堆栈内存溢出
  简体   繁体   English

RSA算法PKCS#1.5填充(非OEAP)密码加密,带有Java中的客户端证书公共密钥

[英]RSA algorithm PKCS #1.5 padding (not OEAP) password encryption with client certificate public key in Java

 原文  2014-03-21 14:02:57       java/ encryption/ cryptography/ rsa/ verisign

问题描述

I am new to RSA algorithm and cryptography in Java. 我是Java的RSA算法和加密技术的新手。 I have a client certificate provided by the 3rd party organization which is in .cer format. 我有第三方组织提供的.cer格式的客户证书。 Now I need to encrypt my password with the public portion of the password key certificate, using the RSA algorithm and PKCS #1.5 padding - so not OAEP - in Java. 现在,我需要使用Java中的RSA算法和PKCS#1.5填充(而不是OAEP),使用密码密钥证书的公共部分来加密密码。

Could you check if the following does perform the above? 您能否检查以下各项是否能够执行上述操作? 

Security.addProvider(neworg.bouncycastle.jce.provider.BouncyCastleProvider());
byte[] input = "Abc123".getBytes();
Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC");
FileInputStream fin = new FileInputStream(new File("/test.cer"));
CertificateFactory f = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
PublicKey pk = certificate.getPublicKey();
cipher.init(Cipher.ENCRYPT_MODE, pk, new SecureRandom());
byte[] cipherText = cipher.doFinal(input);

1 个解决方案

解决方案1
 2  2014-03-21 23:40:59

Yes, the code you provided looks OK. 是的,您提供的代码看起来不错。

Note that if you replace "RSA/None/PKCS1Padding" with "RSA/ECB/PKCS1Padding" that you could rely on the default Sun provider instead. 请注意,如果将"RSA/None/PKCS1Padding"替换为"RSA/ECB/PKCS1Padding" ,则可以依靠默认的Sun提供程序。

It is important to note that your code generates a "plain" signature; 重要的是要注意,您的代码会生成“普通”签名。 it doesn't include your data or certificate. 它不包含您的数据或证书。 Generally it is better to create a CMS Signed Data structure, which can for instance include the "leaf" certificate that you used to create the signature. 通常,最好创建CMS签名数据结构,例如,该结构可以包含用于创建签名的“叶”证书。

CMS is a so called cryptographic container format , which can hold structures such as the data, signature and additional information on the signature algorithm, certificates, signer etc. CMS是一种所谓的密码容器格式 ,可以保存诸如数据,签名以及有关签名算法,证书,签名者等附加信息的结构。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用公钥进行Java RSA加密 - Java RSA encryption with public key 如何在Java中使用给定的公钥以rsa / ecb / pkcs1填充模式编码文本? - How to encode a text with rsa/ecb/pkcs1 padding mode with a given public key in java? PKCS1-padding / RSA加密ios objc和java之间的区别 - Difference between PKCS1-padding/RSA encryption ios objc and java 使用RSA / ECB / PKCS1Padding进行.Net加密和Java解密 - .Net encryption and java decryption with RSA/ECB/PKCS1Padding Java 7:使用密码“ RSA / ECB / OAEPWithSHA1AndMGF1Padding”使用公共RSA密钥加密的输出与openssl命令不匹配 - Java 7 : output from encryption with public RSA key using cipher “RSA/ECB/OAEPWithSHA1AndMGF1Padding” does not match with openssl command 使用给定公钥的RSA加密(使用Java) - RSA Encryption with given public key (in Java) 轻量级的API可读取Java中的PKCS#1 RSA公钥? - Light weight api to read PKCS#1 RSA public key in java? 将CRYPT_RSA_PUBLIC_FORMAT_PKCS1从PHP转换为Java中的RSA公钥 - Convert CRYPT_RSA_PUBLIC_FORMAT_PKCS1 from php to RSA Public key in Java 使用RSA / ECB / PKCS1padding的Android加密问题。 它在Java和Android中给出不同的结果 - Issue in Android Encryption using RSA/ECB/PKCS1padding. It gives different results in Java and Android Java中RSA公钥生成和加密的有效实现 - Effective Implementation of RSA Public Key Generation and Encryption in Java
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM