我正在开发一个对字符串执行加密的 OSGi 插件(捆绑包)。字符串本身使用 AES 加密。我正在使用 RSA 加密 AES 密钥。在我的单元测试中一切正常。
当我将插件部署到 Karaf 中时(目前还没有尝试任何其他 OSGi 容器),加密密钥的结果是一堆零字节,最后一个字节。没有抛出异常。一切看起来都很正常,除了当我使用调试器时,我发现 RSA 公钥密码正在使用公共指数的值为零的密钥规范。这显然没有意义,输出主要为零也不足为奇。
谁能建议为什么会发生这种情况?
添加一些代码片段:
public static Cipher createRsaCipher(final boolean keyTypePublic, final int mode, final KeySpec keySpec) throws GeneralSecurityException
{
final KeyFactory kfpri = KeyFactory.getInstance(RSA);
final Cipher result = Cipher.getInstance(RSA);
result.init(mode, keyTypePublic ? kfpri.generatePublic(keySpec) : kfpri.generatePrivate(keySpec));
return result;
}
private static Cipher createPublicKeyEncryptionCipher(final URL key) throws IOException, GeneralSecurityException {
try (InputStream stream = key.openStream()) {
final byte[] encodedKey = readPublicKeyBytes(stream);
final X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(encodedKey);
return CipherFactory.createRsaCipher(true, Cipher.ENCRYPT_MODE, publicKeySpec);
}
}
private static byte[] encrypt(final byte[] source, Cipher cipher) throws GeneralSecurityException {
final int bytes = source.length;
final int outputSize = cipher.getOutputSize(bytes);
final byte[] buffer = new byte[outputSize];
int resultLength = 0;
final int n = cipher.doFinal(source, 0, bytes, buffer, 0);
resultLength += n;
final byte[] result = new byte[resultLength];
System.arraycopy(buffer, 0, result, 0, resultLength);
return result;
}
openssl rsa -in private.pem -pubout -outform DER -out public.der
more private.pem
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA6LhJ1xCjo2mOMYO3Km5rk+1jpSUgeFLX296apNHgHVb7e9H/
.....etc...........
o6ZYdYg05ubEu+jRQkdudbA/7AXLwYOzGtzhla7ow5QhYcWtJEOwX4U=
-----END RSA PRIVATE KEY-----