2

如果我的整个代码都在一个方法中,我的应用程序就可以正常工作。但是当它以不同的方法,在不同的时间执行时,就会InvalidCipherTextException: Data hash wrong发生。我猜这个错误可能是因为填充,但不确定。

加密数据的功能(公钥在证书中):

public byte[] Encrypt(byte[] data)
{
  byte[] bCertificate = Value;
  //Get Public Key from the certificate
  X509CertImpl x509Cert = new X509CertImpl(bCertificate);
  PublicKey publicKey = x509Cert.getPublicKey();
  RSAPublicKey rsaPublickey = (RSAPublicKey) publicKey;

  byte[] cipher = new byte[256];
  byte[] paddingData = new byte[]{(byte) 0x9a, (byte) 0x72, (byte) 0x7f, 
      (byte)0x3b, (byte) 0xe4, (byte) 0x9d, (byte) 0x47, (byte) 0x03, 
      (byte) 0x2f, (byte) 0x15,(byte) 0x5f, (byte) 0x2f, (byte) 0x8f, 
      (byte) 0xc0, (byte) 0xf4, (byte) 0x39};

  byte[] tempData = null;

  AsymmetricBlockCipher eAsymmetricBlockCipher = new OAEPEncoding(
      new RSAEngine(), new SHA256Digest(), paddingData);
  BigInteger eModulus = new BigInteger(1, rsaPublickey.getModulus()
      .toByteArray());
  BigInteger eExponent = new BigInteger("1", 16);
  RSAKeyParameters rsaKeyParams = new RSAKeyParameters(false, eModulus, 
      eExponent);

  eAsymmetricBlockCipher.init(true, rsaKeyParams);
  tempData = eAsymmetricBlockCipher.processBlock(data, 0, data.length);            

  Cipher encryptionCipher = Cipher.getInstance("RSA/ECB/NoPadding");
  encryptionCipher.init(Cipher.ENCRYPT_MODE, publicKey);
  cipher = encryptionCipher.doFinal(tempData );

  return cipher;
}

解密函数(私钥在 PKCS11 智能卡令牌中):

public byte[] Decrypt(byte[] cipher)
{
  byte[] paddingData = new byte[]{(byte) 0x9a, (byte) 0x72, (byte) 0x7f, 
      (byte)0x3b, (byte) 0xe4, (byte) 0x9d, (byte) 0x47, (byte) 0x03, 
      (byte) 0x2f, (byte) 0x15,(byte) 0x5f, (byte) 0x2f, (byte) 0x8f, 
      (byte) 0xc0, (byte) 0xf4, (byte) 0x39};
  CK_ATTRIBUTE[] privateKeyAttributes = new CK_ATTRIBUTE[2];
  privateKeyAttributes[0] = new CK_ATTRIBUTE();
  privateKeyAttributes[0].type = PKCS11Constants.CKA_CLASS;
  privateKeyAttributes[0].pValue = PKCS11Constants.CKO_PRIVATE_KEY;

  privateKeyAttributes[1] = new CK_ATTRIBUTE();
  privateKeyAttributes[1].type = PKCS11Constants.CKA_KEY_TYPE;
  privateKeyAttributes[1].pValue = PKCS11Constants.CKK_RSA;

  long hRsaPrivateKey = 0;
  pkcs11.C_FindObjectsInit(session, privateKeyAttributes);
  hRsaPrivateKey = pkcs11.C_FindObjects(session, 1)[0];
  pkcs11.C_FindObjectsFinal(session);

  CK_MECHANISM decryptionMechanism = new CK_MECHANISM();
  decryptionMechanism.mechanism = PKCS11Constants.CKM_RSA_X_509;
  decryptionMechanism.pParameter = null;

  pkcs11.C_DecryptInit(session, decryptionMechanism, hRsaPrivateKey);
  byte[] decryptedData = new byte[256];
  int rv = pkcs11.C_Decrypt(session, cipher, 0, cipher.length, decryptedData, 
      0, 256);

  AsymmetricBlockCipher dAsymmetricBlockCipher = new OAEPEncoding(
      new RSAEngine(), new SHA256Digest(), paddingData);
  BigInteger dModulus = new BigInteger(1, 
      (byte[]) privateKeyAttributeModulus[0].pValue);
  BigInteger dExponent = new BigInteger("1", 16);
  rsaKeyParams = new RSAKeyParameters(true, dModulus, dExponent);

  dAsymmetricBlockCipher.init(false, rsaKeyParams);
  byte[] data = dAsymmetricBlockCipher.processBlock(decryptedData, 0, 
      decryptedData.length);

  return data;
}
4

0 回答 0