问题
I am trying to encrypt at string in Java and decrypt in C#. I tried with RSA/ECB/PKCS1PADDING first and it worked like a charm, but now I'm trying to switch to OAEP padding, but I cannot make it work. The encryption works fine but not the decryption. The only things I changed was the algorithm name in Java and in C# I changed rsa.Decrypt(data, true) from false to true. Does it require more changes?
The exception I get is "Error occurred while decoding OAEP padding".
My Java encryption method:
public byte[] rsaEncrypt(byte[] data) {
byte[] cipherData;
try {
RSAPublicKeySpec keySpec = new RSAPublicKeySpec(pubMod, pubExp);
KeyFactory fact = KeyFactory.getInstance("RSA");
PublicKey pubKey = fact.generatePublic(keySpec);
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
cipherData = cipher.doFinal(data);
return cipherData;
} catch (NoSuchAlgorithmException | IllegalBlockSizeException | InvalidKeyException | InvalidKeySpecException | NoSuchPaddingException | BadPaddingException e) {
e.printStackTrace();
}
return null;
}
My C# decryption method:
private string RSADecrypt(byte[] data)
{
const string PrivateKey = *the key*;
const int PROVIDER_RSA_FULL = 1;
const string CONTAINER_NAME = "Tracker";
CspParameters cspParams;
cspParams = new CspParameters(PROVIDER_RSA_FULL);
cspParams.KeyContainerName = CONTAINER_NAME;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cspParams);
rsa.FromXmlString(PrivateKey);
byte[] decrypted = rsa.Decrypt(data, true);
String decryptedString = System.Text.Encoding.UTF8.GetString(decrypted);
return decryptedString;
}
回答1:
It seems to be SHA-256 that's not working with C#. I changed the algorithm name to "RSA/ECB/OAEPWithSHA-1AndMGF1Padding", and it worked!
回答2:
RSACryptoServiceProvider does not support OAEP-SHA2.
.NET 4.6 added RSACng, which is capable of OAEP-SHA2 (256, 384, 512). .NET 4.6 also changed the Encrypt/Decrypt and Sign/Verify signatures a bit to be more scalable than a Boolean, and moved them to the RSA base class:
using (RSA rsa = new RSACng())
{
rsa.FromXmlString(privateKeyXml);
byte[] decrypted = rsa.Decrypt(data, RSAEncryptionPadding.OaepSHA256);
return Encoding.UTF8.GetString(decrypted);
}
If your private key comes from an X509Certificate2 instance the new GetRSAPrivateKey method (also in 4.6) will prefer a RSACng instance; though the return type is deliberately not guaranteed... so if you must cast it you should use as instead of a hard cast.
来源:https://stackoverflow.com/questions/30849594/c-sharp-equivalent-to-java-rsa-ecb-oaepwithsha-256andmgf1padding