【问题标题】:BadPaddingException : Decryption errorBadPaddingException : 解密错误
【发布时间】:2015-11-03 19:58:35
【问题描述】:

我正在编写一个程序,该程序接受来自控制台的输入 - zip 文件的名称、要制作的包含从第一个 zip 生成的(de/en)加密文件的 zip 文件的名称以及包含公钥。解密时出现异常:

exception Exception in thread "main" javax.crypto.BadPaddingException:     Decryption error
at sun.security.rsa.RSAPadding.unpadV15(RSAPadding.java:380)
at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:291) 
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:363) 
at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:389) 
at javax.crypto.Cipher.doFinal(Cipher.java:2165) 
at com.Main.decrypt(Main.java:67) 
at com.Main.main(Main.java:201)

不知道为什么会出现这个异常?

公钥:

MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCE3pA746UfpC8sFk8ZJp0yupyJqj5jy6cjdxUYoP7mCm7c0mqQDeCcDNBYW2eSozCioPrH/9L+CDQEPLYakoem+jFnUKDH5+pru/0PJTJJF8Xh/ZT9eJlvsYBr1/qSfICf6RTs7kzwq9IuSZBw7/tfNEF9i0A8FVox6HOopXod1QIDAQAB

私钥:

MIICXQIBAAKBgQCE3pA746UfpC8sFk8ZJp0yupyJqj5jy6cjdxUYoP7mCm7c0mqQDeCcDNBYW2eSozCioPrH/9L+CDQEPLYakoem+jFnUKDH5+pru/0PJTJJF8Xh/ZT9eJlvsYBr1/qSfICf6RTs7kzwq9IuSZBw7/tfNEF9i0A8FVox6HOopXod1QIDAQABAoGANOFrYBqK5lvu1koOswDWQZFZqcSSzh8IZyoGwGWa7S0r0EECXlDXmuPSq8e9IfRG8ALHrH+ZlrbnFOSgyVSWHfpj3aH+qknoSX5TW2rMQHih8865xuqheMQ+RTZ7+BRDqNsYkzxB/Z8mqzpoJQSYf+H7nWxdDCgAJVYZzxl3DmUCQQD32iEjnwiwUjii8slcmvCEZl+z84DWNdvJOg6Z38sI4AvrfpKc1WAcDg1rNZCKrRgokh54wpLt08cpFcrD04c3AkEAiTzDmc0bdgfg5wj6xHFZpYlBwiGm/bjOR2PS57P0GNU5PsDllRbFqIuzArITutO5lvZZImzuYz7Lf+cQ73pxUwJBAOdEwmdaneDo17A0m2+to3/nhqWDMVSwLMU3RyiNigZeCMFU+bkd4PBMrHi9IoJDwacZsRU9eZwxYEUV8H2Jg0ECQEEkOqRSm2pXKwX/WSjNtQPCNxhy6NUeV6vDUmTxIjh3XYjP/ynZeVEbnoj1BjB0N2/U11Jj6nPpZqb7gyppMEkCQQCoGdVYDipU+hMMnvxa0zOIyQc/a+HE0lESqn+2ZPafYi9Z1RldRMvUXhP8U7s+OuhRwprdw2ivvOFrnWyz9lL2

该程序的代码如下。欢迎任何帮助:)

package com;

import java.io.BufferedReader;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.Enumeration;
import java.util.Scanner;
import java.util.zip.ZipEntry;
import java.util.zip.ZipFile;
import java.util.zip.ZipOutputStream;

import javax.crypto.Cipher;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;

public class Main {

    public final static int BUFFER_SIZE = 117;

    public static void decrypt(String originalZipFileName, String newZipFileName, String privateKeyFileName) throws Exception {
        byte[] buffer = new byte[128];  

        ZipFile originalZipFile = new ZipFile(originalZipFileName); 
        ZipOutputStream newZipFile = new ZipOutputStream(new FileOutputStream(newZipFileName));

        Enumeration<? extends ZipEntry> zipEntries = originalZipFile.entries();

        String privateKey = getKeyString(privateKeyFileName);
        PrivateKey key = makePrivateKey(privateKey);

        Cipher cipher = Cipher.getInstance("RSA");

        cipher.init(Cipher.DECRYPT_MODE, key);


        while(zipEntries.hasMoreElements()){

            ZipEntry entry = zipEntries.nextElement();          

            ZipEntry copy = new ZipEntry(entry.getName());      
            newZipFile.putNextEntry(copy);          

