RSA / ECB / OAEPWithSHA-256AndMGF1Padding但MGF1使用SHA-256?
[英]RSA/ECB/OAEPWithSHA-256AndMGF1Padding but with MGF1 using SHA-256?
问题描述
I found the hard way that in Oracle's Java standard crypto provider 
我在Oracle的Java标准加密提供程序中找到了困难的方法
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
uses MFG1 instanciated with SHA-1; 使用与SHA-1相关的MFG1; SHA-256 is only used to hash the label (in practice empty). SHA-256仅用于散列标签(实际上是空的)。 The only solution that I found to actually use SHA-256 in MFG1 (helped by that answer and comment ) was using an alternate form of Cipher.init : 我发现在MFG1中实际使用SHA-256的唯一解决方案(通过答案和评论帮助)使用了另一种形式的Cipher.init :
cipher.init(Cipher.DECRYPT_MODE, privKey, new OAEPParameterSpec(
"SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT
));
Question: is there a transformation that Cipher.getInstance will recognize, with effect similar to "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" , except with MGF1 using SHA-256? 问题: Cipher.getInstance是否会识别转换 ,效果类似于"RSA/ECB/OAEPWithSHA-256AndMGF1Padding" ,但MGF1使用SHA-256除外?
1 个解决方案
解决方案1
6 已采纳 2015-11-06 22:45:05
No, there isn't. 不,没有。
Java is open source. Java是开源的。 If unsure you can take a look at the sources for the OpenJDK. 如果不确定,您可以查看OpenJDK的来源。
In the init method of com.sun.crypto.provider.RSACipher it reads: 在com.sun.crypto.provider.RSACipher的init方法中,它读取:
spec = new OAEPParameterSpec(oaepHashAlgorithm, "MGF1",
MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
I've checked this up to Java 8 update 60 for the OpenJDK. 我已经检查了OpenJDK的Java 8更新60。 As you can see, you need to use the algorithm parameters. 如您所见,您需要使用算法参数。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.