我正在尝试使用包含在RSA密钥对中的AES密钥加密文件..
我正在尝试将包装好的密钥放在文件的开头,然后为了解密,我将包装密钥的前256个字节用于获取它。
问题是我正在以1024字节的块加密文件。因此,对于解密,我需要获取文件的最后一个字节(不是前256个,因为它们是关键)
所以在this image中你可以看到过程
<a href='http://postimg.org/image/htmelww63/' target='_blank'><img src='http://s1.postimg.org/htmelww63/Blank_Flowchart_New_Page.jpg' border='0' alt="Blank Flowchart New Page" /></a>
所以问题是当我需要解密除前256个字节之外的文件。我找不到一个有效的算法...
这里是加密代码:
public static void fileEncripWrapped(File in, File out, PublicKey pub, byte [] key) {
try {
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
//Encrypting wrapped key
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.WRAP_MODE, pub);
byte[] encKey = cipher.wrap(keySpec);
FileOutputStream osAppend = new FileOutputStream(out);
osAppend.write(encKey);
osAppend.close();
// Crypting the file
cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
cipher.init(Cipher.ENCRYPT_MODE, keySpec);
FileInputStream is = new FileInputStream(in);
CipherOutputStream os = new CipherOutputStream(new FileOutputStream(out, true), cipher);
copy(is, os);
is.close();
os.close();
} catch (Exception ex) {
System.err.println("Ha succeït un error xifrant: " + ex);
}
}
这是我用于将inputStream以1024字节为单位复制到outputStream的代码。
private static void copy(InputStream is, OutputStream os) throws IOException {
int i;
byte[] b = new byte[1024];
while((i=is.read(b))!=-1) {
os.write(b, 0, i);
}
}
现在问题在于解密:
public static void fileUncryptWrapped(File in, File out, PrivateKey priv) {
try {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.UNWRAP_MODE, priv);
//First we must to take the wrapped key in the first 256 bytes of the file:
byte[] bufferKey = new byte[256];
InputStream is = new FileInputStream(in);
if (is.read(bufferKey) != bufferKey.length) {
}
is.close();
Key ky = cipher.unwrap(bufferKey, "AES", Cipher.SECRET_KEY);¡
// Now we must to uncrypt the rest of the file
cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, ky);
CipherInputStream ix = new CipherInputStream(new FileInputStream(in), cipher);
FileOutputStream os = new FileOutputStream(out);
copy(ix, os);
ix.close();
os.close();
} catch (Exception ex) {
System.err.println("Ha succeït un error xifrant: " + ex);
}
}
我需要在复制函数中进行哪些修改才能获取前256个字节后的字节数?我尝试了类似的东西,但它不起作用......
// Get the size of the file
long streamLength = inputStream.available();
if (streamLength > Integer.MAX_VALUE) {
// File is too large
}
// Create the byte array to hold the data
byte[] bytes = new byte[1024];
// Read in the bytes
int block_size = 1024;
int offset = 256;
int numRead = 0;
while (offset < (int) streamLength && (numRead = inputStream.read(bytes, offset, block_size)) >= 0) {
offset += numRead;
outputStream.write(bytes, 0 , block_size );
}
答案 0 :(得分:1)
您的解密代码应如下所示:
public static void fileDecryptWrapped(File in, File out, PrivateKey priv)
throws GeneralSecurityException, IOException {
Signature signature = Signature.getInstance("SHA1WITHRSA");
signature.initSign(priv);
signature.update("test".getBytes());
byte[] bufferKey = signature.sign();
// First we must to take the wrapped key in the first bufferKey.length bytes of the file
InputStream is = new FileInputStream(in);
if (is.read(bufferKey) != bufferKey.length) {
is.close();
throw new IllegalStateException("Too short file");
}
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.UNWRAP_MODE, priv);
Key aesKey = cipher.unwrap(bufferKey, "AES", Cipher.SECRET_KEY);
// Now we must to decrypt the rest of the file
cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, aesKey);
CipherInputStream ix = new CipherInputStream(is, cipher);
FileOutputStream os = new FileOutputStream(out);
copy(ix, os);
ix.close();
os.close();
}
请注意,读取密钥后的FileInputStream传递给CipherInputStream而不做任何修改。
我用你的方法看到的问题,加密文件中没有结构。例如,使用非2K RSA密钥将严重失败,因为解密算法总是需要256字节的包装密钥。