RSA加密字符串长于密钥
[英]RSA Encrypt String longer than key
问题描述
Hei Guys, 
大家好
i'm encryping Strings with JS and a Public Key. 我正在用JS和公共密钥加密字符串。 I use the JSBN code but the problem is in creating a BigInt. 我使用了JSBN代码,但问题出在创建BigInt中。
RSA.js does: RSA.js可以:
// Copyright (c) 2005 Tom Wu
var m = pkcs1pad2(text,(this.n.bitLength()+7)>>3); // getting the Bigint
if(m == null) return null; // nullcheck
var c = this.doPublic(m); // encrypting the BigInt
The problem is in "pkcs1pad2". 问题出在“ pkcs1pad2”中。 The function has a check, if the text is longer den the BitLength of the key. 该函数会检查文本是否在键的BitLength中更长。 If so, return, else create a BigInt. 如果是这样,则返回,否则创建一个BigInt。
// Copyright (c) 2005 Tom Wu
if(n < s.length + 11) { // TODO: fix for utf-8
alert("Message too long for RSA");
return null;
}
var ba = new Array();
var i = s.length - 1;
while(i >= 0 && n > 0) {
var c = s.charCodeAt(i--);
if(c < 128) { // encode using utf-8
ba[--n] = c;
} else if((c > 127) && (c < 2048)) {
ba[--n] = (c & 63) | 128;
ba[--n] = (c >> 6) | 192;
} else {
ba[--n] = (c & 63) | 128;
ba[--n] = ((c >> 6) & 63) | 128;
ba[--n] = (c >> 12) | 224;
}
}
ba[--n] = 0;
var rng = new SecureRandom();
var x = new Array();
while(n > 2) { // random non-zero pad
x[0] = 0;
while(x[0] == 0) rng.nextBytes(x);
ba[--n] = x[0];
}
ba[--n] = 2;
ba[--n] = 0;
return new BigInteger(ba);
I can't figure out, what the author means with "// TODO: fix for utf-8". 我不知道作者对“ // TODO:修复utf-8”的含义。 Can anyone explain this? 谁能解释一下? &/ give a working answer? &/提供有效的答案?
1 个解决方案
解决方案1
2 已采纳 2014-10-21 22:40:46
This tries to implement PKCS#1 v1.5 padding as defined in PKCS#1 . 这试图实现中定义PKCS#1 V1.5填充PKCS#1 。 The input of PKCS#1 v1.5 padding for encryption must be 11 bytes smaller than the size of the modulus : 用于加密的PKCS#1 v1.5填充的输入必须比模数的大小小11个字节 :
M : message to be encrypted, an octet string of length mLen, where mLen <= k - 11
If the message is larger then RSA encryption cannot continue. 如果消息较大,则RSA加密无法继续。 Usually that is not a problem: you encrypt using a symmetric cipher with a random key and then encrypt that random key using RSA. 通常这不是问题:使用带有随机密钥的对称密码加密,然后使用RSA加密该随机密钥。 This is called a hybrid cryptosystem . 这称为混合密码系统 。
The reason why the comment is there is that JavaScript - like many scripting languages - has some trouble distinguishing between bytes and text. 之所以有此注释,是因为JavaScript(就像许多脚本语言一样)在区分字节和文本方面有些麻烦。 If s is text then s.length is likely to return the amount of characters not bytes. 如果s是文本,则s.length可能返回字符数而不是字节。 This is deliberate for languages that implement weak typing , but it doesn't make it easier to create and use cryptographic algorithms in JavaScript. 这是针对实现弱类型的语言而故意设计的,但是它并没有使在JavaScript中创建和使用密码算法更加容易。
If you use a multi-byte encoding such as UTF-8, then characters that encode to 2 bytes will increase the total plaintext size (in bytes). 如果使用多字节编码(例如UTF-8),则编码为2个字节的字符将增加总的纯文本大小(以字节为单位)。 So the calculation may fail at that point. 因此,此时计算可能会失败。 Either that, or you will loose the characters that cannot be encoded in single bytes - if I take a quick look at the code that is what will likely happen if you go beyond the ASCII (7 bit, values 0..127) range of characters. 要么这样做,要么您将丢失无法以单个字节编码的字符-如果我快速查看一下代码,如果超出ASCII(7位,值0..127)范围,可能会发生的代码字符。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.