java RSA分块加密尝试（仅仅做记录，可作为参考）

来源：互联网发布：淘宝l签用护照直飞香港编辑：程序博客网时间：2024/06/07 03:31

我们知道RSA加密算法输入和输出是有限制。

输入的大小可以用：cipher.getBlockSize()得到

输出的大小可以用：cipher.getOutputSize(blockSize)得到

当我们加密一个很长的明文时如果不采用分块加密就会报错（javax.crypto.IllegalBlockSizeException）

思想：将明文变成字节数组然后用blockSize分块，然后分别对每一块加密。加密也是一样的。

明文，公钥，私钥：

/** * 明文（需要加密） */private static String text = "好烦好地方和返回的后方可发发发给发货单福扩若普服判接发反馈就饿哦IE热偶噶jjq983439"+"丰厚的合法化我好烦好地方和丰厚的合货单福扩若普服判接发反馈就饿哦IE热偶噶jjq货单福扩若普服判接发反馈就饿哦IE热法化我"+ "好烦好地方和丰厚的合法化我好烦烦a烦好嵌入如何分解可否请地方和丰厚的合法化青浦人加固加固就怕热物品如亲人解放军我好烦好"+ "好地方和丰厚的合法化我好烦烦a烦好地方和丰厚的合法化我89300如今近几年你发啪啪酒精发酵覅额前偏热和日经发局啪啪啪好烦"+ "好好地方和丰厚的合法化我好烦烦a烦好地方和丰厚的合法化我好烦好近几年你发啪啪酒精发酵近几年你发啪啪酒精发酵方法方法所地"+"abfdbfjjfjejrjerjjjfjgj%$%$#%@%减肥减肥打电话方法开发解放军解放军解放军（（）——（***————————————";/** * 公钥（用来加密） */private static String base64Key_public = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpv"+ "c7rMFV21naBBVQ7cB4RnKntHquDJzWDaIMoUFwCfpX1pVVX1ut/ry+IZQDkvVk4MHA"+ "rXpelcufmCGix8eznE6a3KOIhxnXjt7mMXu6296vKdndQdEJd0"+ "V1g5A/L4G2Xq8+tawfH0p+q1hd3qpi4CRN3Ya7E756yOHmnlI+ObQIDAQAB";/** * 私钥(用来解密) */private static String base64Key_private = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwg"+ "gJcAgEAAoGBAOm9zuswVXbWdoEFVDtwHhGcqe0eq4MnNYNogyhQXAJ+lfWlVVfW63+vL4h"+ "lAOS9WTgwcCtel6Vy5+YIaLHx7OcTprco4iHGdeO3uYxe7rb3q8p2d1B0Ql3RXWDkD8vgbZ"+ "erz61rB8fSn6rWF3eqmLgJE3dhrsTvnrI4eaeUj45tAgMBAAECgYBEtiT5M1y0UghFFk10KZn"+ "VQJIdYAo4RFLxXcxMkg7yNscbjq4/Y7EX+GZHOLXiCB2NrIOU5Do9C0HLeAZa5QzoMx9ac/E4K1"+ "aTTTM8RemMOd7xBbIFA7yWZkxpB5ZbX3UZXpyYuFzjhRXhnfjceZhAw9ohEYdhECtIsPfY1Mr6W"+ "wJBAPnEbziM+w//slx4tC7mo5i46dpRZApBT9CoNasKsL/VxG8NHqsG3mTLR6fmE/un9KNs1+qUPv"+ "q6zUmO0l4h1BsCQQDvkv9E+ZNSSyGUdtxOEJdogCZzKtm9tDHxEfsuFCsfNHCZAyw6Bp0rZcg0VQ/N"+ "reL5gFCNZs1EGh4pTeXH6IAXAkEA1yTBuTCXQpy6grTmYFADM5Z0ub3KMps3qUB7mi3HOjdk0VO3yxJ"+ "Llv8TZijlpaxzKiKjikjQRyGJm4cO5k61aQJAEo8rsVc4P3bMiijPFkkYwaKz19Yo+hY8jDVdZQtw7"+ "8DrPB9PzMr4YAVJhixUxhVDcRqsotek7TKsxXxgYaU0TwJALk0+oMphVfdbyuoYtfVr4+LtFRSSxlyL"+ "QePR9igJbaB4oKFVI6m5eD2eg45HDnXl2G9hrXmqbShHERKuN1pqzQ==";

