage:");
System.out.println("RSA -k <key file> -b <bit size> - Generate public/private keyfiles of size <bit size>.");
System.exit(1);
}
} catch (ArrayIndexOutOfBoundsException e) {
System.out.println("Usage:");
System.out.println("RSA -k <key file> -b <bit size> - Generate public/private keyfiles of size <bit size>.");
System.exit(1);
}
int bit_size = 0;
if(!list.contains("-b")) {
bit_size = 1024;
} else {
try {
bit_size = Integer.parseInt(list.get(list.indexOf("-b") + 1));
} catch(ArrayIndexOutOfBoundsException e) {
System.out.println("Usage:");
System.out.println("RSA -k <key file> -b <bit size> - Generate public/private keyfiles of size <bit size>.");
System.exit(1);
}
}
generate_key(bit_size, key_file);
} else if (list.contains("-e")) {
//get input file and output file
String input_file = "";
String key_file = "";
String output_file = "";
try {
input_file = list.get(list.indexOf("-i") + 1);
output_file = list.get(list.indexOf("-o") + 1);
key_file = list.get(list.indexOf("-e") + 1);
} catch (ArrayIndexOutOfBoundsException e) {
System.out.println("Usage:");
System.out.println("RSA -e <key file>.public -i <input file> -o <output file> - Encrypt <input file> with key <key file>, store in <output file>.");
System.exit(1);
}
String public_key = read_file(key_file);
String private_key = read_file("key.private");
BigInteger public_modulus = new BigInteger(public_key.substring(1, public_key.indexOf(',')));
BigInteger public_exponent = new BigInteger(public_key.substring(public_key.indexOf(',') + 1, public_key.length() - 1));
byte[] file = read_bytes(input_file);
byte[] cipher = new byte[128];
byte[] decrypted = new byte[128];
BigInteger d = new BigInteger(private_key.substring(1, private_key.indexOf(',')));
BigInteger modulus = new BigInteger(private_key.substring(private_key.indexOf(',') + 1, private_key.length() - 1));
write_file(output_file, "", false);
int index = 0;
while (index<file.length) {
byte[] block = Arrays.copyOfRange(file, index, index+128);
cipher = new BigInteger(block).modPow(public_exponent, public_modulus).toByteArray();
append_bytes(output_file, cipher);
index+=128;
}
byte[] encrypted = read_bytes(output_file);
index = 0;
while(index < encrypted.length) {
byte[] block = Arrays.copyOfRange(encrypted, index, index+256);
decrypted = new BigInteger(block).modPow(d, modulus).toByteArray();
System.out.println(new String(decrypted));
index+= 256;
}
} else if (list.contains("-d")) {
/*String input_file, output_file, key_file;
input_file = output_file = key_file = "";
try {
input_file = list.get(list.indexOf("-i") + 1);
output_file = list.get(list.indexOf("-o") + 1);
key_file = list.get(list.indexOf("-d") + 1);
} catch (ArrayIndexOutOfBoundsException e) {
System.out.println("Usage:");
System.out.println("RSA -d <key file>.private -i <input file> -o <output file> - Decrypt <input file> with key <key file>, store in <output file>.");
System.exit(1);
}
String private_key = read_file(key_file).toString();
BigInteger d = new BigInteger(private_key.substring(1, private_key.indexOf(',')));
BigInteger modulus = new BigInteger(private_key.substring(private_key.indexOf(',') + 1, private_key.length() - 1));
byte[] encrypted = null;
/* todo */
} else {
System.out.println("Usage:");
System.out.println("RSA -h - View command-line arguments.");
System.out.println("RSA -k <key file> -b <bit size> - Generate public/private keyfiles of size <bit size>.");
System.out.println("RSA -e <key file>.public -i <input file> -o <output file> - Encrypt <input file> with key <key file>, store in <output file>.");
