My task: I have encrypted (RSA) data and public key as modulus and exponent. I have to write decryption code.
My problem with it: My implementation doesn't work ;) As far as I know philosophy is simple
"open text" == rsa(public_key, rsa(private_key, "open text"))
Edit: Exactly my assumption was wrong (Assumption is mother of all fu..ups ;) ). It should be "open text" == rsa(private_key, rsa(public_key, "open text"))
because in RSA, public key is used for encryption and private for decryption.
I assumed that I can have public key which doesn't correspond to private key using during encryption so for tests I created own keys in such way:
我的任务:我将加密(RSA)数据和公钥作为模数和指数。我必须写解密代码。我的问题:我的实现不起作用;)据我所知,哲学很简单“开放文本”== rsa(public_key,rsa(private_key,“open text”))编辑:我的假设是错误的(假设)是所有fu..ups的母亲;))。它应该是“open text”== rsa(private_key,rsa(public_key,“open text”))因为在RSA中,公钥用于加密,私有用于解密。我假设我可以使用与加密期间使用的私钥不对应的公钥,因此对于我以这种方式创建自己的密钥的测试:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
I got public key modulus and exponent using command:
我使用命令获得公钥模数和指数:
openssl x509 -in server.crt -text
For encryption testing I'm using code
对于加密测试我正在使用代码
//Reads private key from file
//StringPasswordFinder is my tmp implementation of PasswordFinder
PEMReader pemReader = new PEMReader(new FileReader("/path/to/server.key"), new StringPasswordFinder());
KeyPair keyPair = (KeyPair) pemReader.readObject();
PrivateKey pk = keyPair.getPrivate();
//text for encryption
String openText = "openText";
//encryption
Cipher rsaCipher = Cipher.getInstance("RSA", "BC");
rsaCipher.init(Cipher.ENCRYPT_MODE, pk);
byte[] encrypted = rsaCipher.doFinal(openText.getBytes("utf-8"));
And for decryption of encrypted text I use code
对于加密文本的解密,我使用代码
//modulus hex got using openssl
byte[] modulus = Hex.decodeHex("very long hex".toCharArray());
//exponent hex got using openssl
byte[] exponent = Hex.decodeHex("010001".toCharArray());
//initialization of rsa decryption engine
RSAEngine rsaEngine = new RSAEngine();
rsaEngine.init(false, new RSAKeyParameters(false, new BigInteger(modulus), new BigInteger(exponent)));
//input - encrypted stream
ByteArrayInputStream bais = new ByteArrayInputStream(encrypted);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
//reading blocks from the input stream and decrypting them
int bytesRead = 0;
byte[] block = new byte[rsaEngine.getInputBlockSize()];
while ((bytesRead = bais.read(block)) > -1) {
baos.write(rsaEngine.processBlock(block, 0, bytesRead));
}
//dispalying decrypted text
System.out.println(new String(baos.toByteArray(), "utf-8"));
And after all displayed text is not. Can anybody show me where I'm wrong?
并且所有显示的文字都没有。任何人都可以告诉我我错在哪里吗?
Edit: Summing up this problem has no solution. Because it's not possible encrypt message using private key and later decrypt it using public one. At general I mixed up encryption with signing message and decryption with verification. Because during making signature private key is used and public is used during verification. Btw, MByD thx for important clue.
编辑:总结这个问题没有解决方案。因为使用私钥加密消息并且稍后使用公共密钥解密它是不可能的。一般来说,我将加密与签名消息和解密与验证混合在一起。因为在制作签名时使用私钥并在验证期间使用公共密钥。顺便说一句,MByD thx的重要线索。
1 个解决方案
#1
0
I am not so familiar with java libraries for RSA, the times I tried to implement RSA in java was to build all calculations by myself, but if I understood you correct, I see 2 problems:
我不太熟悉RSA的java库,我尝试在java中实现RSA的时候是自己构建所有计算,但是如果我理解你是正确的,我会看到2个问题:
- the data should be encrypted with the public key and decrypted with private key, not the other way around (since everyone with public key will be able to decrypt it...)
- 数据应该使用公钥加密并使用私钥解密,而不是相反(因为每个拥有公钥的人都可以解密它...)
- the public key should match the private key, otherwise, anyone with any private key will be able to decrypt data encrypted with any public key...
- 公钥应与私钥匹配,否则,任何拥有任何私钥的人都可以解密使用任何公钥加密的数据...
Also, for very long data, you should not use public key encryption. Instead, encrypt the data in some other algorithm (RC4, AES, etc.) and encrypt the key in RSA (similar to PGP approach)
此外,对于非常长的数据,您不应使用公钥加密。相反,在一些其他算法(RC4,AES等)中加密数据并在RSA中加密密钥(类似于PGP方法)
#1
0
I am not so familiar with java libraries for RSA, the times I tried to implement RSA in java was to build all calculations by myself, but if I understood you correct, I see 2 problems:
我不太熟悉RSA的java库,我尝试在java中实现RSA的时候是自己构建所有计算,但是如果我理解你是正确的,我会看到2个问题:
- the data should be encrypted with the public key and decrypted with private key, not the other way around (since everyone with public key will be able to decrypt it...)
- 数据应该使用公钥加密并使用私钥解密,而不是相反(因为每个拥有公钥的人都可以解密它...)
- the public key should match the private key, otherwise, anyone with any private key will be able to decrypt data encrypted with any public key...
- 公钥应与私钥匹配,否则,任何拥有任何私钥的人都可以解密使用任何公钥加密的数据...
Also, for very long data, you should not use public key encryption. Instead, encrypt the data in some other algorithm (RC4, AES, etc.) and encrypt the key in RSA (similar to PGP approach)
此外,对于非常长的数据,您不应使用公钥加密。相反,在一些其他算法(RC4,AES等)中加密数据并在RSA中加密密钥(类似于PGP方法)