[英]what is deference between "RSA/ECB/OAEPWITHSHA256ANDMGF1PADDING" and "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING"
As per my knowledge both are same but one is working on one PC while same code says:据我所知,两者都是相同的,但一个在一台 PC 上工作,而相同的代码说:
javax.crypto.NoSuchPaddingException: OAEPWITHSHA-256ANDMGF1PADDING unavailable with RSA on another machine. javax.crypto.NoSuchPaddingException:OAEPWITHSHA-256ANDMGF1PADDING 在另一台机器上无法使用 RSA 。
When I am removing dash -
from the name ( OAEPWITHSHA256ANDMGF1PADDING
) it starts running on another machine but leads error to some other line bad padding exception.当我从名称 (
OAEPWITHSHA256ANDMGF1PADDING
) 中删除破折号时-
它开始在另一台机器上运行,但会导致其他一些行错误填充异常出错。 What could be the reason?可能是什么原因?
Sample code for Hint提示的示例代码
I am using jdk1.7.0_71 32bit
:我正在使用
jdk1.7.0_71 32bit
:
private byte[] decryptSecretKeyData(byte[] encryptedSecretKey, byte[] iv, PrivateKey privateKey) throws Exception
{
try {
Provider provider= new sun.security.pkcs11.SunPKCS11(keyStoreFile1);
Security.addProvider(provider);
LOG.info("**************Inside decryptSecretKeyData***********************");
Cipher rsaCipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING", provider);
// decrypting the session key with rsa no padding.
rsaCipher.init(Cipher.DECRYPT_MODE, privateKey);
/* The reason is RSA OAEP SHA256 is not supported in HSM. */
byte[] decKey = rsaCipher.doFinal(encryptedSecretKey);
OAEPEncoding encode = new OAEPEncoding(new RSAEngine(), new SHA256Digest(), iv);
LOG.info("******************RSAPublicKey rsaPublickey = (*****************************");
java.security.interfaces.RSAPublicKey rsaPublickey = (java.security.interfaces.RSAPublicKey) publicKeyFile;
RSAKeyParameters keyParams = new RSAKeyParameters(false, rsaPublickey.getModulus(), EXPONENT);
encode.init(false, keyParams);
LOG.info("******************encode.processBlock(decKey, 0, decKey.length);************************");
byte decryptedSecKey[] = encode.processBlock(decKey, 0, decKey.length);
return decryptedSecKey;
} catch (InvalidCipherTextException e) {
LOG.info("*******************Failed to decrypt AES secret key using RSA :**********************");
throw new Exception("Failed to decrypt AES secret key using RSA :" + e.toString());
}
}
RSA/ECB/OAEPWITHSHA256ANDMGF1PADDING
and RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING
are different alias but both refers to the same algorithms, so in this sense there is not difference at all. RSA/ECB/OAEPWITHSHA256ANDMGF1PADDING
和RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING
是不同的别名,但两者都指的是相同的算法,因此在这个意义上根本没有区别。
The thing is that you're using a PKCS#11
(cryptographic token interface) to cipher your data. 问题是您正在使用
PKCS#11
(加密令牌接口)来加密数据。 According to java PKCS#11
reference : 根据java
PKCS#11
参考 :
The Sun PKCS#11 provider, in contrast to most other providers, does not implement cryptographic algorithms itself.
与大多数其他提供商相比,Sun PKCS#11提供商本身并未实施加密算法。 Instead, it acts as a bridge between the Java JCA and JCE APIs and the native PKCS#11 cryptographic API, translating the calls and conventions between the two.
相反,它充当Java JCA和JCE API与本机PKCS#11加密API之间的桥梁,转换两者之间的调用和约定。 This means that Java applications calling standard JCA and JCE APIs can, without modification, take advantage of algorithms offered by the underlying PKCS#11 implementations, such as, for example,
这意味着调用标准JCA和JCE API的Java应用程序可以在不进行修改的情况下利用底层PKCS#11实现提供的算法,例如,
Cryptographic Smartcards, Hardware cryptographic accelerators, and High performance software implementations.
加密智能卡,硬件加密加速器和高性能软件实现。 Note that Java SE only facilitates accessing native PKCS#11 implementations, it does not itself include a native PKCS#11 implementation .