            InputStream inputEntry = originalZipFile.getInputStream(entry);         

            while(inputEntry.read(buffer) != -1){   
                newZipFile.write(cipher.doFinal(buffer));
            }

            newZipFile.closeEntry();
            inputEntry.close();
        }
        newZipFile.close();
        originalZipFile.close();
    }

    public static void encrypt(String originalZipFileName, String newZipFileName, String publicKeyFileName) throws Exception{

        byte[] buffer = new byte[BUFFER_SIZE];  

        ZipFile originalZipFile = new ZipFile(originalZipFileName); 
        ZipOutputStream newZipFile = new ZipOutputStream(new FileOutputStream(newZipFileName));

        Enumeration<? extends ZipEntry> zipEntries = originalZipFile.entries();

        String publicKey = getKeyString(publicKeyFileName);
        PublicKey key = makePublicKey(publicKey);

        Cipher cipher = Cipher.getInstance("RSA");

        cipher.init(Cipher.ENCRYPT_MODE, key);


        while(zipEntries.hasMoreElements()){

            ZipEntry entry = zipEntries.nextElement();          

            ZipEntry copy = new ZipEntry(entry.getName());      
            newZipFile.putNextEntry(copy);          

            InputStream inputEntry = originalZipFile.getInputStream(entry);         

            while(inputEntry.read(buffer) != -1){               
                newZipFile.write(cipher.doFinal(buffer));
            }

            newZipFile.closeEntry();
            inputEntry.close();
        }
        newZipFile.close();
        originalZipFile.close();
    }   

    public static String getKeyString(String fileName){

        String key = new String();
        try {
            BufferedReader buf = new BufferedReader(new FileReader(fileName));
            key = buf.readLine();       
        } catch ( IOException e) {
            e.printStackTrace();
        }   

        return key.trim();
    }

    public static PublicKey makePublicKey(String stored) throws GeneralSecurityException {
        byte[] data = Base64.getDecoder().decode(stored);
        X509EncodedKeySpec spec = new  X509EncodedKeySpec(data);
        KeyFactory fact = KeyFactory.getInstance("RSA");
        return fact.generatePublic(spec);
    }

    public static PrivateKey makePrivateKey(String stored) throws GeneralSecurityException, Exception {
        /*byte[] data = Base64.getDecoder().decode(stored);
        PKCS8EncodedKeySpec spec = new  PKCS8EncodedKeySpec(data);
        KeyFactory fact = KeyFactory.getInstance("RSA");
        return fact.generatePrivate(spec);*/

        byte[] data = Base64.getDecoder().decode(stored);

        ASN1EncodableVector v = new ASN1EncodableVector();
        v.add(new ASN1Integer(0));
        ASN1EncodableVector v2 = new ASN1EncodableVector();
        v2.add(new ASN1ObjectIdentifier(PKCSObjectIdentifiers.rsaEncryption.getId()));
        v2.add(DERNull.INSTANCE);
        v.add(new DERSequence(v2));
        v.add(new DEROctetString(data));
        ASN1Sequence seq = new DERSequence(v);
        byte[] privKey = seq.getEncoded("DER");

        PKCS8EncodedKeySpec spec = new  PKCS8EncodedKeySpec(privKey);
        KeyFactory fact = KeyFactory.getInstance("RSA");
        PrivateKey key = fact.generatePrivate(spec);

        return key; 

    }

    public static void main(String[] args) throws Exception {

        Scanner scan = new Scanner(System.in);

        System.out.println("Enter type of operation:");
        String line = scan.nextLine();

        if(line.equals("encrypt")){
            System.out.println("Enter name of original ZIP file:");
            String originalZipFileName = scan.nextLine();

            System.out.println("Enter name of new ZIP file:");
            String newZipFileName = scan.nextLine();

            System.out.println("Enter name of file containg public key:");
            String publicKeyFileName = scan.nextLine();

            encrypt(originalZipFileName, newZipFileName, publicKeyFileName);        
        }

        if(line.equals("decrypt")){
            System.out.println("Enter name of original ZIP file:");
            String originalZipFileName = scan.nextLine();

            System.out.println("Enter name of new ZIP file:");
            String newZipFileName = scan.nextLine();

            System.out.println("Enter name of file containg private key:");
            String privateKeyFileName = scan.nextLine();

            decrypt(originalZipFileName, newZipFileName, privateKeyFileName);       
        }       

    }

}

PS:更新了decrypt 方法。仍然给出同样的错误。

public static void decrypt(String originalZipFileName, String newZipFileName, String privateKeyFileName) throws Exception {
    byte[] buffer = new byte[128];  

