2

コード全体が 1 つのメソッド内にある場合、アプリケーションは正常に動作します。しかし、それが別の方法で、別の時間に実行されると、その後InvalidCipherTextException: Data hash wrong発生します。このエラーはパディングが原因である可能性があると思いますが、よくわかりません。

データを暗号化する機能 (公開鍵は証明書にあります):

public byte[] Encrypt(byte[] data)
{
  byte[] bCertificate = Value;
  //Get Public Key from the certificate
  X509CertImpl x509Cert = new X509CertImpl(bCertificate);
  PublicKey publicKey = x509Cert.getPublicKey();
  RSAPublicKey rsaPublickey = (RSAPublicKey) publicKey;

  byte[] cipher = new byte[256];
  byte[] paddingData = new byte[]{(byte) 0x9a, (byte) 0x72, (byte) 0x7f, 
      (byte)0x3b, (byte) 0xe4, (byte) 0x9d, (byte) 0x47, (byte) 0x03, 
      (byte) 0x2f, (byte) 0x15,(byte) 0x5f, (byte) 0x2f, (byte) 0x8f, 
      (byte) 0xc0, (byte) 0xf4, (byte) 0x39};

  byte[] tempData = null;

  AsymmetricBlockCipher eAsymmetricBlockCipher = new OAEPEncoding(
      new RSAEngine(), new SHA256Digest(), paddingData);
  BigInteger eModulus = new BigInteger(1, rsaPublickey.getModulus()
      .toByteArray());
  BigInteger eExponent = new BigInteger("1", 16);
  RSAKeyParameters rsaKeyParams = new RSAKeyParameters(false, eModulus, 
      eExponent);

  eAsymmetricBlockCipher.init(true, rsaKeyParams);
  tempData = eAsymmetricBlockCipher.processBlock(data, 0, data.length);            

  Cipher encryptionCipher = Cipher.getInstance("RSA/ECB/NoPadding");
  encryptionCipher.init(Cipher.ENCRYPT_MODE, publicKey);
  cipher = encryptionCipher.doFinal(tempData );

  return cipher;
}

復号化する関数 (秘密鍵は PKCS11 スマートカード トークンにあります):

public byte[] Decrypt(byte[] cipher)
{
  byte[] paddingData = new byte[]{(byte) 0x9a, (byte) 0x72, (byte) 0x7f, 
      (byte)0x3b, (byte) 0xe4, (byte) 0x9d, (byte) 0x47, (byte) 0x03, 
      (byte) 0x2f, (byte) 0x15,(byte) 0x5f, (byte) 0x2f, (byte) 0x8f, 
      (byte) 0xc0, (byte) 0xf4, (byte) 0x39};
  CK_ATTRIBUTE[] privateKeyAttributes = new CK_ATTRIBUTE[2];
  privateKeyAttributes[0] = new CK_ATTRIBUTE();
  privateKeyAttributes[0].type = PKCS11Constants.CKA_CLASS;
  privateKeyAttributes[0].pValue = PKCS11Constants.CKO_PRIVATE_KEY;

  privateKeyAttributes[1] = new CK_ATTRIBUTE();
  privateKeyAttributes[1].type = PKCS11Constants.CKA_KEY_TYPE;
  privateKeyAttributes[1].pValue = PKCS11Constants.CKK_RSA;

  long hRsaPrivateKey = 0;
  pkcs11.C_FindObjectsInit(session, privateKeyAttributes);
  hRsaPrivateKey = pkcs11.C_FindObjects(session, 1)[0];
  pkcs11.C_FindObjectsFinal(session);

  CK_MECHANISM decryptionMechanism = new CK_MECHANISM();
  decryptionMechanism.mechanism = PKCS11Constants.CKM_RSA_X_509;
  decryptionMechanism.pParameter = null;

  pkcs11.C_DecryptInit(session, decryptionMechanism, hRsaPrivateKey);
  byte[] decryptedData = new byte[256];
  int rv = pkcs11.C_Decrypt(session, cipher, 0, cipher.length, decryptedData, 
      0, 256);

  AsymmetricBlockCipher dAsymmetricBlockCipher = new OAEPEncoding(
      new RSAEngine(), new SHA256Digest(), paddingData);
  BigInteger dModulus = new BigInteger(1, 
      (byte[]) privateKeyAttributeModulus[0].pValue);
  BigInteger dExponent = new BigInteger("1", 16);
  rsaKeyParams = new RSAKeyParameters(true, dModulus, dExponent);

  dAsymmetricBlockCipher.init(false, rsaKeyParams);
  byte[] data = dAsymmetricBlockCipher.processBlock(decryptedData, 0, 
      decryptedData.length);

  return data;
}
4

0 に答える 0