問(wèn)題描述
我正在做一個(gè)簡(jiǎn)單的程序來(lái)使用 Java 中的 RSA 算法進(jìn)行加密/解密.我創(chuàng)建一個(gè)密碼對(duì)象如下:
I am doing a simple program to encrypt/decrypt using RSA algorithm in Java. I create a cipher object as follows:
//Create a Cipher object
Cipher rsaCipher = Cipher.getInstance("RSA/ECB/NoPadding");
我通過(guò)調(diào)用 encrypt 函數(shù)進(jìn)行加密:
I do the encryption by calling the encrypt function:
String cipher=encrypt(textByte, pair, rsaCipher);
System.out.println("The Encryption using RSA Algorithm : "+cipher);
而解密為:
//Decryption
String plain=decrypt(Base64.decodeBase64(cipher),pair, rsaCipher);
System.out.println("The Decryption using RSA Algorithm : "+plain);
當(dāng)我顯示輸出時(shí),解密輸出在原文前返回一個(gè)長(zhǎng)空格:
When I display the output, the decryption output returns a long space before the original text:
但是,當(dāng)我將用于創(chuàng)建 Cipher 對(duì)象的代碼編輯為://創(chuàng)建一個(gè)密碼對(duì)象密碼rsaCipher = Cipher.getInstance("RSA");
However, when I edit the code for creating the Cipher object to be: //Create a Cipher object Cipher rsaCipher = Cipher.getInstance("RSA");
即刪除操作模式和填充參數(shù),問(wèn)題得到解決,輸出變?yōu)?
i.e, removed the operation mode and padding arguments, the problem get resolved and the output becomes:
問(wèn)題出在哪里.在第一種情況下(出現(xiàn)空格時(shí)),我指定了 NoPadding?為什么空格會(huì)出現(xiàn)在解密的消息中?即使我使用了填充,我希望這不應(yīng)該發(fā)生.
Where is the problem. In the first case (when the space appears), I specified NoPadding? Why the spaces appears in the decrypted message ? Even if I used padding, I expect this should not happen.
這是加密和解密方法:
public static String encrypt(byte[] textBytes, KeyPair pair, Cipher rsaCipher) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException
{
//get the public key
PublicKey pk=pair.getPublic();
//Initialize the cipher for encryption. Use the public key.
rsaCipher.init(Cipher.ENCRYPT_MODE, pk);
//Perform the encryption using doFinal
byte[] encByte = rsaCipher.doFinal(textBytes);
// converts to base64 for easier display.
byte[] base64Cipher = Base64.encodeBase64(encByte);
return new String(base64Cipher);
}//end encrypt
public static String decrypt(byte[] cipherBytes, KeyPair pair, Cipher rsaCipher) throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException
{
//get the public key
PrivateKey pvk=pair.getPrivate();
//Create a Cipher object
//Cipher rsaCipher = Cipher.getInstance("RSA/ECB/NoPadding");
//Initialize the cipher for encryption. Use the public key.
rsaCipher.init(Cipher.DECRYPT_MODE, pvk);
//Perform the encryption using doFinal
byte[] decByte = rsaCipher.doFinal(cipherBytes);
return new String(decByte);
}//end decrypt
推薦答案
你的問(wèn)題確實(shí)出在padding上.安全 RSA 功能需要某種填充,無(wú)論是 PKCS#1 1.5 還是實(shí)踐中的 OAEP 填充.此外,還需要找到加密明文的開(kāi)頭和結(jié)尾.
Your problem is indeed with the padding. Some kind of padding, either PKCS#1 1.5 or OAEP padding in practice, is required for secure RSA functionality. Furthermore, it is required to find the start and end of the encrypted plain text.
RSA 的模冪運(yùn)算是使用大整數(shù)執(zhí)行的.然后將這些操作的結(jié)果表示為八位字節(jié)字符串.這些八位字節(jié)字符串基本上是整數(shù)的大端、無(wú)符號(hào)、固定長(zhǎng)度表示.這些整數(shù)用 00 值字節(jié)填充(這在 RSA 標(biāo)準(zhǔn)中稱為 I2OS 原語(yǔ)).所以你看到的是模冪運(yùn)算的結(jié)果,00 填充仍然存在.
The modular exponentiation of RSA is performed using large integers. The results of these operations are then represented as octet strings. These octet strings are basically big endian, unsigned, fixed length representation of an integer. These integers are left padded with 00 valued bytes (this is called the I2OS primitive in the RSA standard). So what you are seeing is the result of the modular exponentiation, with the 00 padding still in place.
長(zhǎng)話短說(shuō),始終使用填充方案.如今,OAEP 將更可取.與混合加密方案一起使用,或使用更高級(jí)別的容器格式,例如 CMS 或 PGP.
Long story short, always use a padding scheme. Nowadays, OAEP would be preferable. Use it together with hybrid encryption scheme, or use a higher level container format such as CMS or PGP.
這篇關(guān)于使用 Java 進(jìn)行 RSA 加密/解密的文章就介紹到這了,希望我們推薦的答案對(duì)大家有所幫助,也希望大家多多支持html5模板網(wǎng)!