使用Openssl生成的RSA密钥,在java代码中加解密报错

Ranger
  • 47

不要回答了,我自己刚问完就发现问题了,在java代码里生成公钥时,在填写公钥指数时,应该填写十六进制,我填成十进制了。。。。最近一直睡眠不足,这种小问题,半天才发现


OS: Mac OS 10.12.6
OpenSSL version: 0.9.8zh 14 Jan 2016
Java: jdk1.8.0_131.jdk


1.我使用“genrsa -out key.pem 1024”指令,生成出一把普通的RSA密钥对,长度为1024;

-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDBLACwdLLJUaB+DtAQS1khxmeoi4wg7LXg7oFW4XUCDZDa4wGS
xwPXyscYnPdc3AnTfUjmFrQnX2AOuTKC1l8VSZhFJsuKpILGQB0meForfJyTsv30
TvR/HKDzh4Fk2kN/QpxU9wxirMsBAoAHP4v73rQK+VqtStjLyMr/A+D39wIDAQAB
AoGAA3FVUc/Cn/PkeFqrOp8dJ4zxq/9QsAWH+EpH49SA0ViMjFofXQ5O8zmZ8sZZ
Yj5Jros9EVy2OT1p6NlEHTDU4PRPue8pcZCNpQVyOiAOpuQhkrQbfJT27LbjyWSO
e4vQ2bmpMrmrksjkERaC1I8a1D+ArtcWEG4FFK5nePHWqAECQQDoM2Qe91u9pMut
ZBPdt6WtW5k6nlCj7d+VVcbrFMP4zR4rs70w/RoZlsvB5ySFzGYSCVoaoJmc/0wn
aNB5gdO3AkEA1PiNHCEstfHMToEOmLYKdbo4WTVn8+axirDPmrK+L2cjK08VZD2m
SA7zz4Ts0m4xV9wmZmtHYv97XBbtYGB9wQJAOFlAUsN0X/E9/DXtHEEU050G8lK4
/w8a0wKd4y6G4DnmuHRF1T2Wt98AU23kTxPrMTVTyGJw5MiPkoC9Fr+KwQJAcjLN
R9YqKW39BeOCNjT3KuWuLXfLxCdh8GKbD/LktHpzi1eeut+r+Fu8NPysGLJp1xj/
pk/EObuRJHJO2y0igQJBAKiLNfAKXK3fhVtlrHU8dohq1VAD3IrXXm/2QR42fn9g
VzNu21R53cqioa1Sna0+F3oOLfjZN3557ckOv0cZeL0=
-----END RSA PRIVATE KEY-----

2.再用“rsa -in key.pem -text -out key.txt”,来获取实际数据;

Private-Key: (1024 bit)
modulus:
    00:c1:2c:00:b0:74:b2:c9:51:a0:7e:0e:d0:10:4b:
    59:21:c6:67:a8:8b:8c:20:ec:b5:e0:ee:81:56:e1:
    75:02:0d:90:da:e3:01:92:c7:03:d7:ca:c7:18:9c:
    f7:5c:dc:09:d3:7d:48:e6:16:b4:27:5f:60:0e:b9:
    32:82:d6:5f:15:49:98:45:26:cb:8a:a4:82:c6:40:
    1d:26:78:5a:2b:7c:9c:93:b2:fd:f4:4e:f4:7f:1c:
    a0:f3:87:81:64:da:43:7f:42:9c:54:f7:0c:62:ac:
    cb:01:02:80:07:3f:8b:fb:de:b4:0a:f9:5a:ad:4a:
    d8:cb:c8:ca:ff:03:e0:f7:f7
publicExponent: 65537 (0x10001)
privateExponent:
    03:71:55:51:cf:c2:9f:f3:e4:78:5a:ab:3a:9f:1d:
    27:8c:f1:ab:ff:50:b0:05:87:f8:4a:47:e3:d4:80:
    d1:58:8c:8c:5a:1f:5d:0e:4e:f3:39:99:f2:c6:59:
    62:3e:49:ae:8b:3d:11:5c:b6:39:3d:69:e8:d9:44:
    1d:30:d4:e0:f4:4f:b9:ef:29:71:90:8d:a5:05:72:
    3a:20:0e:a6:e4:21:92:b4:1b:7c:94:f6:ec:b6:e3:
    c9:64:8e:7b:8b:d0:d9:b9:a9:32:b9:ab:92:c8:e4:
    11:16:82:d4:8f:1a:d4:3f:80:ae:d7:16:10:6e:05:
    14:ae:67:78:f1:d6:a8:01

3.也就是说:

N: 00C12C00B074B2C951A07E0ED0104B5921C667A88B8C20ECB5E0EE8156E175020D90DAE30192C703D7CAC7189CF75CDC09D37D48E616B4275F600EB93282D65F1549984526CB8AA482C6401D26785A2B7C9C93B2FDF44EF47F1CA0F3878164DA437F429C54F70C62ACCB010280073F8BFBDEB40AF95AAD4AD8CBC8CAFF03E0F7F7
E: 65537
D: 03715551CFC29FF3E4785AAB3A9F1D278CF1ABFF50B00587F84A47E3D480D1588C8C5A1F5D0E4EF33999F2C659623E49AE8B3D115CB6393D69E8D9441D30D4E0F44FB9EF2971908DA505723A200EA6E42192B41B7C94F6ECB6E3C9648E7B8BD0D9B9A932B9AB92C8E4111682D48F1AD43F80AED716106E0514AE6778F1D6A801

4.在Java代码中,我先通过上面的Modulus和Exponent来生成RSA公私钥。然后使用RSA、ECB、OAEPwithSHA256andMGF1Padding的方式对16字节的数据进行加密。最后对结果再用相同的方式解密。可是解密时报出异常,异常内容:javax.crypto.BadPaddingException: Decryption error。
4-1.我自己用其他软件来生成密钥对,带入Java代码中运算,就没有出现这个问题,原始数据和加密解密后数据也匹配。
4-2.我在Java代码中,使用KeyPair keyPair = keyPairGenerator.generateKeyPair()这个方式,通过Java来生成密钥对,再做运算,也不会出错,原始数据和加密解密后数据也匹配。
4-3.我又在Openssl中生成2048的密钥,还是出问题,报同样的异常。


麻烦有经验的人能帮我分析一下问题大概有可能出在哪,多谢。

回复
阅读 3k
1 个回答

一般来说,私钥不只有d和n这两个参数,而是由n、e、d、p、q、dP、dQ、qInv这8个参数构成,参阅RSAPrivateCrtKeySpec

宣传栏