我正在开发一个OSGi插件(bundle),它对字符串执行加密。字符串本身使用AES加密。我正在使用RSA加密AES密钥。一切都在我的单元测试中完美运行。
当我将插件部署到Karaf中时(目前还没有尝试过任何其他OSGi容器),加密密钥的结果是一堆零字节,最后是1个字节。没有例外被抛出。一切看起来都很正常,除了当我使用调试器时,我发现RSA公钥密码使用的是密钥规范,其中公共指数的值为零。这显然毫无意义,输出主要是零并不令我感到惊讶。
有人能说明为什么会这样吗?
添加一些代码片段:
public static Cipher createRsaCipher(final boolean keyTypePublic, final int mode, final KeySpec keySpec) throws GeneralSecurityException
{
final KeyFactory kfpri = KeyFactory.getInstance(RSA);
final Cipher result = Cipher.getInstance(RSA);
result.init(mode, keyTypePublic ? kfpri.generatePublic(keySpec) : kfpri.generatePrivate(keySpec));
return result;
}
private static Cipher createPublicKeyEncryptionCipher(final URL key) throws IOException, GeneralSecurityException {
try (InputStream stream = key.openStream()) {
final byte[] encodedKey = readPublicKeyBytes(stream);
final X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(encodedKey);
return CipherFactory.createRsaCipher(true, Cipher.ENCRYPT_MODE, publicKeySpec);
}
}
private static byte[] encrypt(final byte[] source, Cipher cipher) throws GeneralSecurityException {
final int bytes = source.length;
final int outputSize = cipher.getOutputSize(bytes);
final byte[] buffer = new byte[outputSize];
int resultLength = 0;
final int n = cipher.doFinal(source, 0, bytes, buffer, 0);
resultLength += n;
final byte[] result = new byte[resultLength];
System.arraycopy(buffer, 0, result, 0, resultLength);
return result;
}
openssl rsa -in private.pem -pubout -outform DER -out public.der
more private.pem
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA6LhJ1xCjo2mOMYO3Km5rk+1jpSUgeFLX296apNHgHVb7e9H/
.....etc...........
o6ZYdYg05ubEu+jRQkdudbA/7AXLwYOzGtzhla7ow5QhYcWtJEOwX4U=
-----END RSA PRIVATE KEY-----