RSA加密遇到的坑

时间 2019-11-08

原文原文链接

读取私钥时报错

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
	at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:217)
	at java.security.KeyFactory.generatePrivate(KeyFactory.java:372)
复制代码

在获取私钥时需增长如下代码java

if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
      Security.addProvider(new BouncyCastleProvider());
    }
   //须要导包     
  api 'org.bouncycastle:bcprov-jdk16:1.46'
复制代码

加载的字符串大于117时会报错

须要分段加密公钥加密时，加密的最长字节时117个私钥解密出来长度都是128 注意：必须在每段加密完成后再用Base64加密，不然Base64解密时会出错api

获取私钥时报

IllegalArgumentException: Illegal base64 character d
复制代码

秘钥里面有换行或其余符号，去掉便可数组

解密时报BadPaddingException

javax.crypto.BadPaddingException: Decryption error
	at sun.security.rsa.RSAPadding.unpadV15(RSAPadding.java:380)
	at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:291)
	at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:363)
	at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:389)
	at javax.crypto.Cipher.doFinal(Cipher.java:2223)
	
复制代码

加密和解密的填充模式不一致致使的
统一对齐方式："RSA/NONE/PKCS1Padding"bash

RSA加密完整代码

// 返回 RSA 加密的结果
  public static String encryptRSA(Key publicKey, String text) {
    try {
      Cipher rsa = Cipher.getInstance("RSA/NONE/PKCS1Padding");
      rsa.init(Cipher.ENCRYPT_MODE, publicKey);
      byte[] originBytes = text.getBytes();
      //大于117时进行分段 加密
      int subLength = originBytes.length / 117 + (originBytes.length % 117 == 0 ? 0 : 1);
      byte[] finalByte = new byte[128 * subLength];
      for (int i = 0; i < subLength; i++) {
        //须要加密的字节长度
        int len = i == subLength - 1 ? (originBytes.length - i * 117) : 117;
        //加密完成的字节数组
        byte[] doFinal = rsa.doFinal(originBytes, i * 117, len);
        //复制此次加密的数组
        System.arraycopy(doFinal, 0, finalByte, i * 128, doFinal.length);
      }
      return new String(Base64Utlis.encode(finalByte, Base64Utlis.NO_WRAP),
          Charset.forName("UTF-8"));
    } catch (Exception e) {
      e.printStackTrace();
    }
    return null;
  }

  /**
   * 返回 RSA 解密的结果
   */
  public static String decryptRSA(Key privateKey, String content) {
    try {
      byte[] text = Base64Utlis.decode(content, Base64Utlis.NO_WRAP);
      Cipher rsa = Cipher.getInstance("RSA/NONE/PKCS1Padding");
      rsa.init(Cipher.DECRYPT_MODE, privateKey);
      //大于128时进行分段 解密
      int subLength = text.length / 128;
      StringBuilder finalString = new StringBuilder();
      for (int i = 0; i < subLength; i++) {
        byte[] doFinal = rsa.doFinal(text, i * 128, 128);
        finalString.append(new String(doFinal, Charset.forName("UTF-8")));
      }
      return finalString.toString();
    } catch (Exception e) {
      e.printStackTrace();
    }
    return null;
  }


  //根据文件路径返回公匙
  public static PublicKey readPublicKey(String filePath) throws IOException {
    FileInputStream fis = new FileInputStream(new File(filePath));
    return readPublicKey(fis);
  }

  // 根据输入流返回公匙
  public static PublicKey readPublicKey(InputStream input) throws IOException {
    final ByteArrayOutputStream output = new ByteArrayOutputStream();
    int n = 0;
    final byte[] buffer = new byte[1024 * 4];
    while (-1 != (n = input.read(buffer))) {
      output.write(buffer, 0, n);
    }
    byte[] keyBytes = output.toByteArray();
    X509EncodedKeySpec spec =
        new X509EncodedKeySpec(Base64Utlis.decode(keyBytes, Base64Utlis.NO_WRAP));
    try {
      KeyFactory kf = KeyFactory.getInstance("RSA");
      return kf.generatePublic(spec);
    } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
      e.printStackTrace();
    }
    return null;
  }

  // 根据文件路径返回私匙
  public static PrivateKey readPrivateKey(String filePath) throws IOException {
    FileInputStream fis = new FileInputStream(new File(filePath));
    return readPrivateKey(fis);
  }

  // 根据输入流返回私匙
  public static PrivateKey readPrivateKey(InputStream input) throws IOException {
    final ByteArrayOutputStream output = new ByteArrayOutputStream();
    int n = 0;
    final byte[] buffer = new byte[1024 * 4];
    while (-1 != (n = input.read(buffer))) {
      output.write(buffer, 0, n);
    }
    if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
      Security.addProvider(new BouncyCastleProvider());
    }
    byte[] keyBytes = output.toByteArray();
    PKCS8EncodedKeySpec spec =
        new PKCS8EncodedKeySpec(Base64Utlis.decode(keyBytes, Base64Utlis.NO_WRAP));
    try {
      KeyFactory kf = KeyFactory.getInstance("RSA");
      return kf.generatePrivate(spec);
    } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
      e.printStackTrace();
    }
    return null;
  }
复制代码