我正在编写一个 Web 服务,它允许用户从算法列表中选择一个算法并生成指定大小的 key (使用 KeyGenerator)。我无法通过 API 找到任何方法来获取指定算法的一组可能的 key 大小。如果我尝试生成一个大小无效的 key ,我将得到一个异常指示,错误消息中包含该算法的可能 key 大小,但我想为用户预先确定一个选择列表。如果存在,任何人都可以指出正确的 API 吗?
最佳答案
我不认为这可以通过 API 获得,因为一些算法采用范围而不是不同的值。
来自 Java Cryptography Architecture Documentation (Java 7) , Keysize Restrictions 部分,KeyGenerator:
The SunJCE provider uses the following default keysizes (in bits) and enforces the following restrictions:
KeyGenerator
╔══════════════════════╦══════════════════╦════════════════════════════════════════════════════════════════════════════════╗
║ Algorithm Name ║ Default Keysize ║ Restrictions/Comments ║
╠══════════════════════╬══════════════════╬════════════════════════════════════════════════════════════════════════════════╣
║ AES ║ 128 ║ Keysize must be equal to 128, 192, or 256. ║
║ ARCFOUR (RC4) ║ 128 ║ Keysize must range between 40 and 1024 (inclusive). ║
║ Blowfish ║ 128 ║ Keysize must be a multiple of 8, ranging from 32 to 448 (inclusive). ║
║ DES ║ 56 ║ Keysize must be equal to 56. ║
║ DESede (Triple DES) ║ 168 ║ Keysize must be equal to 112 or 168. ║
║ ║ ║ A keysize of 112 will generate a Triple DES key with 2 intermediate keys, and ║
║ ║ ║ a keysize of 168 will generate a Triple DES key with 3 intermediate keys. ║
║ ║ ║ Due to the "Meet-In-The-Middle" problem, even though 112 or 168 bits of key ║
║ ║ ║ material are used, the effective keysize is 80 or 112 bits respectively. ║
║ HmacMD5 ║ 512 ║ No keysize restriction. ║
║ HmacSHA1 ║ 512 ║ No keysize restriction. ║
║ HmacSHA256 ║ 256 ║ No keysize restriction. ║
║ HmacSHA384 ║ 384 ║ No keysize restriction. ║
║ HmacSHA512 ║ 512 ║ No keysize restriction. ║
║ RC2 ║ 128 ║ Keysize must range between 40 and 1024 (inclusive). ║
╚══════════════════════╩══════════════════╩════════════════════════════════════════════════════════════════════════════════╝
我建议您为用户输入提供一个合适的组件(可编辑组合框),该组件根据算法选择而变化,然后为其提供验证。
关于java - 获取 JCE KeyGenerators 所有可能的 key 大小,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26269624/