Java RSA 加密
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/6077507/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Java RSA Encryption
提问by arik
I am trying to encode a simple String "test" back and forth.
我试图来回编码一个简单的字符串“测试”。
public static String encode(Key publicKey, String data) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
byte[] byteData = data.getBytes(); // convert string to byte array
Cipher cipher = Cipher.getInstance(ALGORITHM); // create conversion processing object
cipher.init(Cipher.ENCRYPT_MODE, publicKey); // initialize object's mode and key
byte[] encryptedByteData = cipher.doFinal(byteData); // use object for encryption
return new String(encryptedByteData); // convert encrypted byte array to string and return it
}
public static String decode(Key privateKey, String data) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
byte[] byteData = data.getBytes(); // convert string to byte array
Cipher cipher = Cipher.getInstance(ALGORITHM); // create conversion processing object
cipher.init(Cipher.DECRYPT_MODE, privateKey); // initialize object's mode and key
System.out.println(byteData.length);
byte[] decryptedByteData = cipher.doFinal(byteData); // use object for decryption
return new String(decryptedByteData); // convert decrypted byte array to string and return it
}
However, although the encryption works just fine (ALGORITHM is "RSA"), when trying to decrypt the string I have just gotten from encrypting "test", I get following exception:
然而,虽然加密工作得很好(算法是“RSA”),当我试图解密我刚刚从加密“test”中得到的字符串时,我得到以下异常:
javax.crypto.IllegalBlockSizeException: Data must not be longer than 256 bytes
javax.crypto.IllegalBlockSizeException:数据不得超过 256 字节
Should I split the encrypted bytes in chunks of 256 in order to be able to decrypt it?
我应该将加密的字节分成 256 个块以便能够解密吗?
采纳答案by erickson
You can't reliably convert random bytes to a String. The results will depend on what your default character encoding is on the machine where you run this. With many encodings, the cipher text will be corrupted, and information will be lost.
您无法可靠地将随机字节转换为String. 结果将取决于您运行它的机器上的默认字符编码。使用多种编码,密文将被破坏,信息将丢失。
Modify your code to use a byte[]instead (the result of the 'doFinal()` method.
修改您的代码以使用 abyte[]代替(“doFinal()”方法的结果。
If you need to convert the byte[]to a character string, use an encoding like Base-64.
如果需要将 转换为byte[]字符串,请使用 Base-64 之类的编码。
回答by Kyle
From here:
从这里:
The RSA algorithm can only encrypt data that has a maximum byte length of the RSA key length in bits divided with eight minus eleven padding bytes, i.e. number of maximum bytes = key length in bits / 8 - 11. If you want to encrypt larger data, then use a larger key, for example, a key with 4096 bits will allow you to encrypt 501 bytes of data.
RSA算法只能加密最大字节长度为RSA密钥长度(以比特为单位)除以8减去11个填充字节的数据,即最大字节数=密钥长度(以比特为单位)/8-11。如果要加密更大的数据,然后使用更大的密钥,例如,具有 4096 位的密钥将允许您加密 501 字节的数据。
回答by MByD
If you have a long data, you should either split it to data chunks that fits and encrypt / decrypt each of them (not such a good idea) or encrypt / decrypt them using a symmetric algorithm (AES / DES / RC4 / etc.), encrypt the symmetric key with the RSA public key and send both to the other side. (much better idea).
如果您有很长的数据,您应该将其拆分为适合的数据块并加密/解密它们中的每一个(这不是一个好主意)或使用对称算法(AES/DES/RC4/等)加密/解密它们, 使用 RSA 公钥加密对称密钥并将两者发送给另一方。(更好的主意)。
The second approach is a very common approach, since asymmetric encryption algorithms are much more expensive than symmetric algorithms (for both encryption and decryption).
第二种方法是一种非常常见的方法,因为非对称加密算法比对称算法(加密和解密)昂贵得多。
