[英]Bad Padding Exception - RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING in pkcs11
My application is accessing e-Token for decrypting the response coming from the server 我的应用程序正在访问e-Token来解密来自服务器的响应
The session key from the server is encrypted using :- 来自服务器的会话密钥使用以下方法加密:
RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING
RSA / ECB / OAEPWITHSHA-256ANDMGF1PADDING
I am using SunPKCS11 Provider for implementing the access to crypto token. 我正在使用SunPKCS11 Provider来实现对加密令牌的访问。 Whenever i try to decrypt this using the above mechanishm ie with RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING i am getting :-
每当我尝试使用上述机制解密此文件时,即使用RSA / ECB / OAEPWITHSHA-256ANDMGF1PADDING,我都会收到:-
**javax.crypto.BadPaddingException: doFinal() failed
at sun.security.pkcs11.P11RSACipher.implDoFinal(P11RSACipher.java:328)
at sun.security.pkcs11.P11RSACipher.engineDoFinal(P11RSACipher.java:353)
at javax.crypto.Cipher.doFinal(DashoA13*..)
The following is my code :- 以下是我的代码:-
private static final String TRANSFORMATION = "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING";
private static final String SECURITY_PROVIDER = "BC";
private static final String DIGEST_ALGORITHM = "SHA-256";
private static final String MASKING_FUNCTION = "MGF1";
The code snippet where the error is coming is as follows :- 错误即将到来的代码片段如下:
private byte[] decryptSecretKeyData(byte[] encryptedSecretKey, byte[] iv, PrivateKey privateKey) throws Exception {
try {
Cipher rsaCipher = Cipher.getInstance(TRANSFORMATION, SECURITY_PROVIDER);
System.out.println("Cipher block initialized"); - **Printed**
PSource pSrc = (new PSource.PSpecified(iv));
System.out.println("PSource inisitialized"); - **Printed**
rsaCipher.init(Cipher.DECRYPT_MODE, privateKey,
new OAEPParameterSpec(DIGEST_ALGORITHM, MASKING_FUNCTION,
MGF1ParameterSpec.SHA256, pSrc));
System.out.println("Here after cipher initilaization"); - **Not Printed***
return rsaCipher.doFinal(encryptedSecretKey);
} catch (GeneralSecurityException e) {
System.out.println("GeneralSecurityException is "+e.getMessage());
throw new Exception("Failed to decrypt AES secret key using RSA.", e);
}
}
I am Stuck in here and unable to decrypt the OAEP Transformation. 我被困在这里,无法解密OAEP转换。
You obtain a non-extractable private key P11Key.P11PrivateKey
from the dongle. 您从加密狗获取了不可提取的私钥
P11Key.P11PrivateKey
。 It cannot be used outside PKCS11 provider, thus, SunPKCS11 provider should be used for operations with that key. 不能在PKCS11提供程序外部使用它,因此,应将SunPKCS11提供程序用于具有该密钥的操作。
Unfortunately SunPKCS11 provider doesn't support OAEP padding, making it more difficult. 不幸的是,SunPKCS11提供程序不支持OAEP填充,因此更加困难。 Encryption still can be done with BouncyCastle, but decryption can be done with no padding and SunPKCS11 provider.
仍然可以使用BouncyCastle进行加密,但是可以在没有填充和SunPKCS11提供程序的情况下进行解密。 keyLength parameter is RSA key modulus length in bits (1024,2048 etc).
keyLength参数是以位(1024、2048等)为单位的RSA密钥模数长度。
private void testEncryption(byte[] plainText, PrivateKey privateKey, PublicKey publicKey, int keyLength) throws GeneralSecurityException {
System.out.println("Plain text: " + DatatypeConverter.printHexBinary(plainText));
Provider bcProvider = new BouncyCastleProvider();
Cipher rsaCipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING", bcProvider);
rsaCipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] cipherText = rsaCipher.doFinal(plainText);
System.out.println("Cipher text: " + DatatypeConverter.printHexBinary(cipherText));
Provider pkcs11provider = new SunPKCS11("C:\\Users\\manishs525\\pkcs11.cfg");
Cipher rsaCipher2 = Cipher.getInstance("RSA/ECB/NoPadding", pkcs11provider);
rsaCipher2.init(Cipher.DECRYPT_MODE, privateKey);
byte[] paddedPlainText = rsaCipher2.doFinal(cipherText);
/* Ensure leading zeros not stripped */
if (paddedPlainText.length < keyLength / 8) {
byte[] tmp = new byte[keyLength / 8];
System.arraycopy(paddedPlainText, 0, tmp, tmp.length - paddedPlainText.length, paddedPlainText.length);
System.out.println("Zero padding to " + (keyLength / 8));
paddedPlainText = tmp;
}
System.out.println("OAEP padded plain text: " + DatatypeConverter.printHexBinary(paddedPlainText));
OAEPParameterSpec paramSpec = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1,
PSource.PSpecified.DEFAULT);
RSAPadding padding = RSAPadding.getInstance(RSAPadding.PAD_OAEP_MGF1, keyLength / 8, new SecureRandom(), paramSpec);
byte[] plainText2 = padding.unpad(paddedPlainText);
System.out.println("Unpadded plain text: " + DatatypeConverter.printHexBinary(plainText2));
}
Notes: 笔记:
I have found the issue is that the implementation of SunJCE's Cipher " RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING " is not compatible with other implementations ( BouncyCastle/IAIK/PKCS11 ) 我发现问题在于,SunJCE的密码“ RSA / ECB / OAEPWITHSHA-256ANDMGF1PADDING ”的实现与其他实现不兼容( BouncyCastle / IAIK / PKCS11 )
When setting AlgorithmParameters (with OAEPParameterSpec) an exception is thrown (javax.crypto.BadPaddingException) 设置AlgorithmParameters(与OAEPParameterSpec一起)时,将引发异常(javax.crypto.BadPaddingException)
Refer : Problems with Cipher "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING" Bug Details 请参阅: 密码问题“ RSA / ECB / OAEPWITHSHA-256ANDMGF1PADDING”错误的详细信息
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.