请注意,Java SE仅便于访问本机PKCS#11实现,它本身不包含本机PKCS#11实现 。 However, cryptographic devices such as Smartcards and hardware accelerators often come with software that includes a PKCS#11 implementation, which you need to install and configure according to manufacturer's instructions.
但是,智能卡和硬件加速器等加密设备通常附带包含PKCS#11实现的软件,您需要根据制造商的说明进行安装和配置。
Summarized, if you're using a PKCS#11
, the use of the algorithms depends on vendors native implementation ( .dll
on windows, .so
on linux ...) and some times on specific program connector so: check if in the both PCs you're using the same drivers/program version for your PKCS#11
token and the both are correctly installed because probably there is an error in one of them which doesn't allows you to use RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING
correctly. 总而言之,如果您使用的是
PKCS#11
,算法的使用取决于供应商的本机实现(Windows上的.dll
,Linux上的.so
...)以及特定程序连接器上的某些时间,所以:检查是否在两者中您使用与PKCS#11
令牌相同的驱动程序/程序版本的PC,并且两者都已正确安装,因为其中一个可能存在错误,导致您RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING
正确使用RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING
。
Hope this helps, 希望这可以帮助,
Both algorithms are provided by the different security provider. 两种算法均由不同的安全提供商提供。 The
该
RSA/ECB/OAEPWITHSHA256ANDMGF1PADDING
RSA / ECB / OAEPWITHSHA256ANDMGF1PADDING
is provided by the Bouncy Castle provider while 由Bouncy Castle提供者提供
RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING
RSA / ECB / OAEPWITHSHA-256ANDMGF1PADDING
is provided by the SUN JCE provider. 由SUN JCE提供商提供。 In our case, we are able to successfully use Bouncy Castle provider algorithm but if I replace that with SUN JCE algorithm then it gives following error:
在我们的例子中,我们能够成功使用Bouncy Castle提供程序算法,但如果我用SUN JCE算法替换它,那么它会出现以下错误:
Exception in thread "main" javax.crypto.BadPaddingException: lHash mismatch
at sun.security.rsa.RSAPadding.unpadOAEP(RSAPadding.java:425)
at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:274)
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:356)
at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:382)
The situation is more complex.情况比较复杂。 The RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING is nominally provided by SunJCE.
RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING 名义上由 SunJCE 提供。 The RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING is provided by BC.
RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING 由 BC 提供。
However BC is able to take over and act as a provider of RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING if it is installed before the SunJCE provider (using Security.installProviderAt).但是,如果 BC 在 SunJCE 提供程序之前安装(使用 Security.installProviderAt),则它能够接管并充当 RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING 的提供程序。 Unfortunately, BC does not parametrize this algorithm the same way as SunJCE does it.
不幸的是,BC 没有像 SunJCE 那样对这个算法进行参数化。 BC implementation of that algorithm is thus different (,) than one provided by SunJCE.
因此,该算法的 BC 实现与 SunJCE 提供的不同 (,)。 which will be source of padding errors.
这将是填充错误的来源。
SunJCE RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING is using SHA-1 for MGF1 function and SHA-256 for label hash (which is almost always an empty byte array and therefore a static value). SunJCE RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING 对 MGF1 function 使用 SHA-1,对 label hash 使用 SHA-1(它几乎总是一个空字节数组,因此是一个 static 值)。
BC RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING is using SHA-256 for MGF1 function and SHA-256 for label hash. BC will also use the same parameters if it is being asked to provide RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING. BC RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING 对 MGF1 function 使用 SHA-256,对 label hash 使用 SHA-256。如果要求 BC 提供 RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING,BC 也将使用相同的参数
Advice: always explicitly specify security provider to make sure that correct provider is used.建议:始终明确指定安全提供程序以确保使用正确的提供程序。 Alternatively explicitly specify the OAEP parameters and don't rely on defaults (recommended).
或者明确指定 OAEP 参数并且不依赖默认值(推荐)。
I've reported the issue to BC, so maybe it will get fixed.我已经向 BC 报告了这个问题,所以也许它会得到解决。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.