可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
I'm implementing encryption code in Java/Android to match iOS encryption. In iOS there are encrypting with RSA using the following padding scheme: PKCS1-OAEP
However when I try to create Cipher with PKCS1-OAEP.
Cipher c = Cipher.getInstance("RSA/None/PKCS1-OAEP", "BC");
Below is the stacktrace
javax.crypto.NoSuchPaddingException: PKCS1-OAEP unavailable with RSA. at com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi.engineSetPadding(CipherSpi.java:240) at javax.crypto.Cipher.getCipher(Cipher.java:324) at javax.crypto.Cipher.getInstance(Cipher.java:237)
Maybe this RSA/None/PKCS1-OAEP is incorrect? but can't find any definitive answer to say either PKCS1-OAEP is unsupported or the correct way to define it.
I'm using the spongycastle library so have full bouncycastle implementation.
回答1:
The code in the first answer does work, but it's not recommended as it uses BouncyCastle internal classes, instead of JCA generic interfaces, making the code BouncyCastle specific. For example, it will make it difficult to switch to SunJCE provider.
Bouncy Castle as of version 1.50 supports following OAEP padding names.
- RSA/NONE/OAEPWithMD5AndMGF1Padding
- RSA/NONE/OAEPWithSHA1AndMGF1Padding
- RSA/NONE/OAEPWithSHA224AndMGF1Padding
- RSA/NONE/OAEPWithSHA256AndMGF1Padding
- RSA/NONE/OAEPWithSHA384AndMGF1Padding
- RSA/NONE/OAEPWithSHA512AndMGF1Padding
Then proper RSA-OAEP cipher initializations would look like
Cipher c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
回答2:
The following code works, if anyone else is stuck with similar encryption encoding/padding issues
SubjectPublicKeyInfo publicKeyInfo = new SubjectPublicKeyInfo( ASN1Sequence.getInstance(rsaPublicKey.getEncoded())); AsymmetricKeyParameter param = PublicKeyFactory .createKey(publicKeyInfo); AsymmetricBlockCipher cipher = new OAEPEncoding(new RSAEngine(), new SHA1Digest()); cipher.init(true, param); return cipher.processBlock(stuffIWantEncrypted, 0, 32);
