今天在做RSA加密的时候遇到了一个这样的错误:ArrayIndexOutOfBoundsException: too much data for RSA block
查询相关资料后得知该错误是加密数据过长导致的。
加密数据长度 <= 模长-11
解决办法:将要加密的数据截取后分段加密
下面是关于RSA算法密钥长度/密文长度/明文长度的介绍
1.密钥长度
rsa算法初始化的时候一般要填入密钥长度,在96-1024bits间
(1)为啥下限是96bits(12bytes)?因为加密1byte的明文,需要至少1+11=12bytes的密钥(不懂?看下面的明文长度),低于下限96bits时,一个byte都加密不了,当然没意义啦
(2)为啥上限是1024(128bytes)?这是算法本身决定的...当然如果某天网上出现了支持2048bits长的密钥的rsa算法时,你当我废话吧
2.明文长度
明文长度(bytes) <= 密钥长度(bytes)-11.这样的话,对于上限密钥长度1024bits能加密的明文上限就是117bytes了.
这个规定很狗血,所以就出现了分片加密,网上很流行这个版本.很简单,如果明文长度大于那个最大明文长度了,我就分片吧,保证每片都别超过那个值就是了.
片数=(明文长度(bytes)/(密钥长度(bytes)-11))的整数部分+1,就是不满一片的按一片算
3.密文长度
对,就是这个充满了谣言,都说密文长度为密钥长度的一半,经俺验证,密文长度等于密钥长度.当然这是不分片情况下的.
分片后,密文长度=密钥长度*片数
例如96bits的密钥,明文4bytes
每片明文长度=96/8-11=1byte,片数=4,密文长度=96/8*4=48bytes
又例如128bits的密钥,明文8bytes
每片明文长度=128/8-11=5bytes,片数=8/5取整+1=2,密文长度=128/8*2=32
注意,对于指定长度的明文,其密文长度与密钥长度非正比关系.如4bytes的明文,在最短密钥96bites是,密文长度48bytes,128bits米密钥时,密文长度为16bytes,1024bits密钥时,密文长度128bytes.
因为分片越多,密文长度显然会变大,所以有人说,那就一直用1024bits的密钥吧...拜托,现在的机器算1024bits的密钥还是要点时间滴,别以为你的cpu很牛逼...那么选个什么值比较合适呢?个人认为是600bits,因为我们对于一个字符串的加密,一般不是直接加密,而是将字符串hash 后,对hash值加密.现在的hash值一般都是4bytes,很少有8bytes,几十年内应该也不会超过64bytes.那就用64bytes算吧, 密钥长度就是(64+11)*8=600bits了.
用开源rsa算法的时候,还要注意,那个年代的人把long当4bytes用,如今放在64位的机器上,就会死循环啊多悲催....因为有个循环里让一个4bytes做递减....64位机上long是8bytes,这个循环进去后个把小时都出不来....所以要注意下哦....同理对于所有年代久远的开源库都得注意下...
- public static void main(String[] args) throws Exception {
- // TODO Auto-generated method stub
- HashMap<String, Object> map = RSAUtils.getKeys();
- //生成公钥和私钥
- RSAPublicKey publicKey = (RSAPublicKey) map.get("public");
- RSAPrivateKey privateKey = (RSAPrivateKey) map.get("private");
- //模
- String modulus = publicKey.getModulus().toString();
- //公钥指数
- String public_exponent = publicKey.getPublicExponent().toString();
- //私钥指数
- String private_exponent = privateKey.getPrivateExponent().toString();
- //明文
- String ming = "123456789";
- //使用模和指数生成公钥和私钥
- RSAPublicKey pubKey = RSAUtils.getPublicKey(modulus, public_exponent);
- RSAPrivateKey priKey = RSAUtils.getPrivateKey(modulus, private_exponent);
- //加密后的密文
- String mi = RSAUtils.encryptByPublicKey(ming, pubKey);
- System.err.println(mi);
- //解密后的明文
- ming = RSAUtils.decryptByPrivateKey(mi, priKey);
- System.err.println(ming);
- }
RSAUtils.Java
- package yyy.test.rsa;
- import java.math.BigInteger;
- import java.security.KeyFactory;
- import java.security.KeyPair;
- import java.security.KeyPairGenerator;
- import java.security.NoSuchAlgorithmException;
- import java.security.interfaces.RSAPrivateKey;
- import java.security.interfaces.RSAPublicKey;
- import java.security.spec.RSAPrivateKeySpec;
- import java.security.spec.RSAPublicKeySpec;
- import java.util.HashMap;
- import javax.crypto.Cipher;
- public class RSAUtils {
- /**
- * 生成公钥和私钥
- * @throws NoSuchAlgorithmException
- *
- */
- public static HashMap<String, Object> getKeys() throws NoSuchAlgorithmException{
- HashMap<String, Object> map = new HashMap<String, Object>();
- KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
- keyPairGen.initialize(1024);
- KeyPair keyPair = keyPairGen.generateKeyPair();
- RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
- RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
- map.put("public", publicKey);
- map.put("private", privateKey);
- return map;
- }
- /**
- * 使用模和指数生成RSA公钥
- * 注意:【此代码用了默认补位方式,为RSA/None/PKCS1Padding,不同JDK默认的补位方式可能不同,如Android默认是RSA
- * /None/NoPadding】
- *
- * @param modulus
- * 模
- * @param exponent
- * 指数
- * @return
- */
- public static RSAPublicKey getPublicKey(String modulus, String exponent) {
- try {
- BigInteger b1 = new BigInteger(modulus);
- BigInteger b2 = new BigInteger(exponent);
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
- RSAPublicKeySpec keySpec = new RSAPublicKeySpec(b1, b2);
- return (RSAPublicKey) keyFactory.generatePublic(keySpec);
- } catch (Exception e) {
- e.printStackTrace();
- return null;
- }
- }
- /**
- * 使用模和指数生成RSA私钥
- * 注意:【此代码用了默认补位方式,为RSA/None/PKCS1Padding,不同JDK默认的补位方式可能不同,如Android默认是RSA
- * /None/NoPadding】
- *
