当解密“der”时,使用OpenSSL生成的文件:使用填充密码解密时,输入长度必须是8的倍数 [英] Exception when decrypting a "der" file generated with OpenSSL: Input length must be multiple of 8 when decrypting with padded cipher
本文介绍了当解密“der”时,使用OpenSSL生成的文件:使用填充密码解密时,输入长度必须是8的倍数的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
首先,我使用OpenSSL生成私有RSA密钥文件,然后将其转换为加密的der文件:
first I generate a private RSA keyfile with OpenSSL and then convert it into an encrypted "der" file:
$ openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der
尝试从Java使用以下代码解密这个文件(在这个阶段我已经读取文件到 byte [] key
数组使用的代码在这篇文章的底部):
Next I try to decrypt this file from Java using the following code(at this stage I already read the file into the byte[] key
array using code that is at the bottom of this post):
public static byte[] decryptPrivateKey(byte[] key) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
PBEKeySpec passKeySpec = new PBEKeySpec("p".toCharArray()); //my password
EncryptedPrivateKeyInfo encryptedKey = new EncryptedPrivateKeyInfo(key);
System.out.println(encryptedKey.getAlgName());
//PBEWithMD5AndDES
System.out.println("key length: " + key.length);
//key length: 677
SecretKeyFactory keyFac = SecretKeyFactory.getInstance(encryptedKey.getAlgName());
SecretKey passKey = keyFac.generateSecret(passKeySpec);
// Create PBE Cipher
Cipher pbeCipher = Cipher.getInstance(encryptedKey.getAlgName());
// Initialize PBE Cipher with key and parameters
pbeCipher.init(Cipher.DECRYPT_MODE, passKey, encryptedKey.getAlgParameters());
// Decrypt the private key(throws the exception)
return pbeCipher.doFinal(key);
}
我在上面的return语句中得到以下堆栈跟踪:
I get the following stack trace on the return statement above:
Exception in thread "main" javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:750)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
at com.sun.crypto.provider.PBECipherCore.doFinal(PBECipherCore.java:422)
at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(PBEWithMD5AndDESCipher.java:316)
at javax.crypto.Cipher.doFinal(Cipher.java:2087)
at roland.test.crypto.Test.decryptPrivateKey(Test.java:96)
at roland.test.crypto.Test.getPrivateKey(Test.java:74)
at roland.test.crypto.Test.test(Test.java:58)
at roland.test.crypto.Test.main(Test.java:30)
键作为字节数组从der文件读取:
The key is read from the "der" file as a byte array:
public static PrivateKey getPrivateKey() throws Exception {
byte[] key = null;
try(final InputStream resourceStream = getMyClass().getResourceAsStream("private_key.der")) { //$NON-NLS-1$\r
key = ByteStreams.toByteArray(resourceStream);
} catch (IOException e) {
e.printStackTrace();
}
key = decryptPrivateKey(key);
}
推荐答案
解决方案是: p>
The solution is:
return pbeCipher.doFinal(encryptedKey.getEncryptedData());
这篇关于当解密“der”时,使用OpenSSL生成的文件:使用填充密码解密时,输入长度必须是8的倍数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文