2013-12-09 258 views
1

我正在嘗試使用模數和指數爲RSA生成公鑰的應用程序。但是,有一個問題,模數和指數都可能是十六進制值。這是我用於生成密鑰的代碼,標記爲 - <的行是錯誤發生的位置。錯誤:RSA密鑰長度必須至少爲512位?

RSAPublicKeySpec spec = new RSAPublicKeySpec(new BigInteger(1,hexToByte(rsaJSON.publickey_exp)),new BigInteger(1,hexToByte(rsaJSON.publickey_mod))); 
KeyFactory factory = KeyFactory.getInstance("RSA"); 
PublicKey pub = factory.generatePublic(spec); <--- 
Cipher cipher = cipher = Cipher.getInstance("RSA/None/OAEPWithSHA1AndMGF1Padding", "BC"); 
cipher.init(Cipher.ENCRYPT_MODE, pub); 
..... 
String HEXES = "ABCDEF"; 
public static String byteToHex(byte [] raw) { 
    if (raw == null) { 
     return null; 
    } 
    final StringBuilder hex = new StringBuilder(2 * raw.length); 
    for (final byte b : raw) { 
     hex.append(HEXES.charAt((b & 0xF0) >> 4)) 
     .append(HEXES.charAt((b & 0x0F))); 
    } 
    return hex.toString(); 
} 

public static byte[] hexToByte(String hexString){ 
    int len = hexString.length(); 
    byte[] ba = new byte[len/2]; 
    for (int i = 0; i < len; i += 2) { 
     ba[i/2] = (byte) ((Character.digit(hexString.charAt(i), 16) << 4) + Character.digit(hexString.charAt(i+1), 16)); 
    } 
    return ba; 
} 

一個例子模數和指數將被投入這如下:

modulus:"B31F9097CA38B4548D7300A0768F262C58D92B190355E382DACA4B79DA52226758FD8EB23CE29F404433411AC90308BEEED093BA157E03982E587496A15BB47A371C32C6B665FF75D6E900CF28CF679E871FB06FF0E90431E829DBE8EBDF7D5024A2D32F8B0D50C0D592E5D31046DE275F81B106088EBECA434493458DBF2B804BC46EC973E8F47408CC454F03F24933A5B100001B47239B44A52CF6A40670CED35060EB84BD6D0829DF8EC84EC49D784CA8583F353086071604DB2F43FA243A05F031033FFB179D8CB281A814B01F8CCC2EC29196BB136905104E23832FA923185743E18924C4E9772ED094D98643C677DE99EF1E598452728A7AC3DF5A1AB9" 

exponent:"010001"

堆棧跟蹤,在大多數情況下:

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: RSA keys must be at least 512 bits long 
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(Unknown Source) 
at java.security.KeyFactory.generatePublic(Unknown Source) 
    ..... 

我不會假裝我知道爲什麼這個錯誤發生,因爲我的知識才智h RSA加密是有限的。如果有人能幫我弄清楚爲什麼這個錯誤會持續出現,那將非常有幫助:)

回答

0

沒有什麼要「生成」。

(modulus, exponent)元組是公鑰。

例如,我對谷歌的Web服務器的一個證書,如果我跑openssl x509 -in certfile.pem -text,這是輸出的一部分:

Subject Public Key Info: 
     Public Key Algorithm: rsaEncryption 
     RSA Public Key: (1024 bit) 
      Modulus (1024 bit): 
       00:a7:4b:85:b2:80:e5:94:03:6f:ca:4a:e5:6c:a9: 
       71:80:a1:67:f7:b9:46:e8:26:b5:e9:bd:59:4f:7b: 
       dd:1a:50:68:c7:3a:df:73:15:ce:a8:69:00:d4:27: 
       09:a9:cd:e1:d1:6e:2d:c6:a3:e9:3b:d6:aa:94:63: 
       83:1a:64:27:bf:fe:87:90:d4:e6:b8:e4:89:a8:76: 
       23:15:13:e0:27:6b:38:0a:fa:1f:b1:ec:71:0a:ec: 
       34:ff:0d:9c:1c:a7:d6:47:0f:ec:70:6c:2a:6b:89: 
       90:f5:de:58:e9:4e:ae:4d:6f:f0:f1:ca:7d:72:c0: 
       7a:79:94:28:fe:85:01:58:c9 
      Exponent: 65537 (0x10001) 

就是這樣。 RSA公鑰是模數和指數。我認爲你有你需要的東西。

+0

那麼,*然後*什麼*導致異常? – user2864740

+0

對於初學者來說編寫不佳的API。 ;-) – mpontillo

+1

(注意,我並沒有試圖直接回答這個問題;相反,我試圖解決OP對RSA公鑰的理解;另一方面,當你已經「生成」公鑰時看起來反直覺,這是由於API調用創建一個公鑰對象,而不是一行代碼)。 – mpontillo

相關問題