關於do階段的Diffie-Hellman密鑰協議,不兼容的參數
[英]Diffie-Hellman key agreement on do phase, incompatible parameters
問題描述
我通過套接字發送字節數組中的 Diffie-Hellman 公鑰並將其存儲在文件中,當我需要密鑰時,我使用密鑰工廠對其進行轉換,但是當我要組合我的私鑰和公鑰時我在密鑰協議上的合作伙伴, doPhase函數它給了我一個不兼容參數的例外。
public byte[] createMac(byte[] fileBytes, String nick){
byte[] mac = null;
byte[] digest;
try {
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(fileBytes);
digest = md.digest();
KeyFactory keyFactory = KeyFactory.getInstance("DH");
byte[] myPrivateKey = Files.readAllBytes(Paths.get(dirMyKeys+"//dhPrivateKey.txt"));
PrivateKey dhPrivKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(myPrivateKey));
byte[] myPublicKey = Files.readAllBytes(Paths.get(dirKeys+"/"+nick+"DhPublicKey.txt"));
System.out.println(dirKeys+"/"+nick+"DhPublicKey.txt");
PublicKey dhPubKey = keyFactory.generatePublic(new X509EncodedKeySpec(myPublicKey));
SecretKey secretKey = combine(dhPrivKey, dhPubKey);
Cipher cipher = Cipher.getInstance("AES");
System.out.println( "\nStart decryption" );
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
mac = cipher.doFinal(digest);
System.out.println( "Finish decryption: " );
return mac;
} catch (NoSuchAlgorithmException | IOException | InvalidKeySpecException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchPaddingException ex) {
Logger.getLogger(Client.class.getName()).log(Level.SEVERE, null, ex);
}
return mac;
}
private static SecretKey combine(PrivateKey private1, PublicKey public1) throws NoSuchAlgorithmException, InvalidKeyException {
KeyAgreement ka = KeyAgreement.getInstance("DH");
ka.init(private1);
//error on this line
ka.doPhase(public1, true);
SecretKey secretKey = ka.generateSecret("DES");
return secretKey;
}
這是一個例外:
java.security.InvalidKeyException: Incompatible parameters
at com.sun.crypto.provider.DHKeyAgreement.engineDoPhase(DHKeyAgreement.java:199)
at javax.crypto.KeyAgreement.doPhase(KeyAgreement.java:567)
at safetalk_client.Client.combine(Client.java:279)
at safetalk_client.Client.createMac(Client.java:260)
at safetalk_client.Client.sendFile(Client.java:234)
...
1 個解決方案
解決方案1
0 2015-11-03 17:29:32
我沒有使用 api 的經驗,但聽起來它期待不同的輸入類型。 diffie-Hellman 有一種特定類型的私鑰和公鑰類,也許它需要那些而不是聽起來更通用的公鑰和私鑰類:
https://docs.oracle.com/javase/7/docs/api/javax/crypto/interfaces/DHPublicKey.html
https://docs.oracle.com/javase/7/docs/api/javax/crypto/interfaces/DHPrivateKey.html
讓我知道它是否有效。
如何在Android中為Diffie-Hellman密鑰協商算法生成參數集
[英]How To Generate Parameter Set for the Diffie-Hellman Key Agreement Algorithm in Android
確定Java中TLS握手的Diffie-Hellman“參數”長度
[英]Determine Diffie-Hellman “Parameters” Length for a TLS handshake in Java
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.