用Bouncycastle罐替代JCE [英] replace JCE with Bouncycastle jar
问题描述
我必须摆脱JCE罐子,应该用弹性城堡jar替换AES加密和解密。 JCE政策罐与BC罐用于AES 256算法。但是它的密钥大小为128。
在AES 256算法的情况下,如何使用BC jar。
谢谢。
这个答案假设不可能安装无限制强制管辖密码文件,使用所提到的脚本。
密码的密钥大小限制在 Cipher 类本身。它不是(容易)绕过它。
相反,您可以使用Bouncy Castle轻量级API。轻量级的API是轻量级的,为API实现本身需要的类的数量,而不是那么多。
例如(AES CBC with PKCS#7( PKCS#5兼容)padding:
public class BouncyLightWeightCipherExample {
private static final boolean FOR_DECRYPTION = false ;
public static void main(String [] args)throws NoSuchAlgorithmException,Exception {
final byte [] keyData = new byte [256 / Byte.SIZE];
final byte [] ivData = new byte [16];
final byte [] testData =owlstead.getBytes(UTF_8);
// JCE创建
final Cipher c = Cipher .getInstance(AES / CBC / PKCS5Padding);
//初始化
c.init(Cipher.ENCRYPT_MODE,新的SecretKeySpec(keyData,AES),新的IvParameterSpec(ivData) );
//和加密
final byte [] ciphertext = c.doFinal(testData);
// Bouncy Castle creation
final BlockCipher blockCipher = new AESFastEngine();
final CBCBlockCipher withModeOfOperation = new CBCBlockCipher(blockCipher);
final PaddedBufferedBlockCipher withPadding = new PaddedBufferedBlockCipher(withModeOfOperation);
//初始化
final ParametersWithIV keyAndIV = new ParametersWithIV(new KeyParameter(keyData),ivData);
withPadding.init(FOR_DECRYPTION,keyAndIV);
//和解密
int plaintextSize = withPadding.processBytes(ciphertext,0,ciphertext.length,ciphertext,0);
plaintextSize + = withPadding.doFinal(ciphertext,plaintextSize);
final byte [] plaintext = Arrays.copyOf(ciphertext,plaintextSize);
//我们是
System.out.println(new String(plaintext,UTF_8));
}
}
I have to get rid of JCE jars and should be replaced with bouncy castle jar for AES encryption and decryption.
I am getting invalid key size exception when i replace JCE policy jars with BC jars for AES 256 algorithm. But it works well with key size 128.
How can i make use of BC jars in case of AES 256 algorithm.
Thanks.
This answer assumes that it is not possible to install the unlimited strength jurisdictional cryptography files using the scripting mentioned.
The key size restraint of Cipher is in the Cipher class itself. It is not (easily) possible to bypass it.
Instead you could use the Bouncy Castle lightweight API. The lightweight API is lightweight for the amount of classes are required for the API implementation itself, not so much for you though.
For example (AES CBC with PKCS#7 (PKCS#5 compatible) padding:
public class BouncyLightWeightCipherExample {
private static final boolean FOR_DECRYPTION = false;
public static void main(String[] args) throws NoSuchAlgorithmException, Exception {
final byte[] keyData = new byte[256 / Byte.SIZE];
final byte[] ivData = new byte[16];
final byte[] testData = "owlstead".getBytes(UTF_8);
// JCE creation
final Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
// initialization
c.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keyData, "AES"), new IvParameterSpec(ivData));
// and encryption
final byte[] ciphertext = c.doFinal(testData);
// Bouncy Castle creation
final BlockCipher blockCipher = new AESFastEngine();
final CBCBlockCipher withModeOfOperation = new CBCBlockCipher(blockCipher);
final PaddedBufferedBlockCipher withPadding = new PaddedBufferedBlockCipher(withModeOfOperation);
// initialization
final ParametersWithIV keyAndIV = new ParametersWithIV(new KeyParameter(keyData), ivData);
withPadding.init(FOR_DECRYPTION, keyAndIV);
// and decryption
int plaintextSize = withPadding.processBytes(ciphertext, 0, ciphertext.length, ciphertext, 0);
plaintextSize += withPadding.doFinal(ciphertext, plaintextSize);
final byte[] plaintext = Arrays.copyOf(ciphertext, plaintextSize);
// there we are
System.out.println(new String(plaintext, UTF_8));
}
}
这篇关于用Bouncycastle罐替代JCE的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
