Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/324.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 异常解包裹密钥:错误填充:解密错误_Java_Encryption_Jks - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 异常解包裹密钥:错误填充:解密错误

Java 异常解包裹密钥:错误填充:解密错误

java encryption

Java 异常解包裹密钥:错误填充:解密错误,java,encryption,jks,Java,Encryption,Jks,我正在尝试解密一个文件“test.txt.p7b”,该文件使用JKS中的证书进行加密 我在调试代码时收到此错误。如果有人能解释这一错误的原因,我将不胜感激。是我的钥匙出了问题还是我的代码出了问题(大多数情况下,我相信是的)。非常感谢 错误消息如下所示 Exception in thread "main" org.bouncycastle.cms.CMSException: exception unwrapping key: bad padding: Decryption error at

我正在尝试解密一个文件“test.txt.p7b”,该文件使用JKS中的证书进行加密

我在调试代码时收到此错误。如果有人能解释这一错误的原因,我将不胜感激。是我的钥匙出了问题还是我的代码出了问题(大多数情况下,我相信是的)。非常感谢

错误消息如下所示

Exception in thread "main" org.bouncycastle.cms.CMSException: exception unwrapping key: bad padding: Decryption error
    at org.bouncycastle.cms.jcajce.JceKeyTransRecipient.extractSecretKey(Unknown Source)
    at org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient.getRecipientOperator(Unknown Source)
    at org.bouncycastle.cms.KeyTransRecipientInformation.getRecipientOperator(Unknown Source)
    at org.bouncycastle.cms.RecipientInformation.getContentStream(Unknown Source)
    at org.bouncycastle.cms.RecipientInformation.getContent(Unknown Source)
    at TestingB.decryptData(TestingB.java:299)
    at TestingB.main(TestingB.java:161)
Caused by: org.bouncycastle.operator.OperatorException: bad padding: Decryption error
    at org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper.generateUnwrappedKey(Unknown Source)
    ... 7 more
Caused by: javax.crypto.BadPaddingException: Decryption error
    at sun.security.rsa.RSAPadding.unpadV15(Unknown Source)
    at sun.security.rsa.RSAPadding.unpad(Unknown Source)
    at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:363)
    at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:389)
    at javax.crypto.Cipher.doFinal(Cipher.java:2121)
    ... 8 more
这是我的解密代码

    FileInputStream fIn = new FileInputStream(_keyStorePath);
    KeyStore keystore = KeyStore.getInstance("JKS");
    keystore.load(fIn, _password);
    PrivateKey key = (PrivateKey) keystore.getKey("def","123456".toCharArray());
    fIn.close();


    File file = new File("C:\\1_Eclipse\\1_CS\\Encrypted\\test.txt.p7b");
    FileInputStream fileInputStream = new FileInputStream(file);
    byte[] encryptedAndSignedByte = new byte[(int)file.length()];
    fileInputStream.read(encryptedAndSignedByte);
    fileInputStream.close();


    X509Certificate cert9 = (X509Certificate) keystore.getCertificate("abc");
    KeyTransRecipientId recId = new JceKeyTransRecipientId(cert9.getIssuerX500Principal(), cert9.getSerialNumber());

    CMSEnvelopedData enveloped = new CMSEnvelopedData(encryptedAndSignedByte);
    RecipientInformationStore recipients = enveloped.getRecipientInfos();
    RecipientInformation recipient = recipients.get(recId);
    JceKeyTransEnvelopedRecipient ter = new JceKeyTransEnvelopedRecipient(key);
    ter.setContentProvider(BouncyCastleProvider.PROVIDER_NAME);
    System.out.println("content : " + recipient.getContent(ter));
从这里我看不出哪里出了问题,但错误发生在RSA私钥对对称密钥进行解密的过程中

CMS是一种容器格式。它包含一系列处理或封装数据的方法。如果您有一个封装容器,那么其中的数据不会直接用RSA公钥加密。而是使用随机对称密钥(通常称为数据密钥甚至会话密钥)对其进行加密。然后使用公钥对该对称密钥进行加密

RSA encryption首先填充数据,然后使用公共指数执行模幂运算。解密包括带私有指数的模幂运算和不加幂运算。现在,无论数据或指数的值是多少,模幂运算总是成功的。因此,如果数据或密钥无效,则填充异常是唯一的指示

由于容器中的数据可能是有效的(如果不是,您可能会看到解码错误),因此私钥更可能与公钥不匹配。它不排除CMS库的执行错误,但是如果CMS库被测试得很好,我会认为不太可能。

所以我会怀疑你的键值,而不是你的代码——当然,在读写你的键值的代码中也可能有错误

总之,我肯定会首先修复代码中的流处理。仅仅创建一个
encryptedAndSignedByte
缓冲区并调用
read
一次是非常幼稚的。如果修复了这个错误,请告诉我们。

我已经修改了代码,但同样的问题也发生了。我相信加密部分不会有任何问题

解密代码:

public static void decrypt(final InputStream is, OutputStream os, Key key, String providerName) throws Exception  {
        final InputStream bis = new BufferedInputStream(is, bufferSize);
        final OutputStream bos = new BufferedOutputStream(os, bufferSize);
        final Iterator  it = new CMSEnvelopedDataParser(bis).getRecipientInfos().getRecipients().iterator();
        if (it.hasNext()) {
            final RecipientInformation recipient = (RecipientInformation)it.next();
            JceKeyTransEnvelopedRecipient ter = new JceKeyTransEnvelopedRecipient((PrivateKey) key);
            final CMSTypedStream recData = recipient.getContentStream(ter);
            final InputStream ris = recData.getContentStream();
            fromInToOut(ris, bos);
        }
        os.close();
    }
在班上

new File("C:\\1_Eclipse\\1_CS\\Encrypted\\test_result.txt");
        FileOutputStream E_fileOuputStream = new FileOutputStream("C:\\1_Eclipse\\1_CS\\Encrypted\\test_result.txt"); 
        FileInputStream E_fileInputStream = new FileInputStream("C:\\1_Eclipse\\1_CS\\Encrypted\\test.txt.p7b"); 

        decrypt(E_fileInputStream,E_fileOuputStream,key,"BC");
我相信这个错误是由我解密的这一部分造成的

 final RecipientInformation recipient = (RecipientInformation)it.next();
            JceKeyTransEnvelopedRecipient ter = new JceKeyTransEnvelopedRecipient((PrivateKey) key);
            final CMSTypedStream recData = recipient.getContentStream(ter);
嗨,谢谢。我现在可以解密文件了。:)非常感谢。这是关键问题。我上面的代码看起来很好,很高兴你把它解决了,CSSC,别忘了接受答案。你知道,我完全错过了这个,因为它是作为一个答案发布的。不要将答案作为问题的后续行动。创建新答案或修改当前答案。