Java卡:使用RSA的数据加密/解密
我想使用Java卡技术创建一个小程序,以使用RSA加密和解密字符串。目前,我正在尝试使用其Cref Simulator(具有Java卡v3.1.0)在Oracle IDE中进行操作,但是之后,我想在我的智能卡NXP J3H145上尝试它,该智能卡NXP J3H145上有Java card v3.0.4 on它。在构造函数中,我已经设置了这样的阶段:
short KeySize=(short)64;
RSA_PRIV_KEY_EXP=JCSystem.makeTransientByteArray((byte) KeySize, JCSystem.CLEAR_ON_RESET);
RSA_PUB_KEY_EXP=JCSystem.makeTransientByteArray((byte) KeySize, JCSystem.CLEAR_ON_RESET);
RSA_PUB_PRIV_KEY_MOD=JCSystem.makeTransientByteArray((byte) KeySize, JCSystem.CLEAR_ON_RESET);
for (short i=0;i<KeySize;i++) {
RSA_PRIV_KEY_EXP[i]=1;
RSA_PUB_KEY_EXP[i]=1;
RSA_PUB_PRIV_KEY_MOD[i]=1;
}
pair=new KeyPair(KeyPair.ALG_RSA,KeyBuilder.LENGTH_RSA_2048);
RSAPublicKey pubKey=(RSAPublicKey)pair.getPublic();
RSAPrivateKey privKey=(RSAPrivateKey)pair.getPrivate();
pubKey.setExponent(RSA_PUB_KEY_EXP, (short) 0, (short) RSA_PUB_KEY_EXP.length);
pubKey.setModulus(RSA_PUB_PRIV_KEY_MOD, (short) 0, (short) RSA_PUB_PRIV_KEY_MOD.length);
privKey.setExponent(RSA_PRIV_KEY_EXP, (short) 0, (short) RSA_PRIV_KEY_EXP.length);
privKey.setModulus(RSA_PUB_PRIV_KEY_MOD, (short) 0, (short) RSA_PUB_PRIV_KEY_MOD.length);
pair.genKeyPair();
Cipher cip=Cipher.getInstance(Cipher.ALG_RSA_PKCS1_OAEP, false);
然后,我的加密方法看起来像这样,并且可以正常工作:
private void encrypt(APDU apdu) {
byte[] buffer=apdu.getBuffer();
short lc=buffer[ISO7816.OFFSET_LC];
RSAPublicKey pub=(RSAPublicKey) pair.getPublic();
cip.init(pub, Cipher.MODE_ENCRYPT);
byte[] temp=new byte[2048];
short cipLen = cip.doFinal(buffer, (short)ISO7816.OFFSET_CDATA, lc, temp, (short) 0);
apdu.setOutgoing();
apdu.setOutgoingLength((short)cipLen);
apdu.sendBytesLong(temp, (short) 0, (short)cipLen);
}
例如,如果我尝试将三个字节“ 1 2 3”发送到加密方法,它将对其进行加密并返回阵列为63个字节。现在,我想将该数组传递给我的解密方法,并将我的原始字符串接收回。我的解密方法看起来像这样:
private void decrypt(APDU apdu) {
try {
byte[] buffer=apdu.getBuffer();
short lc=buffer[ISO7816.OFFSET_LC];
RSAPrivateKey priv=(RSAPrivateKey)pair.getPrivate();
cip.init(priv, Cipher.MODE_DECRYPT);
byte[] temp=new byte[2048];
short cipLen = cip.doFinal(buffer, (short)ISO7816.OFFSET_CDATA, lc, temp, (short) 0);
apdu.setOutgoing();
apdu.setOutgoingLength((short)cipLen);
apdu.sendBytesLong(temp, (short) 0, (short)cipLen);
}
catch (CryptoException e) {
short a=e.getReason();
}
}
在这里,“ dofinal”方法调用带有推理代码5的加密置信。这样的smth。我怀疑也许我在构造函数上写了一些错误,在最后一行中,我称之为密码的“ getinstance”方法。但是,我已经尝试使用多种参数为此方法而不是alg_rsa_pkcs1_oaep(我还尝试通过两个参数 - 一个用于密码算法的参数,一个用于填充算法 - 但迄今为止什么都没有
。就像一个简单的问题 - 仅加密和解密数据并接收原始输入 - 但是我什至没有设法找到任何如何完成的示例,我花了很多时间在此错误上...可以任何人都指出了一个例外的问题,以及如何摆脱它?