- * @param modulus
- * 模
- * @param exponent
- * 指数
- * @return
- */
- public static RSAPrivateKey getPrivateKey(String modulus, String exponent) {
- try {
- BigInteger b1 = new BigInteger(modulus);
- BigInteger b2 = new BigInteger(exponent);
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
- RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec(b1, b2);
- return (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
- } catch (Exception e) {
- e.printStackTrace();
- return null;
- }
- }
- /**
- * 公钥加密
- *
- * @param data
- * @param publicKey
- * @return
- * @throws Exception
- */
- public static String encryptByPublicKey(String data, RSAPublicKey publicKey)
- throws Exception {
- Cipher cipher = Cipher.getInstance("RSA");
- cipher.init(Cipher.ENCRYPT_MODE, publicKey);
- // 模长
- int key_len = publicKey.getModulus().bitLength() / 8;
- // 加密数据长度 <= 模长-11
- String[] datas = splitString(data, key_len - 11);
- String mi = "";
- //如果明文长度大于模长-11则要分组加密
- for (String s : datas) {
- mi += bcd2Str(cipher.doFinal(s.getBytes()));
- }
- return mi;
- }
- /**
- * 私钥解密
- *
- * @param data
- * @param privateKey
- * @return
- * @throws Exception
- */
- public static String decryptByPrivateKey(String data, RSAPrivateKey privateKey)
- throws Exception {
- Cipher cipher = Cipher.getInstance("RSA");
- cipher.init(Cipher.DECRYPT_MODE, privateKey);
- //模长
- int key_len = privateKey.getModulus().bitLength() / 8;
- byte[] bytes = data.getBytes();
- byte[] bcd = ASCII_To_BCD(bytes, bytes.length);
- System.err.println(bcd.length);
- //如果密文长度大于模长则要分组解密
- String ming = "";
- byte[][] arrays = splitArray(bcd, key_len);
- for(byte[] arr : arrays){
- ming += new String(cipher.doFinal(arr));
- }
- return ming;
- }
- /**
- * ASCII码转BCD码
- *
- */
- public static byte[] ASCII_To_BCD(byte[] ascii, int asc_len) {
- byte[] bcd = new byte[asc_len / 2];
- int j = 0;
- for (int i = 0; i < (asc_len + 1) / 2; i++) {
- bcd[i] = asc_to_bcd(ascii[j++]);
- bcd[i] = (byte) (((j >= asc_len) ? 0x00 : asc_to_bcd(ascii[j++])) + (bcd[i] << 4));
- }
- return bcd;
- }
- public static byte asc_to_bcd(byte asc) {
- byte bcd;
- if ((asc >= '0') && (asc <= '9'))
- bcd = (byte) (asc - '0');
- else if ((asc >= 'A') && (asc <= 'F'))
- bcd = (byte) (asc - 'A' + 10);
- else if ((asc >= 'a') && (asc <= 'f'))
- bcd = (byte) (asc - 'a' + 10);
- else
- bcd = (byte) (asc - 48);
- return bcd;
- }
- /**
- * BCD转字符串
- */
- public static String bcd2Str(byte[] bytes) {
- char temp[] = new char[bytes.length * 2], val;
- for (int i = 0; i < bytes.length; i++) {
- val = (char) (((bytes[i] & 0xf0) >> 4) & 0x0f);
- temp[i * 2] = (char) (val > 9 ? val + 'A' - 10 : val + '0');
- val = (char) (bytes[i] & 0x0f);
- temp[i * 2 + 1] = (char) (val > 9 ? val + 'A' - 10 : val + '0');
- }
- return new String(temp);
- }
- /**
- * 拆分字符串
- */
- public static String[] splitString(String string, int len) {
- int x = string.length() / len;
- int y = string.length() % len;
- int z = 0;
- if (y != 0) {
- z = 1;
- }
- String[] strings = new String[x + z];
- String str = "";
- for (int i=0; i<x+z; i++) {
- if (i==x+z-1 && y!=0) {
- str = string.substring(i*len, i*len+y);
- }else{
- str = string.substring(i*len, i*len+len);
- }
- strings[i] = str;
- }
- return strings;
- }
- /**
- *拆分数组
- */
- public static byte[][] splitArray(byte[] data,int len){
- int x = data.length / len;
- int y = data.length % len;
- int z = 0;
- if(y!=0){
- z = 1;
- }
- byte[][] arrays = new byte[x+z][];
- byte[] arr;
- for(int i=0; i<x+z; i++){
- arr = new byte[len];
- if(i==x+z-1 && y!=0){
- System.arraycopy(data, i*len, arr, 0, y);
- }else{
- System.arraycopy(data, i*len, arr, 0, len);
- }
- arrays[i] = arr;
- }
- return arrays;
- }
- }
- java
- Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
- android
- Cipher cipher = Cipher.getInstance("RSA/ECB/NoPadding");
- 参考:
- http://stackoverflow.com/questions/6069369/rsa-encryption-difference-between-java-and-android
- http://stackoverflow.com/questions/2956647/rsa-encrypt-with-base64-encoded-public-key-in-android