在 BlackBerry 上使用 RSA 加密时出错

发布于 2024-10-20 23:05:12 字数 5250 浏览 6 评论 0原文

我正在尝试在 Blackberry 上使用 RSA 加密及其本机 API。我用 Java 制作了一个公钥/私钥对,并将密钥的模数和指数保存为字符串,以便我可以从中生成密钥以进行加密和解密。以下代码来自客户端,我收到 InvalidKeyException 并且回溯为空,所以我不知道发生了什么:

public byte[] Encrypt(byte[] data)
  {
      try {
            RSACryptoSystem cryptoSystem = new RSACryptoSystem(1024);
            RSAPublicKey publicKey = new RSAPublicKey(cryptoSystem, _publicKeyExponent.getBytes(), _publicKeyModulus.getBytes());
            RSAEncryptorEngine encryptorEngine = new RSAEncryptorEngine(publicKey);

            PKCS5FormatterEngine formatterEngine = new PKCS5FormatterEngine( encryptorEngine );

            ByteArrayOutputStream output = new ByteArrayOutputStream();
            BlockEncryptor encryptor = new BlockEncryptor( formatterEngine, output );

            encryptor.write(data);
            encryptor.close();
            output.close();

            return output.toByteArray();
        } catch (InvalidKeyException e) {
            // TODO Auto-generated catch block
            System.out.println();
            e.printStackTrace();
        } catch (CryptoTokenException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (CryptoUnsupportedOperationException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (UnsupportedCryptoSystemException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
      return null;
  } 

这就是我在服务器端生成密钥的方法:

try {
            keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            keyFactory = KeyFactory.getInstance("RSA");
        } catch (NoSuchAlgorithmException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        }

        keyPair = keyPairGenerator.generateKeyPair();
        publicKey = keyPair.getPublic();
        privateKey = keyPair.getPrivate();

        try {
            publicKeySpec = keyFactory.getKeySpec(publicKey, RSAPublicKeySpec.class);
            privateKeySpec = keyFactory.getKeySpec(privateKey, RSAPrivateKeySpec.class);
        } catch (InvalidKeySpecException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        }

        privateKeyModulus = privateKeySpec.getModulus().toString();
        privateKeyExponent = privateKeySpec.getPrivateExponent().toString();

        publicKeyModulus = publicKeySpec.getModulus().toString();
        publicKeyExponent = publicKeySpec.getPublicExponent().toString();

Any想法?

编辑:我尝试通过在服务器上进行加密和解密来进行简单的测试,当我尝试解密时,我得到一个 IllegalBlockSizeException 这些是我的加密和解密方法(服务器端):

public byte[] Decrypt(byte[] data)
    {
        try {
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            byte[] cipherData = cipher.doFinal(data);
            return cipherData;
        } catch (NoSuchAlgorithmException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch (NoSuchPaddingException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(IllegalBlockSizeException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(InvalidKeyException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(BadPaddingException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        }

        return null;
    }

    public byte[] Encrypt(byte[] data)
    {
        try {
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
            byte[] cipherData = cipher.doFinal(data);
            return cipherData;
        } catch (NoSuchAlgorithmException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch (NoSuchPaddingException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(IllegalBlockSizeException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(InvalidKeyException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(BadPaddingException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        }

        return null;
    }

这是我正在尝试的简单测试:

userName = Base64.encode(encryptorDecryptor.Encrypt(userName.getBytes()));
password = Base64.encode(encryptorDecryptor.Encrypt(password.getBytes()));

userName = new String(encryptorDecryptor.Decrypt(Base64.decode(userName)));
password = new String(encryptorDecryptor.Decrypt(Base64.decode(password)));

I'm trying to use RSA encryption on Blackberry with their native API's. I made a public/private key pair in Java and saved the Modulus and Exponents of the keys as strings so i can generate the keys from this for encryption and decryption. The following code is from the client side and i'm getting a InvalidKeyException and the backtrace is null so I don't know what's happening:

public byte[] Encrypt(byte[] data)
  {
      try {
            RSACryptoSystem cryptoSystem = new RSACryptoSystem(1024);
            RSAPublicKey publicKey = new RSAPublicKey(cryptoSystem, _publicKeyExponent.getBytes(), _publicKeyModulus.getBytes());
            RSAEncryptorEngine encryptorEngine = new RSAEncryptorEngine(publicKey);