System.out.println("RSA -d <key file>.private -i <input file> -o <output file> - Decrypt <input file> with key <key file>, store in <output file>.");
}
}
private static void generate_key(int bit_size, String key_file) {
BigInteger p = BigInteger.probablePrime(bit_size, new Random());
BigInteger q = BigInteger.probablePrime(bit_size, new Random());
BigInteger one = new BigInteger("1");
BigInteger phi = new BigInteger("1");
BigInteger e = new BigInteger("65537");
boolean done = false;
while(!done) {
BigInteger temp = p.subtract(one);
BigInteger temp2 = q.subtract(one);
phi = (temp.multiply(temp2));
if(phi.gcd(e).equals(one)) {
done = true;
} else {
e = BigInteger.probablePrime(bit_size, new Random());
}
}
BigInteger public_modulus = p.multiply(q);
BigInteger public_exponent = e;
BigInteger private_key = public_exponent.modInverse(phi); //d
try {
write_file(key_file + ".public", "(" + public_modulus + "," + e + ")", false);
write_file(key_file + ".private", "(" + private_key.toString() + "," + public_modulus + ")", false);
} catch (Exception ex) {
System.out.println("Error creating key files.");
System.exit(1);
}
}
public static void write_bytes(String file_name, byte[] bytes) {
try {
FileOutputStream fos = new FileOutputStream(new File(file_name));
fos.write(bytes);
fos.close();
} catch (IOException e) {
System.out.println("Error writing bytes to file.");
System.exit(1);
}
}
public static String read_file(String file_name) {
boolean is_key = false;
if(file_name.contains(".public") || file_name.contains(".private"))
is_key = true;
Scanner sc = null;
try {
sc = new Scanner (new File(file_name));
} catch (FileNotFoundException e) {
System.out.println("Input file does not exist.");
System.exit(1);
}
StringBuilder buf = new StringBuilder("");
while (sc.hasNext ()) {
buf.append (sc.nextLine());
if(!is_key)
buf.append("\n");
}
sc.close();
return buf.toString();
}
public static byte[] read_bytes(String file_name) {
Path path = Paths.get(file_name);
byte[] encrypted = null;
try {
encrypted = Files.readAllBytes(path);
} catch (IOException e) {
System.out.println("Error reading bytes from " + file_name);
System.exit(1);
}
return encrypted;
}
public static void append_bytes(String file_name, byte[] bytes) {
try {
OutputStream fos = new FileOutputStream(file_name, true);
fos.write(bytes);
fos.flush();
fos.close();
} catch (IOException e) {
e.printStackTrace();
System.out.println("Error appending bytes to file.");
System.exit(1);
}
}
public static void write_file(String file_name, String message, boolean append) {
try {
FileWriter fstream = new FileWriter(file_name, append);
BufferedWriter out = new BufferedWriter(fstream);
out.write(message);
out.close();
} catch (Exception e){
System.out.println("Error writing to file.");
System.exit(1);
}
}
}
答案 0 :(得分:2)
欧洲央行是block cipher mode of operation。 RSA是public key encryption scheme,而不是block cipher。
一般来说,it doesn't make sense to encrypt long messages directly with RSA。相反,您将使用hybrid encryption:为AES之类的对称密码选择随机密钥,使用对称密码加密消息,然后使用RSA加密对称密钥。
另外,在使用RSA加密密钥时,请记住使用适当的填充方案,例如OAEP; unpadded“教科书RSA”并不安全。 (或者使用像RSA-KEM这样不需要填充的方案。)不要将ECB模式用于AES;使用像CBC或CTR这样的语义安全模式,或者更好的是authenticated encryption模式。
答案 1 :(得分:0)
问题是“BigInteger.toByteArray()”。这个字节数组需要进行后处理。 数组的第一个元素携带符号位,其他字节被视为无符号。如果正数的最高有效位在第 7 位,则该方法添加前导 0 来表示正号。如果删除此 0 字节,则输出具有恒定的块大小。相反,当从数组构造一个正 BigInteger 时,它需要一个前导零位 7。
关于密钥生成:q,p 有规律的半位大小,“n = p*q”见 Wikipedia RSA Key Generation
关于安全性:如上所述,“教科书 RSA”对于流式传输并不安全。所需的最小修改是在每个块中添加一些随机字节“盐”。常见的 RSA 实现为此保留了大约 25% 的块大小。另外更好的是切换到操作模式CBC。
关于接受:几乎没有可移植的加密算法,可用于所有 Java 运行时提供程序和版本,每个变体都在不断开发,并且具有有限的生命周期。此外,实现是隐藏的,可能有后门。由于分解问题的难度,自己做是可移植的、可追溯的和安全的,而个别修改攻击者不知道。最后,缺乏性能是一个安全因素,例如当您引入密码相关哈希时,暴力密码搜索无法及时成功。