我試圖解密使用AES-128對稱加密,然後使用RSA-1024對生成的對稱密鑰進行非對稱加密的消息。我收到加密的AES密鑰和加密的消息,從pfx文件中提取私鑰,然後繼續解密對稱密鑰。之後,我嘗試使用解密的AES密鑰來解密加密的消息。RSA解密後AES密鑰大小無效
以下是我的代碼:
// Get the private key
PrivateKey privateKey = (PrivateKey) keyStore.getKey(selectedAlias, "password".toCharArray());
System.out.println("Key information " + privateKey.getAlgorithm() + " " + privateKey.getFormat());
// Load aesSessionKey and encryptedMessage
byte[] aesSessionKey = ...
byte[] encryptedMessage = ...
// RSA Decryption of Encrypted Symmetric AES key - 128 bits
Cipher rsaCipher = Cipher.getInstance("RSA", "BC");
rsaCipher.init(Cipher.UNWRAP_MODE, privateKey);
Key decryptedKey = rsaCipher.unwrap(aesSessionKey, "AES", Cipher.SECRET_KEY);
System.out.println("Decrypted Key Length: " + decryptedKey.getEncoded().length);
SecretKeySpec decrypskeySpec = new SecretKeySpec(decryptedKey.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING", "BC");
cipher.init(Cipher.DECRYPT_MODE, decryptedKey, new IvParameterSpec(new byte[16]));
byte[] message = cipher.doFinal(encryptedMessage);
System.out.println(new String(message, "UTF-8"));
的問題是,解密的AES密鑰的大小爲128個字節,而不是16個字節爲我所期待的。我收到以下例外情況:
Key information RSA PKCS#8
Decrypted Key Length: 128
java.security.InvalidKeyException: Key length not 128/192/256 bits.
at org.bouncycastle.jce.provider.JCEBlockCipher.engineInit(Unknown Source)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at com.simarks.services.PKCS12.run(PKCS12.java:74)
at com.simarks.services.PKCS12.main(PKCS12.java:34)
我是Java密碼學新手。我檢查了很多其他問題,並嘗試了幾種不同的方法(例如使用DECRYPT_MODE而不是UNWRAP_MODE),但我得到相同的錯誤。任何幫助都感激不盡。
編輯: 客戶代碼加密消息是這樣的:
PBYTE pInputData = NULL;
DWORD dwInputSize = 0;
PBYTE pCertData = NULL;
DWORD dwCertSize = 0;
PCCERT_CONTEXT pCertContext = NULL;
HCRYPTPROV hCryptProv = NULL;
HCRYPTKEY hPublicKey = NULL;
HCRYPTKEY hSessionKey = NULL;
BYTE InitializationVector[ 32 ] = { 0 };
DWORD PKCS5Padding = PKCS5_PADDING;
DWORD CBCMode = CRYPT_MODE_CBC;
PSIMPLEBLOB pKeyBlob = NULL;
DWORD dwBlobSize = 0;
DWORD dwKeySize = 0;
PBYTE pEncryptedData = NULL;
DWORD dwEncryptedDataSize = 0;
HRESULT hr = S_FALSE;
if(FAILED(hr = ReadBinaryFile(InputFile, &pInputData, &dwInputSize))) goto EncryptExit;
if(FAILED(hr = ReadBinaryFile(CertFile, &pCertData, &dwCertSize))) goto EncryptExit;
if((pCertContext = CertCreateCertificateContext(PKCS_7_ASN_ENCODING | X509_ASN_ENCODING, pCertData, dwCertSize)) == NULL) goto EncryptExit;
if(!CryptAcquireContext(&hCryptProv, NULL, GetMsAesProviderName(), PROV_RSA_AES, 0)) goto EncryptExit;
if(!CryptImportPublicKeyInfo(hCryptProv, PKCS_7_ASN_ENCODING | X509_ASN_ENCODING, &pCertContext->pCertInfo->SubjectPublicKeyInfo, &hPublicKey)) goto EncryptExit;
if(!CryptGenKey(hCryptProv, AlgId, CRYPT_EXPORTABLE, &hSessionKey)) goto EncryptExit;
if(!CryptSetKeyParam(hSessionKey, KP_IV, InitializationVector, 0)) goto EncryptExit;
if(!CryptSetKeyParam(hSessionKey, KP_PADDING, (PBYTE)&PKCS5Padding, 0)) goto EncryptExit;
if(!CryptSetKeyParam(hSessionKey, KP_MODE, (PBYTE)&CBCMode, 0)) goto EncryptExit;
if(!CryptExportKey(hSessionKey, hPublicKey, SIMPLEBLOB, 0, NULL, &dwBlobSize)) goto EncryptExit;
if((pKeyBlob = (PSIMPLEBLOB)malloc(dwBlobSize)) == NULL) { hr = E_OUTOFMEMORY; goto EncryptExit; }
if(!CryptExportKey(hSessionKey, hPublicKey, SIMPLEBLOB, 0, (PBYTE)pKeyBlob, &dwBlobSize)) goto EncryptExit;
dwKeySize = dwBlobSize - sizeof(BLOBHEADER) - sizeof(ALG_ID);
dwEncryptedDataSize = dwInputSize;
if(!CryptEncrypt(hSessionKey, NULL, TRUE, 0, NULL, &dwEncryptedDataSize, 0)) goto EncryptExit;
if((pEncryptedData = (PBYTE)malloc(dwEncryptedDataSize)) == NULL) { hr = E_OUTOFMEMORY; goto EncryptExit; }
CopyMemory(pEncryptedData, pInputData, dwInputSize);
if(!CryptEncrypt(hSessionKey, NULL, TRUE, 0, pEncryptedData, &dwInputSize, dwEncryptedDataSize)) goto EncryptExit;
if(FAILED(hr = WriteBinaryFile(OutputFile, pEncryptedData, dwInputSize))) goto EncryptExit;
hr = WriteBinaryFile(KeyFile, pKeyBlob->Key, dwKeySize);
EncryptExit:
你能嘗試解密使用'Cipher.getInstance( 「RSA/ECB/PKCS1Padding」 「BC」)'而不是使用'「RSA」'的默認值?對於這種功能,您也可以嘗試使用默認的Oracle提供程序(因此請嘗試刪除「BC」參數。同時打印返回的鍵的類型。 –
使用安全填充,最好使用OAEP而不使用PKCS #1v1.5對於RSA的安全至關重要,你真的應該修復填充 – CodesInChaos