From 1ae9d35d83ce607cc7725050bdf35f10cbb4ab8b Mon Sep 17 00:00:00 2001 From: Looly Date: Mon, 2 Mar 2020 21:48:56 +0800 Subject: [PATCH] fix rsa block --- CHANGELOG.md | 1 + .../crypto/asymmetric/AsymmetricCrypto.java | 43 ++++++++++++------- .../java/cn/hutool/crypto/asymmetric/RSA.java | 7 ++- 3 files changed, 34 insertions(+), 17 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 914a4b478..c0934450c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ * 【core 】 增强EnumConvert判断能力(issue#I17082@Gitee) * 【all 】 log、template、tokenizer使用SPI机制代替硬编码 * 【poi 】 Word07Writer增加addPicture +* 【crypto】 RSA算法中,BlockSize长度策略调整(issue#721@Github) ### Bug修复 diff --git a/hutool-crypto/src/main/java/cn/hutool/crypto/asymmetric/AsymmetricCrypto.java b/hutool-crypto/src/main/java/cn/hutool/crypto/asymmetric/AsymmetricCrypto.java index 8eafd1128..3f694a97f 100644 --- a/hutool-crypto/src/main/java/cn/hutool/crypto/asymmetric/AsymmetricCrypto.java +++ b/hutool-crypto/src/main/java/cn/hutool/crypto/asymmetric/AsymmetricCrypto.java @@ -1,20 +1,19 @@ package cn.hutool.crypto.asymmetric; -import java.io.IOException; -import java.security.Key; -import java.security.PrivateKey; -import java.security.PublicKey; - -import javax.crypto.BadPaddingException; -import javax.crypto.Cipher; -import javax.crypto.IllegalBlockSizeException; - import cn.hutool.core.codec.Base64; import cn.hutool.core.io.FastByteArrayOutputStream; import cn.hutool.crypto.CryptoException; import cn.hutool.crypto.SecureUtil; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import java.io.IOException; +import java.security.Key; +import java.security.PrivateKey; +import java.security.PublicKey; + /** * 非对称加密算法 * @@ -196,12 +195,19 @@ public class AsymmetricCrypto extends AbstractAsymmetricCrypto @Override public byte[] encrypt(byte[] data, KeyType keyType) { final Key key = getKeyByType(keyType); - final int maxBlockSize = this.encryptBlockSize < 0 ? data.length : this.encryptBlockSize; - lock.lock(); try { cipher.init(Cipher.ENCRYPT_MODE, key); - return doFinal(data, maxBlockSize); + + if(this.encryptBlockSize < 0){ + // 在引入BC库情况下,自动获取块大小 + final int blockSize = this.cipher.getBlockSize(); + if(blockSize > 0){ + this.encryptBlockSize = blockSize; + } + } + + return doFinal(data, this.encryptBlockSize < 0 ? data.length : this.encryptBlockSize); } catch (Exception e) { throw new CryptoException(e); } finally { @@ -220,12 +226,19 @@ public class AsymmetricCrypto extends AbstractAsymmetricCrypto @Override public byte[] decrypt(byte[] data, KeyType keyType) { final Key key = getKeyByType(keyType); - final int maxBlockSize = this.decryptBlockSize < 0 ? data.length : this.decryptBlockSize; - lock.lock(); try { cipher.init(Cipher.DECRYPT_MODE, key); - return doFinal(data, maxBlockSize); + + if(this.decryptBlockSize < 0){ + // 在引入BC库情况下,自动获取块大小 + final int blockSize = this.cipher.getBlockSize(); + if(blockSize > 0){ + this.decryptBlockSize = blockSize; + } + } + + return doFinal(data, this.decryptBlockSize < 0 ? data.length : this.decryptBlockSize); } catch (Exception e) { throw new CryptoException(e); } finally { diff --git a/hutool-crypto/src/main/java/cn/hutool/crypto/asymmetric/RSA.java b/hutool-crypto/src/main/java/cn/hutool/crypto/asymmetric/RSA.java index 321c61c49..9559185b3 100644 --- a/hutool-crypto/src/main/java/cn/hutool/crypto/asymmetric/RSA.java +++ b/hutool-crypto/src/main/java/cn/hutool/crypto/asymmetric/RSA.java @@ -11,6 +11,7 @@ import java.security.spec.RSAPublicKeySpec; import cn.hutool.core.util.CharsetUtil; import cn.hutool.crypto.CryptoException; +import cn.hutool.crypto.GlobalBouncyCastleProvider; import cn.hutool.crypto.SecureUtil; /** @@ -186,7 +187,8 @@ public class RSA extends AsymmetricCrypto { @Override public byte[] encrypt(byte[] data, KeyType keyType) { - if (this.encryptBlockSize < 0) { + // 在非使用BC库情况下,blockSize使用默认的算法 + if (this.encryptBlockSize < 0 && null == GlobalBouncyCastleProvider.INSTANCE.getProvider()) { // 加密数据长度 <= 模长-11 this.encryptBlockSize = ((RSAKey) getKeyByType(keyType)).getModulus().bitLength() / 8 - 11; } @@ -195,7 +197,8 @@ public class RSA extends AsymmetricCrypto { @Override public byte[] decrypt(byte[] bytes, KeyType keyType) { - if (this.decryptBlockSize < 0) { + // 在非使用BC库情况下,blockSize使用默认的算法 + if (this.decryptBlockSize < 0 && null == GlobalBouncyCastleProvider.INSTANCE.getProvider()) { // 加密数据长度 <= 模长-11 this.decryptBlockSize = ((RSAKey) getKeyByType(keyType)).getModulus().bitLength() / 8; }