分块加密的方法：

/** * 分块加密的方法 */private static void rsaEncrypt() {try {Security.addProvider(new BouncyCastleProvider());byte[] bytes = Base64.getDecoder().decode(base64Key_public);X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(bytes);KeyFactory keyFactory = KeyFactory.getInstance("RSA");PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");cipher.init(Cipher.ENCRYPT_MODE, publicKey);int blockSize = cipher.getBlockSize();byte[] encryptBytes = text.getBytes("utf-8");int encryptSize = encryptBytes.length;float a = (float) (encryptSize*1.0/blockSize);ByteBuffer encryptBuff;if ((a>(int)a)) {encryptBuff = ByteBuffer.allocate(((int)a+1)*cipher.getOutputSize(blockSize));}else{encryptBuff = ByteBuffer.allocate(((int)a)*cipher.getOutputSize(blockSize));}if(encryptSize<=blockSize){byte[] result = cipher.doFinal(encryptBytes);encryptBuff.put(result);}else{ByteBuffer buff = ByteBuffer.allocate(encryptBytes.length);buff.put(encryptBytes);buff.flip();while (buff.remaining()>=blockSize) {byte[] buffbyte = new byte[blockSize];buff.get(buffbyte);byte[] result = cipher.doFinal(buffbyte);encryptBuff.put(result);}if (buff.remaining()>0) {byte[] buffbyte = new byte[buff.remaining()];buff.get(buffbyte);byte[] result = cipher.doFinal(buffbyte);encryptBuff.put(result);}}encryptBuff.flip();int limit = encryptBuff.limit();byte[] resultbuff= new byte[limit];encryptBuff.get(resultbuff);rsaDecrypt(resultbuff);} catch (Exception e) {e.printStackTrace();}}

分块解密的方法：

/** * 分块解密的方法 * @param bytes */private static void rsaDecrypt(byte[] bytes){try {Security.addProvider(new BouncyCastleProvider());byte[] bytes_private = Base64.getDecoder().decode(base64Key_private);PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(bytes_private);KeyFactory keyFactory1 = KeyFactory.getInstance("RSA");PrivateKey privateKey = keyFactory1.generatePrivate(pkcs8EncodedKeySpec);Cipher cipher1 = Cipher.getInstance("RSA/NONE/PKCS1Padding");cipher1.init(Cipher.DECRYPT_MODE, privateKey);int blockSize = cipher1.getBlockSize();int decryptSize = bytes.length;StringBuilder sb = new StringBuilder();if(decryptSize<=blockSize){byte[] re = cipher1.doFinal(bytes);sb.append(new String(re,"utf-8"));}else{ByteBuffer buff = ByteBuffer.allocate(bytes.length);buff.put(bytes);buff.flip();while (buff.remaining()>=blockSize) {byte[] buffbyte = new byte[blockSize];buff.get(buffbyte);byte[] result = cipher1.doFinal(buffbyte);sb.append(new String(result,"utf-8"));}if(buff.remaining()>0){byte[] buffbyte = new byte[buff.remaining()];buff.get(buffbyte);byte[] result = cipher1.doFinal(buffbyte);sb.append(new String(result,"utf-8"));}}System.out.println("明文："+sb.toString());} catch (Exception e) {e.printStackTrace();} }

之所以选择ByteBuffer作为操作的对象，是因为ByteBuffer的方法更多更灵活,对ByteBuffer不太熟悉的同学，可以查看 Java IO 模型这篇文章

