来自公共字符串的Android RSA加密 [英] Android RSA encryption from public string
问题描述
我正在创建一个处理消息加密/解密的加密类。不幸的是我有一些问题。
在这种方法中,我想传递用户的秘密(私钥)以及他们要加密的消息。我想要的秘密是用户定义的(如MySecretPassword)。
public static void lock(String secret,String textToEncrypt){
try {
//转换公钥字符串转换成key
byte [] encodedPublicKey = Base64.decode(secret.getBytes(utf-8),Base64.DEFAULT);
X509EncodedKeySpec spec = new X509EncodedKeySpec(encodedPublicKey);
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
PublicKey publickey = keyFactory.generatePublic(spec); // Crash Here
PrivateKey privateKey = keyFactory.generatePrivate(spec);
//加密消息
密码密码= Cipher.getInstance(RSA);
cipher.init(Cipher.ENCRYPT_MODE,publickey);
byte [] encryptedBytes = cipher.doFinal(textToEncrypt.getBytes());
Log.d(TAG,Encrypted:+ new String(encryptedBytes));
} catch(Exception e){
e.printStackTrace();
}
}
异常如下:
java.security.spec.InvalidKeySpecException:java.lang.RuntimeException:error:0c0740b0:ASN.1编码例程:ASN1_get_object:TOO_LONG
我在这里缺少什么?我是否缺少一些明显的东西,或者我误解了这些工具的工作原理?我之前已经使用过这个的JavaScript库来进行公钥/私钥加密,并尝试做类似的操作这里。如果有人可以指出我正确的方向,我会感激的。)
秘密不是公钥。 / p>
使用收件人的公钥加密。该值为 public ,这意味着任何人都可以查找。您需要获得对方公钥的价值,并将其提供到您的代码中,而不是发送您自己的私钥。正确的方法是不涉及任何秘密!
通常情况下,RSA不直接加密消息,而是加密AES密钥(或其他对称密钥)使用RSA并使用AES密钥加密消息。如果您的消息真的很短,您可以直接使用RSA,但是长时间的消息将无法使用。
以下是几个链接,显示如何在Android上实现RSA :
I'm working on an android application where I'd like the user to be able to encrypt messages using other's public keys. The system would generate a public/private keypair and then messages can be sent to other users secretly.
I'm creating an Encryption class which will handle the encryption/decryption of messages. Unfortunately I'm having some problems.
In this method, I'd like to pass the user's secret (private key) as well as the message they want to encrypt. I'd like the secret to be user-defined (like "MySecretPassword").
public static void lock(String secret, String textToEncrypt) {
try {
//Convert the public key string into a key
byte[] encodedPublicKey = Base64.decode(secret.getBytes("utf-8"),Base64.DEFAULT);
X509EncodedKeySpec spec = new X509EncodedKeySpec(encodedPublicKey);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey publickey = keyFactory.generatePublic(spec); //Crash Here
PrivateKey privateKey = keyFactory.generatePrivate(spec);
//Encrypt Message
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, publickey);
byte[] encryptedBytes = cipher.doFinal(textToEncrypt.getBytes());
Log.d(TAG,"Encrypted: "+new String(encryptedBytes));
} catch (Exception e) {
e.printStackTrace();
}
}
The exception is as follows:
java.security.spec.InvalidKeySpecException: java.lang.RuntimeException: error:0c0740b0:ASN.1 encoding routines:ASN1_get_object:TOO_LONG
What am I missing here? Am I missing something obvious or am I misunderstanding how these tools work? I've used this javascript library for public/private key encryption before and am trying to do something similar here. I'd appreciate it if somebody could point me in the right direction :)
A secret is not a public key.
You encrypt with the public key of the recipient. That value is public, which means that anybody can look it up. You need to get the value of the other party's public key and feed it into your code, not send in your own private key. The proper way to do this does not involve any secrets!
Normally one does not directly encrypt a message with RSA, instead they encrypt an AES key (or other symmetric key) with RSA and use the AES key to encrypt the message. If your messages are really short, you could use RSA directly, but it won't work for long messages.
Here are a couple links showing how to implement RSA on Android:
这篇关于来自公共字符串的Android RSA加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