    ZipFile originalZipFile = new ZipFile(originalZipFileName); 
    ZipOutputStream newZipFile = new ZipOutputStream(new FileOutputStream(newZipFileName));

    Enumeration<? extends ZipEntry> zipEntries = originalZipFile.entries();

    String privateKey = getKeyString(privateKeyFileName);
    PrivateKey key = makePrivateKey(privateKey);

    Cipher cipher = Cipher.getInstance("RSA");

    cipher.init(Cipher.DECRYPT_MODE, key);


    while(zipEntries.hasMoreElements()){

        ZipEntry entry = zipEntries.nextElement();          

        ZipEntry copy = new ZipEntry(entry.getName());      
        newZipFile.putNextEntry(copy);


        InputStream inputEntry = originalZipFile.getInputStream(entry);


        while(inputEntry.read(buffer) != -1){
            newZipFile.write(cipher.doFinal(buffer));
        }

        newZipFile.closeEntry();
        inputEntry.close();
    }
    newZipFile.close();
    originalZipFile.close();
}

【问题讨论】:

标签: java encryption cryptography rsa


【解决方案1】:

约瑟夫是对的。

当您使用默认参数创建密码时,它默认为“RSA/ECB/PKCS1Padding”。如果您不喜欢令人讨厌的惊喜,您应该明确指定填充。因为其他安全提供者可能有不同的默认参数。而且您永远不会事先知道每个特定 JRE 具有哪些安全设置。

所以 PKCS1 填充将 11 个字节添加到您的原始数据中,将其从 117 个字节增加到 128 个字节。您应该考虑到这些数字特定于 1024 位 RSA 密钥(它们是安全的),并且对于较长的密钥会有所不同。由于您是从文件中加载密钥,请考虑检查其长度。

@Test
public void testPadding() throws Exception {
    SecureRandom random = SecureRandom.getInstance("SHA1PRNG");

    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
    keyGen.initialize(1024, random);
    KeyPair keyPair = keyGen.generateKeyPair();

    /* constant 117 is a public key size - 11 */
    byte[] plaintext = new byte[117];
    random.nextBytes(plaintext);

    Cipher cipher = Cipher.getInstance("RSA");
    cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
    byte[] ciphertext = cipher.doFinal(plaintext);
    System.out.println(plaintext.length + " becomes " + ciphertext.length);
}

打印出来

117 becomes 128

最后,考虑使用 AES 而不是 RSA 进行文件加密。

因此,要解决此问题,您需要使用大小为公钥长度的缓冲区 - 11 (117) 进行加密,使用公钥大小 (128) 进行解密。

改变

outputFile.write(cipher.doFinal(buffer), 0, read);

outputFile.write(cipher.doFinal(buffer));

因为缓冲区读取是 117 字节,而 doFinal 结果的大小是 128 字节。

您还需要缓冲输入流。当您从文件中读取时,有时它可能会很慢,然后 InputStream 将读取的数据少于缓冲区可能包含的数据。通过使用 BufferedInputStream 可以确保在读取调用返回之前有足够的数据。但是,对于解密而言,拥有完整的数据块至关重要

InputStream inputEntry = new BufferedInputStream(originalZipFile.getInputStream(entry));

【讨论】:

  • 问题可以追溯到加密过程中outputFile.write(cipher.doFinal(buffer), 0, read);这一行,因为doFinal()调用的结果比read大(填充),这意味着密文的一部分是丢失意味着它无法解密。
  • @ArtjomB。我应该如何解决这个问题?
  • @divanov 它包含明文长度。
  • 试过你所说的,但仍然给我同样的错误。
  • 我解决了这个问题:Cipher cipher1 = Cipher.getInstance("RSA/ECB/NOPADDING");
【解决方案2】:
while((read = inputEntry.read(buffer)) != -1){              
        outputFile.write(cipher.doFinal(buffer), 0, read);
    }

你这里有问题。 read 是读取的明文的大小,而不是密文的大小。您应该完全删除第二个和第三个参数。

将密文写入中间文件也是浪费时间和空间。只需将其直接写入 zip 流即可。

【讨论】:

  • 刚刚用你告诉我的东西更新了方法,但它仍然给我同样的错误。
【解决方案3】:

解密方法的字节数组长度应为 256 字节,因为它是算法的默认输出大小(额外的字节导致此长度)。将byte[] buffer = new byte[128]; 更改为byte[] buffer = new byte[256];

【讨论】:

    猜你喜欢
    • 2019-05-02
    • 2011-02-24
    • 2018-09-15
    • 2017-10-29
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2014-09-19
    相关资源
    最近更新 更多