RSA与RSA解密AES密钥偶尔会出现无效的密钥长度错误

发布于 2025-01-20 16:41:58 字数 1981 浏览 3 评论 0 原文

我们通过Java中的RSA方法在客户端（又称Android手机）上对AES密钥进行加密。

class Encryptor {
    private static String RSA_ALGORITHM = "RSA/ECB/PKCS1Padding";

    public Init() {
        this.rsaEncCipher = Cipher.gtInstance(RSA_ALGORITHM);
        this.rsaEncCipher.init(Cipher.ENCRYPT_MODE, public_key)
    }

    public byte[] rsaPublicEncrypt(byte[] content) {
        try {
            return this.rsaEncCipher.doFinal(content);
        } catch(Exception a) {
            //
        }
    }
}


JsonObject json = new JsonObject();

byte[] key = new byte[16];
random.nextBytes(key);

byte[] encryptedContent = encryptor.aesEncrypt(key, content.getBytes())
byte[] encryptedKey = encryptor.rsaPublicEncrypt(key);

json.addProperty("key", Base64.encodeToString(encryptedKey, Base64.DEFAULT));
json.addProperty("content", Base64.encodeToString(encryptedContent, Base64.DEFAULT));

并在服务器端的node.js中使用rsa解密AES密钥，

function  decryptAes(key, cipherContent) {
    var decipher = crypto.createDecipheriv("AES-128-CBC", key, "AndroidAESEncrypt");
    let plainText = decipher.update(cipherContent, 'base64', 'utf8');
    return plainText += decipher.final('utf8');
}

function descrypt(key, content) {
    const contentBuffer = buffer.from(key, 'base64');
    const keyBuffer = Buffer.from(key, 'base64');
    const aesKey = crypto.privateDecrypt({
                    key: privateKey,
                    padding: crypto.constants.RSA_PKCS1_PADDING
                }, keyBuffer);;

    console.log(aesKey.length)

    const rawContent = decryptAes(aesKey, contentBuffer).toString('base64')
}

大多数时候，加密/解密机制效果很好， aeskey 的长度是16。有时，我们遇到了错误无效的密钥长度来自AES解密， aeskey 的长度为32。我们尝试使用 contentbuffer 使用 aeskey的第一个字节解密 contentbuffer 其长度为32，函数 degptaes 效果很好。太奇怪了。

有没有人遇到过同样奇怪的问题？

原文

We encrypt the AES key through RSA method in Java on the client-side, aka android mobile phone.

class Encryptor {
    private static String RSA_ALGORITHM = "RSA/ECB/PKCS1Padding";

    public Init() {
        this.rsaEncCipher = Cipher.gtInstance(RSA_ALGORITHM);
        this.rsaEncCipher.init(Cipher.ENCRYPT_MODE, public_key)
    }

    public byte[] rsaPublicEncrypt(byte[] content) {
        try {
            return this.rsaEncCipher.doFinal(content);
        } catch(Exception a) {
            //
        }
    }
}


JsonObject json = new JsonObject();

byte[] key = new byte[16];
random.nextBytes(key);

byte[] encryptedContent = encryptor.aesEncrypt(key, content.getBytes())
byte[] encryptedKey = encryptor.rsaPublicEncrypt(key);

json.addProperty("key", Base64.encodeToString(encryptedKey, Base64.DEFAULT));
json.addProperty("content", Base64.encodeToString(encryptedContent, Base64.DEFAULT));

And decrypted the AES key with RSA in Node.js on the server side

function  decryptAes(key, cipherContent) {
    var decipher = crypto.createDecipheriv("AES-128-CBC", key, "AndroidAESEncrypt");
    let plainText = decipher.update(cipherContent, 'base64', 'utf8');
    return plainText += decipher.final('utf8');
}

function descrypt(key, content) {
    const contentBuffer = buffer.from(key, 'base64');
    const keyBuffer = Buffer.from(key, 'base64');
    const aesKey = crypto.privateDecrypt({
                    key: privateKey,
                    padding: crypto.constants.RSA_PKCS1_PADDING
                }, keyBuffer);;

    console.log(aesKey.length)

    const rawContent = decryptAes(aesKey, contentBuffer).toString('base64')
}

Most of the time, the encrypt/decrypt mechanism works well and the length of aesKey is 16. Occasionally, we met the error invalid key length from AES decrypt, and the length of aesKey is 32. We try to decrypt the contentBuffer with the first 16 bytes of aesKey whose length is 32, the function decryptAes works well. It is so weird.

Is there anyone who met the same weird issue before?

分享到QQ

分享到微博