1. 問題
今天在寫一段RSA加解密的代碼挎春,代碼本身不復(fù)雜。
private static final String RSA = "RSA";
private static final String UTF8 = "UTF-8";
private static final String KEY_STORE = "PKCS12";
private static final String X509 = "X.509";
private static final int MAX_ENCRYPT_BLOCK = 117;
private static final int MAX_DECRYPT_BLOCK = 128;
public static byte[] encryptToBase64(byte[] originalContent, Key key) throws NoSuchPaddingException,
NoSuchAlgorithmException, InvalidKeyException, IOException, BadPaddingException, IllegalBlockSizeException {
Cipher cipher = Cipher.getInstance(key.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, key);
//cipher一次能加密的長度有限制豆拨,因此需要分段加密
byte[] originalBytes = originalContent;
int totalLength = originalBytes.length;
int offset = 0;
ByteArrayOutputStream resultStream = new ByteArrayOutputStream();
while (totalLength > offset) {
byte[] encryptedBlock = cipher.doFinal(
originalBytes, offset, Math.min(totalLength - offset, RSAUtils.MAX_ENCRYPT_BLOCK));
resultStream.write(encryptedBlock);
offset = offset + RSAUtils.MAX_ENCRYPT_BLOCK;
}
byte[] encryptedContent = resultStream.toByteArray();
return encryptedContent;
}
public static byte[] decryptFromBase64(byte[] encryptedContent, Key key) throws NoSuchPaddingException,
NoSuchAlgorithmException, InvalidKeyException, IOException, BadPaddingException, IllegalBlockSizeException {
Cipher cipher = Cipher.getInstance(key.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, key);
//cipher一次能解密的長度有限制直奋,因此需要分段解密
byte[] encryptedBytes = encryptedContent;
int totalLength = encryptedBytes.length;
int offset = 0;
ByteArrayOutputStream resultStream = new ByteArrayOutputStream();
while (totalLength > offset) {
int blockLength = Math.min(totalLength - offset, RSAUtils.MAX_DECRYPT_BLOCK);
byte[] decryptedBlock = cipher.doFinal(encryptedBytes, offset, blockLength);
resultStream.write(decryptedBlock);
offset = offset + RSAUtils.MAX_DECRYPT_BLOCK;
}
resultStream.close();
byte[] originalContent = resultStream.toByteArray();
return originalContent;
}
但是在執(zhí)行單元測試的時候,總是報(bào)如下的錯誤
javax.crypto.BadPaddingException: Decryption error
at sun.security.rsa.RSAPadding.unpadV15(RSAPadding.java:379)
at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:290)
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:365)
at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:391)
at javax.crypto.Cipher.doFinal(Cipher.java:2226)
at wang.afrag.base.util.RSAUtils.decryptFromBase64(RSAUtils.java:72)
at wang.afrag.base.util.RSAUtilsTest.testEncrypt(RSAUtilsTest.java:86)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:686)
at org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:131)
at org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:149)
at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:140)
at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:84)
at org.junit.jupiter.engine.execution.ExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(ExecutableInvoker.java:115)
at org.junit.jupiter.engine.execution.ExecutableInvoker.lambda$invoke$0(ExecutableInvoker.java:105)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:106)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:64)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:45)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:37)
at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:104)
at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:98)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$6(TestMethodTestDescriptor.java:212)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:208)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:137)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:71)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:135)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$7(NodeTestTask.java:125)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:135)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:123)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:122)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:80)
at java.util.ArrayList.forEach(ArrayList.java:1259)
at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:38)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:139)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$7(NodeTestTask.java:125)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:135)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:123)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:122)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:80)
at java.util.ArrayList.forEach(ArrayList.java:1259)
at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:38)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:139)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$7(NodeTestTask.java:125)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:135)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:123)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:122)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:80)
at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.submit(SameThreadHierarchicalTestExecutorService.java:32)
at org.junit.platform.engine.support.hierarchical.HierarchicalTestExecutor.execute(HierarchicalTestExecutor.java:57)
at org.junit.platform.engine.support.hierarchical.HierarchicalTestEngine.execute(HierarchicalTestEngine.java:51)
at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:248)
at org.junit.platform.launcher.core.DefaultLauncher.lambda$execute$5(DefaultLauncher.java:211)
at org.junit.platform.launcher.core.DefaultLauncher.withInterceptedStreams(DefaultLauncher.java:226)
at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:199)
at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:132)
at com.intellij.junit5.JUnit5IdeaTestRunner.startRunnerWithArgs(JUnit5IdeaTestRunner.java:71)
at com.intellij.rt.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:33)
at com.intellij.rt.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:220)
at com.intellij.rt.junit.JUnitStarter.main(JUnitStarter.java:53)
2. 解決的方法
經(jīng)過一番折騰施禾,總算是找到了原因脚线,在這里記錄下來。
主要的原因在于加密和解密是的block size弥搞,也就是 MAX_ENCRYPT_BLOCK 和 MAX_DECRYPT_BLOCK 這兩個常量的值邮绿。這兩個值必須和使用的密鑰的長度匹配渠旁。 我使用的密鑰是2048 bit的密鑰,因此這兩個值設(shè)置的長度分別應(yīng)該分別設(shè)置為245和256船逮。
3. 根本的原因
在進(jìn)行RSA加密的時候顾腊,必須考慮密鑰長度,明文長度和密文長度挖胃。
3.1 密鑰及密鑰長度
在RSA中杂靶,我們常說的密鑰,其實(shí)指的是 (公鑰 + 模值)冠骄、或(私鑰 + 模值)中的一組伪煤。 這一組中的數(shù)據(jù)是需要配合起來使用的。
我們所說的密鑰長度凛辣,指的是模值的位長度抱既。目前主流的密鑰長度是在1024bit以上,上不封頂扁誓。
3.2 加解密數(shù)據(jù)塊的長度
由于密鑰的長度是有限的防泵,因此一次能夠加/解密的長度也是有限的,和密鑰的長度是相同的蝗敢。但是要注意到捷泞,我們所說的密鑰長度,單位是bit寿谴。但是我們在計(jì)算明文或者密文的長度的時候锁右,通常單位是byte,因此要除以8讶泰。比如我用的密鑰長度是2048咏瑟,除以8之后為256, 因此我一次能夠加密或者解密的數(shù)據(jù)的最大長度是256個byte痪署。如果需要加密或者解密的數(shù)據(jù)多于這個值怎么辦码泞?答案是分塊處理,前面代碼中就是這樣處理的狼犯。
那為什么加密的數(shù)據(jù)塊大小和解密的數(shù)據(jù)塊大小不一致呢余寥?因?yàn)樵诩用艿臅r候,我們需要在明文中填充一些隨機(jī)數(shù)悯森,這樣每次產(chǎn)生的密文都會發(fā)生變化宋舷,這個過程稱為padding。在加密的過程中瓢姻,有各種各樣的padding標(biāo)準(zhǔn)肥缔,在前面的代碼中,采用的是默認(rèn)的PKCS1Padding標(biāo)準(zhǔn)汹来,這個標(biāo)準(zhǔn)中生成的隨機(jī)數(shù)要占用11個字節(jié)续膳,因此明文最長只能取245個字節(jié),合起來是256個字節(jié)收班。
4 其他
在RSA中坟岔,還有很多其他的Padding類型,例如使用OAEP算法的OAEPWITHSHA-256ANDMGF1PADDING等摔桦,這些Padding對應(yīng)的密文長度社付,就需要各位自己去發(fā)現(xiàn)了……