            PKCS5FormatterEngine formatterEngine = new PKCS5FormatterEngine( encryptorEngine );

            ByteArrayOutputStream output = new ByteArrayOutputStream();
            BlockEncryptor encryptor = new BlockEncryptor( formatterEngine, output );

            encryptor.write(data);
            encryptor.close();
            output.close();

            return output.toByteArray();
        } catch (InvalidKeyException e) {
            // TODO Auto-generated catch block
            System.out.println();
            e.printStackTrace();
        } catch (CryptoTokenException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (CryptoUnsupportedOperationException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (UnsupportedCryptoSystemException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
      return null;
  } 

And this is what i did server side to generate my keys:

try {
            keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            keyFactory = KeyFactory.getInstance("RSA");
        } catch (NoSuchAlgorithmException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        }

        keyPair = keyPairGenerator.generateKeyPair();
        publicKey = keyPair.getPublic();
        privateKey = keyPair.getPrivate();

        try {
            publicKeySpec = keyFactory.getKeySpec(publicKey, RSAPublicKeySpec.class);
            privateKeySpec = keyFactory.getKeySpec(privateKey, RSAPrivateKeySpec.class);
        } catch (InvalidKeySpecException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        }

        privateKeyModulus = privateKeySpec.getModulus().toString();
        privateKeyExponent = privateKeySpec.getPrivateExponent().toString();

        publicKeyModulus = publicKeySpec.getModulus().toString();
        publicKeyExponent = publicKeySpec.getPublicExponent().toString();

Any ideas?

EDIT: i tried doing a simple test on the server by encrypting and decrypting there and when when I try to decrypt I get a IllegalBlockSizeException these are my encrytion and decryption methods (server side):

public byte[] Decrypt(byte[] data)
    {
        try {
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            byte[] cipherData = cipher.doFinal(data);
            return cipherData;
        } catch (NoSuchAlgorithmException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch (NoSuchPaddingException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(IllegalBlockSizeException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(InvalidKeyException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(BadPaddingException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        }

        return null;
    }

    public byte[] Encrypt(byte[] data)
    {
        try {
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
            byte[] cipherData = cipher.doFinal(data);
            return cipherData;
        } catch (NoSuchAlgorithmException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch (NoSuchPaddingException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(IllegalBlockSizeException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(InvalidKeyException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        } catch(BadPaddingException ex) {
            Logger.getLogger(EncryptorDecryptor.class.getName()).log(Level.SEVERE, null, ex);
        }

        return null;
    }

And this is the simple test i'm trying:

userName = Base64.encode(encryptorDecryptor.Encrypt(userName.getBytes()));
password = Base64.encode(encryptorDecryptor.Encrypt(password.getBytes()));

userName = new String(encryptorDecryptor.Decrypt(Base64.decode(userName)));
password = new String(encryptorDecryptor.Decrypt(Base64.decode(password)));

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

氛圍 2024-10-27 23:05:12
  1. 使用 String 作为任意随机字节的容器是一个错误,例如 userName = new String(encryptorDecryptor.Encrypt(userName.getBytes()));
    是错误的。
  2. 我不熟悉 Blackberry 的 Java API,但通常无法使用 RSA 加密多个块,
  3. 数组上的 toString() 方法(例如 publicKeySpec.getModulus().toString())不会返回任何有用的东西。只需查看数据您就应该能够弄清楚这一点。这实际上是一个java初学者的错误,而不是一个密码学问题。
  4. 不要对 String 构造函数和 String.getBytes() 方法使用默认字符集。始终指定字符集,通常“UTF-8”是完美的。

这就是我的耐心。

  1. It is a bug to use String as a container for arbitrary random bytes, e.g. userName = new String(encryptorDecryptor.Encrypt(userName.getBytes()));
    is wrong.
  2. I'm not familiar with Blackberry's Java API but in usually you cannot encrypt more than one block with RSA
  3. the toString() methods on arrays (e.g. publicKeySpec.getModulus().toString()) don't return anything useful. You should be able to figure this out just by looking at the data. This is really a beginner java mistake more than a cryptography issue.
  4. Don't using the default character set for the String constructor and String.getBytes() methods. Always specify a character set, usually "UTF-8" is perfect.

That's all I had the patience for.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文