问题
I am trying to simulate asymmetric key system. I use following code to generate key pairs, encrypt, decrypt passwords. I have a distributed environment and for the moment I save the keys generated in a file system. I know that is not secure but its just for testing purposes.
private static SecureRandom random = new SecureRandom();
static {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
}
protected synchronized void generateKeys() throws InvalidKeyException, IllegalBlockSizeException,
BadPaddingException, NoSuchAlgorithmException, NoSuchProviderException,
NoSuchPaddingException {
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "BC");
generator.initialize(256, random);
KeyPair pair = generator.generateKeyPair();
Key pubKey = pair.getPublic();
Key privKey = pair.getPrivate();
//store public key
try {
storeKey(pubKey, Constants.KEY_PATH.concat(Constants.SERVER_PREFIX.concat("-publickey")));
} catch (Exception e) {
e.printStackTrace();
DBLogger.logMessage(e.toString(), Status.KEY_GENERATION_ERROR);
}
//store private key
try {
storeKey(privKey, Constants.KEY_PATH.concat(Constants.SERVER_PREFIX.concat("-privatekey")));
} catch (Exception e) {
e.printStackTrace();
DBLogger.logMessage(e.toString(), Status.KEY_GENERATION_ERROR);
}
}
protected synchronized String encryptUsingPublicKey(String plainText) throws IllegalBlockSizeException, BadPaddingException,
NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException,
FileNotFoundException, IOException, ClassNotFoundException {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
cipher.init(Cipher.ENCRYPT_MODE, readKey(Constants.KEY_PATH.concat(Constants.SERVER_PREFIX.concat("-publickey"))), random);
byte[] cipherText = cipher.doFinal(plainText.getBytes());
System.out.println("cipher: " + new String(cipherText));
return new String(cipherText);
}
protected synchronized String decryptUsingPrivatekey(String cipherText) throws NoSuchAlgorithmException,
NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, FileNotFoundException,
IOException, ClassNotFoundException, IllegalBlockSizeException, BadPaddingException {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
cipher.init(Cipher.DECRYPT_MODE, readKey(Constants.KEY_PATH.concat(Constants.SERVER_PREFIX.concat("-privatekey"))));
byte[] plainText = cipher.doFinal(cipherText.getBytes());
System.out.println("plain : " + new String(plainText));
return new String(plainText);
}
public static void main(String[] args) {
KeyGenerator keyGenerator = new KeyGenerator();
try {
keyGenerator.deleteAllKeys(Constants.KEY_PATH);
keyGenerator.generateKeys();
String cipherText = keyGenerator.encryptUsingPrivateKey("dilshan");
keyGenerator.decryptUsingPublickey(cipherText);
// String cipherText = keyGenerator.encryptUsingPublicKey("dilshan1");
// keyGenerator.decryptUsingPrivatekey(cipherText);
} catch (Exception e) {
e.printStackTrace();
DBLogger.logMessage(e.toString(), Status.KEY_GENERATION_ERROR);
}
}
This works perfectly well in most of the time. But some times it generates following error. This happens occasionally. Most of the time this works so I have no issue is with the code. I belive this is something to do with the serialization/serialization process to file system. Help is appreciated.
Note : I am using bouncycastle.
Error is as follows,
javax.crypto.BadPaddingException: unknown block type
at org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi.engineDoFinal(Unknown Source)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at com.dilshan.ttp.web.KeyGenerator.decryptUsingPublickey(KeyGenerator.java:105)
at com.dilshan.ttp.web.KeyGenerator.main(KeyGenerator.java:150)
Happens at,
byte[] plainText = cipher.doFinal(cipherText.getBytes());
in decryptUsingPrivatekey method.
回答1:
The cipher text is binary data. If you convert it to a String using the default encoding it is very likely that you encounter byte sequences that cannot be represented by a character. Thus, during decryption when you convert the String back to a byte array you don't end up with the same bytes and the decryption fails.
To solve that, don't convert the cipher text to a string, instead carry the byte[] around.
来源:https://stackoverflow.com/questions/14109626/javax-crypto-badpaddingexception-unknown-block-type