无法解密Forge加密数据

时间:2016-01-28 11:32:51

标签: java node.js openssl rsa pkcs#1

我用它来创建私钥并加密:

var forge = require('node-forge');
var fs = require('fs');

var bytes = forge.random.getBytesSync(16);
console.log("random plaintext", forge.util.bytesToHex(bytes));
var keypair = forge.pki.rsa.generateKeyPair({bits: 2048, e: 17});
var encrypted = keypair.publicKey.encrypt(bytes, 'RSA-OAEP', {
  md: forge.md.sha256.create(),
  mgf1: {
    md: forge.md.sha1.create()
  }
});

console.log("ciphertext", forge.util.bytesToHex(encrypted));
fs.writeFileSync('ciphertext', encrypted);

var pem = forge.pki.privateKeyToPem(keypair.privateKey);
fs.writeFileSync('prikey.pem', pem);
console.log("private key", forge.util.bytesToHex(pem));

然后我尝试使用以下任一方式解密:

public class CryptoTest {
    public static void main(String[] args) throws Exception {
        PEMParser parser = new PEMParser(new FileReader("/tmp/prikey.pem"));
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        JcaPEMKeyConverter   converter = new JcaPEMKeyConverter().setProvider("BC");
        KeyPair kp = converter.getKeyPair((PEMKeyPair) parser.readObject());
        RSAPublicKey pubkey = (RSAPublicKey) kp.getPublic();
        RSAPrivateKey privkey = (RSAPrivateKey) kp.getPrivate();

        byte[] ct = Files.readAllBytes(Paths.get("/tmp/ciphertext"));

        Cipher oaepFromInit = Cipher.getInstance("RSA/ECB/OAEPPadding");
        OAEPParameterSpec oaepParams = new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSpecified.DEFAULT);
        oaepFromInit.init(Cipher.DECRYPT_MODE, privkey, oaepParams);
        byte[] pt = oaepFromInit.doFinal(ct);
    }

}

openssl rsautl -decrypt -inkey prikey.pem -oaep -in ciphertext -out plaintext

Java代码抛出错误:

Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: too much data for RSA block
    at org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi.engineDoFinal(Unknown Source)
    at javax.crypto.Cipher.doFinal(Cipher.java:1966)
    at cryptotest.CryptoTest.main(CryptoTest.java:47)

和OpenSSL说:

RSA operation error
140258189264528:error:0406506C:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data greater than mod len:rsa_eay.c:518:

可能是什么问题?

1 个答案:

答案 0 :(得分:1)

必须将编码消息保留为二进制编码:

fs.writeFileSync('ciphertext', encrypted, {encoding: 'binary'});