I want to create an Applet using the Java Card technology for encrypting and decrypting strings with RSA. Currently, I'm trying to do it within the Oracle IDE using its CREF simulator (having Java Card v3.1.0), but afterwards I'd like to try it on my smart card NXP J3H145 which has the Java Card v3.0.4 on it. In the constructor, I've set the stage like this:
short KeySize=(short)64;
RSA_PRIV_KEY_EXP=JCSystem.makeTransientByteArray((byte) KeySize, JCSystem.CLEAR_ON_RESET);
RSA_PUB_KEY_EXP=JCSystem.makeTransientByteArray((byte) KeySize, JCSystem.CLEAR_ON_RESET);
RSA_PUB_PRIV_KEY_MOD=JCSystem.makeTransientByteArray((byte) KeySize, JCSystem.CLEAR_ON_RESET);
for (short i=0;i<KeySize;i++) {
RSA_PRIV_KEY_EXP[i]=1;
RSA_PUB_KEY_EXP[i]=1;
RSA_PUB_PRIV_KEY_MOD[i]=1;
}
pair=new KeyPair(KeyPair.ALG_RSA,KeyBuilder.LENGTH_RSA_2048);
RSAPublicKey pubKey=(RSAPublicKey)pair.getPublic();
RSAPrivateKey privKey=(RSAPrivateKey)pair.getPrivate();
pubKey.setExponent(RSA_PUB_KEY_EXP, (short) 0, (short) RSA_PUB_KEY_EXP.length);
pubKey.setModulus(RSA_PUB_PRIV_KEY_MOD, (short) 0, (short) RSA_PUB_PRIV_KEY_MOD.length);
privKey.setExponent(RSA_PRIV_KEY_EXP, (short) 0, (short) RSA_PRIV_KEY_EXP.length);
privKey.setModulus(RSA_PUB_PRIV_KEY_MOD, (short) 0, (short) RSA_PUB_PRIV_KEY_MOD.length);
pair.genKeyPair();
Cipher cip=Cipher.getInstance(Cipher.ALG_RSA_PKCS1_OAEP, false);
Then, my encryption method looks like this and works fine:
private void encrypt(APDU apdu) {
byte[] buffer=apdu.getBuffer();
short lc=buffer[ISO7816.OFFSET_LC];
RSAPublicKey pub=(RSAPublicKey) pair.getPublic();
cip.init(pub, Cipher.MODE_ENCRYPT);
byte[] temp=new byte[2048];
short cipLen = cip.doFinal(buffer, (short)ISO7816.OFFSET_CDATA, lc, temp, (short) 0);
apdu.setOutgoing();
apdu.setOutgoingLength((short)cipLen);
apdu.sendBytesLong(temp, (short) 0, (short)cipLen);
}
For example, if I try to send three bytes "1 2 3" to the encryption method, it encrypts them and returns an array of 63 bytes. Now, I would like to pass that array to my decryption method and to receive my original string back. My decryption method looks like this:
private void decrypt(APDU apdu) {
try {
byte[] buffer=apdu.getBuffer();
short lc=buffer[ISO7816.OFFSET_LC];
RSAPrivateKey priv=(RSAPrivateKey)pair.getPrivate();
cip.init(priv, Cipher.MODE_DECRYPT);
byte[] temp=new byte[2048];
short cipLen = cip.doFinal(buffer, (short)ISO7816.OFFSET_CDATA, lc, temp, (short) 0);
apdu.setOutgoing();
apdu.setOutgoingLength((short)cipLen);
apdu.sendBytesLong(temp, (short) 0, (short)cipLen);
}
catch (CryptoException e) {
short a=e.getReason();
}
}
Here, the "doFinal" method call throws a CryptoException with the reason code 5. I have found that the reason code 5 means there is some kind of problem with the padding algorithm or the padding of input data or smth like this. I suspect that perhaps I've written something wrong in the constructor, in the final line where I call the "getInstance" method of my Cipher. However, I've tried using various kinds of parameters for this method instead of ALG_RSA_PKCS1_OAEP (I've also tried to pass two parameters - one for the cipher algorithm and one for the padding algorithm -, but nothing has worked so far.
It seems like a simple problem - just to encrypt and decrypt data and to receive the original input -, but I have not managed to even find any examples of how it could be done and I've spent so much time on this error... Can anyone point me to the problem with the exception and to how to get rid of it? I don't even care about the particular length of the keys or of the encrypted string, I just want one solution that works.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论