上面的方法运行肯定是没有问题。（由于jdk不知道不支持NONE工作模式，需要导入bouncyCastle）。

但是呢？有一个很大的问题，我们看看doc

getBlockSize
```
public final int getBlockSize()
```
Returns the block size (in bytes).
Returns:
the block size (in bytes), or 0 if the underlying algorithm is not a block cipher

它有可能返回0呢！返回的时候那就坑爹，整个就挂掉了。

所以呢？上面方法比较不靠谱。

解决方法：

首先了解几个概念：

密钥：由于RSA密钥是（公钥+模值）、（私钥+模值）分组分发的，单独给对方一个公钥或私钥是没有任何用处，所以我们说的“密钥”其实是它们两者中的其中一组。

密钥长度：指密钥的模值的位长度。

明文长度：理论上是0<明文长度<密钥长度，但是由于明文如果小于密钥长度了，会进行padding，而PKCS#1建议的padding就占用了11个字节，那么我们流出padding的字节数。实际上0<明文长度<密钥长度-11.

密文长度：加密后的密文位长跟密钥的位长度是相同的。

现在明文长度和密文长度都清楚了，那么更改上面的方法：

分块加密方法：

/** * 分段加密的方法 */private static byte[] rsaEncrypt(Cipher cipher, BigInteger modulus,String text) {try { int blockSize = modulus.bitLength()/8-11;;//cipher.getBlockSize();System.out.println("blockSize:"+blockSize);byte[] encryptBytes = text.getBytes("utf-8");int encryptSize = encryptBytes.length;float a = (float) (encryptSize * 1.0 / blockSize);ByteBuffer encryptBuff;if ((a > (int) a)) {encryptBuff = ByteBuffer.allocate(((int) a + 1) * cipher.getOutputSize(blockSize));} else {encryptBuff = ByteBuffer.allocate(((int) a) * cipher.getOutputSize(blockSize));}if (encryptSize <= blockSize) {byte[] result = cipher.doFinal(encryptBytes);encryptBuff.put(result);} else {ByteBuffer buff = ByteBuffer.allocate(encryptBytes.length);buff.put(encryptBytes);buff.flip();while (buff.remaining() >= blockSize) {byte[] buffbyte = new byte[blockSize];buff.get(buffbyte);byte[] result = cipher.doFinal(buffbyte);encryptBuff.put(result);}if (buff.remaining() > 0) {byte[] buffbyte = new byte[buff.remaining()];buff.get(buffbyte);byte[] result = cipher.doFinal(buffbyte);encryptBuff.put(result);}}encryptBuff.flip();int limit = encryptBuff.limit();byte[] resultbuff = new byte[limit];encryptBuff.get(resultbuff);return resultbuff;} catch (Exception e) {e.printStackTrace();}return null;}

分块解密方法：

/** * 分段解密的方法 *  * @param bytes */private static String rsaDecrypt(Cipher cipher1,BigInteger modulus,  byte[] bytes) {try {int blockSize = modulus.bitLength()/8;//cipher1.getBlockSize();System.out.println("blockSize:"+blockSize);int decryptSize = bytes.length;StringBuilder sb = new StringBuilder();if (decryptSize <= blockSize) {byte[] re = cipher1.doFinal(bytes);sb.append(new String(re, "utf-8"));} else {ByteBuffer buff = ByteBuffer.allocate(bytes.length);buff.put(bytes);buff.flip();while (buff.remaining() >= blockSize) {byte[] buffbyte = new byte[blockSize];buff.get(buffbyte);byte[] result = cipher1.doFinal(buffbyte);sb.append(new String(result, "utf-8"));}if (buff.remaining() > 0) {byte[] buffbyte = new byte[buff.remaining()];buff.get(buffbyte);byte[] result = cipher1.doFinal(buffbyte);sb.append(new String(result, "utf-8"));}}return sb.toString();} catch (Exception e) {e.printStackTrace();}return null;}

这里只是给出我自己的想法，不足之处还请指出

0 0