在 Java 中使用 .pfx 证书解密文件
Decrypt file using .pfx certificate in Java
我有一个 .pfx 文件和该文件的密码。
我想使用 Java 解密 RSA 加密文件。
基本上与此处 (c#) 相同的方法,但在 java 中:
这可能吗?
到目前为止我的方法:
byte[] file = Files.readAllBytes(Paths.get("C:/file.fileinfo"));
String pfxPassword = "pwd";
String keyAlias = "pvktmp:1ce254e5-4620-4abf-9a12-fbbda5b97fa0";
KeyStore keystore = KeyStore.getInstance("PKCS12");
keystore.load(new FileInputStream("/keystore.pfx"), pfxPassword.toCharArray());
PrivateKey key = (PrivateKey)keystore.getKey(keyAlias, pfxPassword.toCharArray());
Cipher cipher = Cipher.getInstance(key.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, key);
System.out.println(new String(cipher.doFinal(file)));
这会产生错误:
Exception in thread "main" javax.crypto.BadPaddingException: Decryption error
at sun.security.rsa.RSAPadding.unpadV15(RSAPadding.java:379)
at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:290)
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:365)
at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:391)
at javax.crypto.Cipher.doFinal(Cipher.java:2168)
很遗憾,您没有提供密钥库 *pfx 文件和加密文件,所以我不得不设置自己的文件。如果你喜欢 运行 我的例子和我的文件,你可以在这里得到它们:
https://github.com/java-crypto/Whosebug/tree/master/Decrypt_using_pfx_certificate_in_Java
您的源代码未在
中显示 inputStream 值
keystore.load(inputStream, pfxPassword.toCharArray());
并且我使用了keystore的直接加载:
keystore.load(new FileInputStream("keystore.pfx"), pfxPassword.toCharArray());
使用我的实现,我可以成功解密加密文件(“fileinfo”),控制台输出:
RSA decryption using a pfx keystore
The quick brown fox jumps over the lazy dog
回答您的问题:是的,可以使用 pfx-keystore 解密 RSA 加密文件。您在实现中看到的错误似乎导致用于加密的密钥(对)(证书中的 public 密钥)同时发生了变化,您正在尝试使用(可能是新生成的)解密) 其他私钥(具有相同的别名)。要检查这一点,您需要提供密钥库和加密文件...
这是我正在使用的实现(我刚刚编辑了 inputStream 行):
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.*;
import java.security.cert.CertificateException;
public class MainSo {
public static void main(String[] args) throws IOException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, CertificateException {
System.out.println("");
System.out.println("RSA decryption using a pfx keystore");
//byte[] file = Files.readAllBytes(Paths.get("C:/file.fileinfo"));
byte[] file = Files.readAllBytes(Paths.get("fileinfo"));
// password for keystore access and private key + certificate access
String pfxPassword = "pwd";
String keyAlias = "pvktmp:1ce254e5-4620-4abf-9a12-fbbda5b97fa0";
// load keystore
KeyStore keystore = KeyStore.getInstance("PKCS12");
//keystore.load(inputStream, pfxPassword.toCharArray());
keystore.load(new FileInputStream("keystore.pfx"), pfxPassword.toCharArray());
PrivateKey key = (PrivateKey) keystore.getKey(keyAlias, pfxPassword.toCharArray());
Cipher cipher = Cipher.getInstance(key.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, key);
System.out.println(new String(cipher.doFinal(file)));
}
}
我有一个 .pfx 文件和该文件的密码。
我想使用 Java 解密 RSA 加密文件。
基本上与此处 (c#) 相同的方法,但在 java 中:
这可能吗?
到目前为止我的方法:
byte[] file = Files.readAllBytes(Paths.get("C:/file.fileinfo"));
String pfxPassword = "pwd";
String keyAlias = "pvktmp:1ce254e5-4620-4abf-9a12-fbbda5b97fa0";
KeyStore keystore = KeyStore.getInstance("PKCS12");
keystore.load(new FileInputStream("/keystore.pfx"), pfxPassword.toCharArray());
PrivateKey key = (PrivateKey)keystore.getKey(keyAlias, pfxPassword.toCharArray());
Cipher cipher = Cipher.getInstance(key.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, key);
System.out.println(new String(cipher.doFinal(file)));
这会产生错误:
Exception in thread "main" javax.crypto.BadPaddingException: Decryption error
at sun.security.rsa.RSAPadding.unpadV15(RSAPadding.java:379)
at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:290)
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:365)
at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:391)
at javax.crypto.Cipher.doFinal(Cipher.java:2168)
很遗憾,您没有提供密钥库 *pfx 文件和加密文件,所以我不得不设置自己的文件。如果你喜欢 运行 我的例子和我的文件,你可以在这里得到它们:
https://github.com/java-crypto/Whosebug/tree/master/Decrypt_using_pfx_certificate_in_Java
您的源代码未在
中显示 inputStream 值keystore.load(inputStream, pfxPassword.toCharArray());
并且我使用了keystore的直接加载:
keystore.load(new FileInputStream("keystore.pfx"), pfxPassword.toCharArray());
使用我的实现,我可以成功解密加密文件(“fileinfo”),控制台输出:
RSA decryption using a pfx keystore
The quick brown fox jumps over the lazy dog
回答您的问题:是的,可以使用 pfx-keystore 解密 RSA 加密文件。您在实现中看到的错误似乎导致用于加密的密钥(对)(证书中的 public 密钥)同时发生了变化,您正在尝试使用(可能是新生成的)解密) 其他私钥(具有相同的别名)。要检查这一点,您需要提供密钥库和加密文件...
这是我正在使用的实现(我刚刚编辑了 inputStream 行):
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.*;
import java.security.cert.CertificateException;
public class MainSo {
public static void main(String[] args) throws IOException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, CertificateException {
System.out.println("");
System.out.println("RSA decryption using a pfx keystore");
//byte[] file = Files.readAllBytes(Paths.get("C:/file.fileinfo"));
byte[] file = Files.readAllBytes(Paths.get("fileinfo"));
// password for keystore access and private key + certificate access
String pfxPassword = "pwd";
String keyAlias = "pvktmp:1ce254e5-4620-4abf-9a12-fbbda5b97fa0";
// load keystore
KeyStore keystore = KeyStore.getInstance("PKCS12");
//keystore.load(inputStream, pfxPassword.toCharArray());
keystore.load(new FileInputStream("keystore.pfx"), pfxPassword.toCharArray());
PrivateKey key = (PrivateKey) keystore.getKey(keyAlias, pfxPassword.toCharArray());
Cipher cipher = Cipher.getInstance(key.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, key);
System.out.println(new String(cipher.doFinal(file)));
}
}