我在node.js中有这段代码,它使用Crypto创建Key。我可以使用Java创建相同的密钥吗?
diffieHellmanConfig': {
'group': 'modp14',
'encoding': 'base64'
}
const clientDHInstance = crypto.getDiffieHellman(config.userCardCrypto.diffieHellmanConfig.group);
clientDHInstance.generateKeys();
const clientPublicKey = clientDHInstance.getPublicKey(config.userCardCrypto.diffieHellmanConfig.encoding);
我尝试使用
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH");
keyGen.initialize(2048);
KeyPair keypair = keyGen.genKeyPair();
PrivateKey privateKey = keypair.getPrivate();
PublicKey publicKey = keypair.getPublic();
byte[] encoded = publicKey.getEncoded();
String s = Base64.getEncoder().encodeToString(encoded);
System.out.println(s);
但密钥是错误的
节点密钥为t2EBMu8wCShfu8Dm45i9nnnnQ+TXyG5Oz1/izjTwRD0dchUK2400R9cP+NjLlOqjLstXnTbG5/aa0WaCoP187J90piiebGOjZUlF/Bu/xkkrYncQHAJ403J8+R2V5eHYCSQXbS6CSO7x+eEhNz8QTMgwkOR9w1R3gvbibaqL7qyQARPFak6+VIKFLUakSzMvdAIjLNPu2dva1QdJicid+EYiZE/DxA7lqpje74I7wynZ j7kmUZXtiIWu46suf5CaVONtjEVZilvErJNpVlPX5TXoMVNrWkl9g5Aa6moXg4K0M6Gc4taumDr9gh4PEuw+/QVauEld27/5TQlfAlalvzg==
Java密钥是MIICKTCCARsGCSqGSIb3DQEDATCCAQwCggEBAP/////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJRSgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7ORbPcIAfLihY78FmNpInhxV05pFj+o/STPX4nlXSPco 62WHGLzViCFUrue1SKHcJaWbWcMNU5KvJgE8XRsCMoYIXwykF5GLjbOO+OedywYDoYDmyeDouwHoo+1xV3wb0xSyd4ry/aVWBcYOZVJfOqVauUV0iYYYmPoFEBVyjlqKrKpo/////////8CQICAgQAA4IBBgACggEBAI+NYSvMh0bfh1ptt62vHEHENz6ZAYvnnwmRhQRdYMBZiqu60AvJ4F6qL99EfesxvH3n8YaC+cG7bKAqkw74rHJXkMF5xOy/kpTVvmQGAPjvTi5o4BJtHLOBgiwFKy7YFKFksCJzqNdAuPri/mfMm6GNG5MBYtQurWkgOnnrVl3Nra2CSVixQ5zCANOSnnNYNFPanr01bI6KZXsiRZRqfA4oYxBPySy4sp1dx2vSQe8EjNWTicTQQj/HP7hl1yf3uiYlM4h3dMbfqv6Y10hW8kvoD88/mh09pdz+HxxDz+mVSMe+3+N7VIYUEGRHhrAvjbXmwh5zyCMIJiI=
在您的示例密钥中,节点创建的DH密钥的大小是预期的2048位,但Java DH密钥正在推进到~4k位。
所以我认为在Java上初始化DH键的方式有问题。
查看您的代码,我认为提供一个整数文本来指定DH循环组的大小是不合适的。
相反,尝试实例化您的Java DH密钥,如下所示:
final DHParameterSpec keySpec=new DHParameterSpec(DH_MODULUS,DH_BASE);
final KeyPair keyPair;
try {
KeyPairGenerator keyGen=KeyPairGenerator.getInstance("DH");
keyGen.initialize(keySpec);
keyPair=keyGen.generateKeyPair();
PrivateKey privateKey = keyPair.getPrivate();
PublicKey publicKey = keyPair.getPublic();
byte[] encoded = publicKey.getEncoded();
String s = Base64.getEncoder().encodeToString(encoded);
System.out.println(s);
}
您需要在Java中创建一个DHParameterSpec对象,提供一个模数和基数,类似于node中提供的值。
示例:
public DHParameterSpec modp14() {
final BigInteger p =
new BigInteger(
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
+ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
+ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
+ "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
+ "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
+ "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
+ "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+ "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
+ "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
+ "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
+ "15728E5A8AACAA68FFFFFFFFFFFFFFFF",
16);
final BigInteger g = new BigInteger("2");
return new DHParameterSpec(p, g);
}
有关素数组的规范,请参阅此处。