[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] // RSACipher.doFinal() can't encrypt some byte[]???



Hi, all: ^__^
 
This is a very simple program I write, and it executes correctly.
 
It generates a serialziable object, write the object to a byte[], and encrypt the array.
 
Then decrypt the array, and deserialziable the object.
 
----------------------------------------------
 
import java.io.*;
import java.security.*;
import java.security.cert.*;
import java.security.interfaces.*;
import javax.crypto.*;
import javax.crypto.spec.*;
 
import iaik.security.provider.IAIK;
 
public class Test
{
 public static void main(String[] args)
 {
  // user ID and password int the key store
  String ID = "1";
  String passwd = "orderpass";
 
  // key store password
  String keyStorePasswd = "password";

  try
  {
   // start to loading key store
   KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
   String keyFile = System.getProperty("user.home") + File.separator + ".keystore";
   FileInputStream fis = new FileInputStream(keyFile);
 
   // convert key store password from String to char[]
   char[] pass = new char[keyStorePasswd.length()]; 
   keyStorePasswd.getChars(0, keyStorePasswd.length(), pass, 0);   
   ks.load(fis, pass);
   
   // convert user password from String to char[]
   pass = new char[passwd.length()]; 
   passwd.getChars(0, passwd.length(), pass, 0);  
   
   // convert Sun private key to IAIK private key
   java.security.interfaces.RSAPrivateKey prk = (java.security.interfaces.RSAPrivateKey)ks.getKey(ID, pass);  
   iaik.security.rsa.RSAPrivateKey prk1 = new iaik.security.rsa.RSAPrivateKey(prk.getModulus(), prk.getPrivateExponent());   
    
   // convert Sun public key to IAIK public key
   java.security.cert.Certificate cert = ks.getCertificate(ID);
   java.security.interfaces.RSAPublicKey puk = (java.security.interfaces.RSAPublicKey)cert.getPublicKey();   
   iaik.security.rsa.RSAPublicKey puk1 = new iaik.security.rsa.RSAPublicKey(puk.getModulus(), puk.getPublicExponent());  
   
   
// start to encrypt (use public key)
   IAIK.addAsProvider(false);
   Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding", "IAIK");
   c.init(Cipher.ENCRYPT_MODE, puk1);
   
   // generate a serialziable object
   Integer n = new Integer(100);
   
   // write the serialziable object into a byte[] array
   ByteArrayOutputStream bao = new ByteArrayOutputStream();
   ObjectOutputStream oos = new ObjectOutputStream(bao);
   oos.writeObject(n);
     
   // get the array
   byte[] buf1 = bao.toByteArray();
   
// encrypt the array
   byte[] buf = c.doFinal(buf1);
 
   // start to decrypt (use private key)
   c.init(Cipher.DECRYPT_MODE, prk1);
   
// decrypt the encrypted array
   buf1 = c.doFinal(buf);
   
   
// recover the serialziable object from the decrypted array
   ByteArrayInputStream bio = new ByteArrayInputStream(buf1);
   ObjectInputStream ois = new ObjectInputStream(bio); 
   n = (Integer)ois.readObject();
   
   // show the serialziable object
   System.err.println(n);   
  }
  catch(Exception e)
  {
   System.err.println(e);
   e.printStackTrace();
  }
 }
}
 
------------------------------------------------------------------
When I create a serialziable object such as "Integer", the program runs correctly.
 
 
Condition 1 (PKCS1Padding + complex object):
If I replace "Integer" with "BigInteger", or other more complex serialziable object,
there will be an Exception:
 
javax.crypto.BadPaddingException: PKCS#1 requires data at least 11 bytes shorter
 than the modulus!
javax.crypto.BadPaddingException: PKCS#1 requires data at least 11 bytes shorter
 than the modulus!
        at iaik.pkcs.pkcs1.RSACipher.b(Unknown Source)
        at iaik.pkcs.pkcs1.RSACipher.engineDoFinal(Unknown Source)
        at javax.crypto.Cipher.doFinal(Unknown Source)
        at Test.main(Test.java:58)
 
I can't understand what the exception means...
Does RSACipher.dofinal(byte[]) have some restrictions on the byte array???
 
 
 
Condition 2(NoPadding + complex object):
If I use Cipher c = Cipher.getInstance("RSA/ECB/NoPadding", "IAIK") and complex object such as "BugInter", then the the BadPaddingException will disappear but a exception appears:
 
java.io.StreamCorruptedException: InputStream does not contain a serialized obje
ct
java.io.StreamCorruptedException: InputStream does not contain a serialized obje
ct
        at java.io.ObjectInputStream.readStreamHeader(Unknown Source)
        at java.io.ObjectInputStream.<init>(Unknown Source)
        at Test1.main(Test1.java:67)
 
 
Condition 3(PKCS1Padding + simple object):
If I use a simple object such as "Integer", there will be no exception!!!
 
Condition 4(NoPadding + simple object):
If I use a simple object such as "Integer", there will be no exception!!!
 
Condition 5(Use DESCipher + complex object):
If I use DESCipher, there will be no exception!!!
 
Why complex object will let the RSACipher fails????
 
In condition 1 and 2:
I find that the plain text byte array size is larger then cipher text byte array!!! (so strange~)
 
In condition 3 and 4:
I find that the plain text byte array size is less then cipher text byte array!!! (normal)
 
 
Please help me~~~
 
Thank you and happy new year!
 
 
Frank