无法使用对称密钥Java解密CSV文件 [英] Unable to decrypt csv file using symmetric key java
问题描述
我提供了两个文件 encrypted_key.enc 和 encrypted_data.csv.enc .我需要使用私钥解密 encrypted_key.enc 以获得对称密钥,然后使用该对称密钥来解密 encrypted_data.csv.enc 文件.
在终端上,以下命令可以完成工作:
openssl rsautl -decrypt -ssl -inkey my_private_key -incrypted_key.enc -out密钥openssl aes-256-cbc -d -in encryption_data.csv.enc -out secret.txt -pass file:key 我的目标是执行两个命令的java等效项.我能够成功解密第一个文件并检索对称密钥.
现在,我无法使用该对称密钥来解密csv文件.我的问题出现在 decipher.init(Cipher.DECRYPT_MODE,keySpec); 中,我收到以下堆栈跟踪
线程"main"中的异常java.security.InvalidKeyException:密钥大小或默认参数非法
我不清楚解密过程中到底缺少了什么.我尝试过更改密码提供者,但没有帮助.其他帖子已经发布了使用 IVParameterSpec 的解决方案,但是我的解密案例似乎不需要它,或者我对放置它的位置感到困惑.
File file = new File("my_private_key");私钥pk = getPrivateKey(文件);//解密密钥密码cipher = Cipher.getInstance("RSA");cipher.init(Cipher.DECRYPT_MODE,pk);文件skFile = new File("encrypted_key.enc");FileInputStream fileInputStream =新的FileInputStream(skFile);字节[] decodedBytes = IOUtils.toByteArray(fileInputStream);byte []原始= cipher.doFinal(decodedBytes);字符串解码的原始=新的字符串(Base64.encodeBase64(原始));System.out.println(decodedOriginal);//使用密钥解密文件文件csvFile =新文件("encrypted_data.csv.enc");FileInputStream csvIS =新的FileInputStream(csvFile);密码解密= Cipher.getInstance("AES/ECB/PKCS5Padding");SecretKeySpec keySpec =新的SecretKeySpec(原始的"AES");decipher.init(Cipher.DECRYPT_MODE,keySpec);byte [] csvOriginal = decipher.doFinal(IOUtils.toByteArray(csvIS));字符串csvContents =新字符串(csvOriginal);System.out.println(csvContents); I'm unclear on what exactly I'm missing from the decryption process. I've tried changing the cipher provider but that didn't help. Other posts have posted solutions using an IVParameterSpec but my decryption case doesn't seem to need it or I'm confused on where to put it.
File file = new File("my_private_key");
PrivateKey pk = getPrivateKey(file);
// Decrypt secret key
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, pk);
File skFile = new File("encrypted_key.enc");
FileInputStream fileInputStream = new FileInputStream(skFile);
byte[] decodedBytes = IOUtils.toByteArray(fileInputStream);
byte[] original = cipher.doFinal(decodedBytes);
String decodedOriginal = new String(Base64.encodeBase64(original));
System.out.println(decodedOriginal);
// Use the secret key for decrypting file
File csvFile =
new File(
"encrypted_data.csv.enc");
FileInputStream csvIS = new FileInputStream(csvFile);
Cipher decipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
SecretKeySpec keySpec = new SecretKeySpec(original, "AES");
decipher.init(Cipher.DECRYPT_MODE, keySpec);
byte[] csvOriginal = decipher.doFinal(IOUtils.toByteArray(csvIS));
String csvContents = new String(csvOriginal);
System.out.println(csvContents);
Before Java 1.8 (I think, somewhere around there) you are limited by the Java Unlimited Strength Policy for key sizes above 128-bits. This is the most likely cause of the exception you are getting.
Unfortunately this won't fix your code. openssl with the pass flag uses an insecure KDF named EVP_BytesToKey(). Java doesn't natively support this KDF. You don't want to use it anyway since it is insecure. Update the upstream code to use a better KDF like PBKDF2. There is native support for this in Java.
Further, you're using CBC mode in openssl and ECB mode in Java. And you aren't specifying an IV in openssl. I get the impression you didn't write the Java code yourself. You might benefit from taking the time to learn and research what is actually happening in your code and in the commands you are executing and you might be better equipped to solve the problem.
这篇关于无法使用对称密钥Java解密CSV文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
