[英]Java unreliable RSA encryption/decryption of strings
我用Java中的RSA算法對字符串進行不可靠的加密和解密有一個非常煩人的問題。 它接縫只能在35%的時間內工作,我無法弄清楚為什么它有時會起作用,有時卻不起作用。 這是我寫的一些測試代碼,試圖驗證加密/解密中的隨機性。 它運行100圈,每次加密和解密相同的字符串並打印成功的次數:
public static void main(String[] args) throws Exception {
byte[] dataToEncrypt = "Hello World!".getBytes("UTF-16LE");
byte[] cipherData = null;
byte[] decryptedData;
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(512);
KeyPair kp = kpg.genKeyPair();
Key publicKey = kp.getPublic();
Key privateKey = kp.getPrivate();
KeyFactory fact = KeyFactory.getInstance("RSA");
RSAPublicKeySpec pub = (RSAPublicKeySpec) fact.getKeySpec(publicKey,
RSAPublicKeySpec.class);
RSAPublicKeySpec spec = new RSAPublicKeySpec(pub.getModulus(), pub
.getPublicExponent());
KeyFactory factory = KeyFactory.getInstance("RSA");
PublicKey publicKeyRSA = factory.generatePublic(spec);
Cipher cipher = Cipher.getInstance("RSA");
int k = 0;
for (int i = 0; i < 100; i++) {
try {
cipher.init(Cipher.ENCRYPT_MODE, publicKeyRSA);
cipherData = cipher.doFinal(dataToEncrypt);
} catch (Exception e1) {
System.out.println("Encrypt error");
}
String s = new String(cipherData, "UTF-16LE");
cipher.init(Cipher.DECRYPT_MODE, privateKey);
try {
decryptedData = cipher.doFinal(s.getBytes("UTF-16LE"));
System.out.println("Decrypted: "
+ new String(decryptedData, "UTF-16LE"));
k += 1;
} catch (Exception e1) {
System.out.println("Decrypt error");
}
}
System.out.println("Number of correct decryptions is: " + k);
}
我試圖用各種值初始化KeyPairGenerator但沒有成功。
編輯:現在它就像魅力一樣,感謝Base64 :
import java.io.FileOutputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.spec.RSAPublicKeySpec;
import javax.crypto.Cipher;
public class Test {
public static void main(String[] args) throws Exception {
byte[] dataToEncrypt = "Hello World!".getBytes("UTF-16LE");
byte[] cipherData = null;
byte[] decryptedData;
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(512);
KeyPair kp = kpg.genKeyPair();
Key publicKey = kp.getPublic();
Key privateKey = kp.getPrivate();
KeyFactory fact = KeyFactory.getInstance("RSA");
RSAPublicKeySpec pub = (RSAPublicKeySpec) fact.getKeySpec(publicKey,
RSAPublicKeySpec.class);
RSAPublicKeySpec spec = new RSAPublicKeySpec(pub.getModulus(), pub
.getPublicExponent());
KeyFactory factory = KeyFactory.getInstance("RSA");
PublicKey publicKeyRSA = factory.generatePublic(spec);
Cipher cipher = Cipher.getInstance("RSA");
int k = 0;
for (int i = 0; i < 100; i++) {
try {
cipher.init(Cipher.ENCRYPT_MODE, publicKeyRSA);
cipherData = cipher.doFinal(dataToEncrypt);
} catch (Exception e1) {
System.out.println("Encrypt error");
}
String s = Base64.encodeBytes(cipherData);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
try {
decryptedData = cipher.doFinal(Base64.decode(s));
System.out.println("Decrypted: "
+ new String(decryptedData, "UTF-16LE"));
k += 1;
} catch (Exception e1) {
System.out.println("Decrypt error");
}
}
System.out.println("Number of correct decryptions is: " + k);
}
}
這是問題,或者至少是一個問題:
String s = new String(cipherData, "UTF-16LE");
你正在使用任意二進制數據並嘗試從中創建一個字符串,將其視為UTF-16編碼的文本。 不是。 這是任意的二進制數據。
要么保持二進制形式(如byte[]
),要么使用base64以安全,可逆的方式將其轉換為文本。 (例如, 此公共域base64編碼器具有合理的API。)
可能是因為您將加密的字節流轉換為UTF16-LE,這是您不應該做的。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.