[英]Java RSA to PHP phpseclib RSA
我正在使用一個支付網關,並且他們正在運行一個Java演示,但是我想改為在php中實現。
支付網關使用帶有隨機生成密鑰的3DES對有效負載進行加密。 通過使用支付網關的PUBLIC密鑰,使用RSA對該密鑰進行了加密。
問題是當我使用php腳本對該密鑰進行RSA加密時,支付網關無法正確提取密鑰,並且顯然PHP上的RSA加密無法正常工作...
這是RSA加密的Java版本:
public static byte[] encrypt(byte[] data, String pubKey64) {
try {
byte[] key = Toolkit.base64Decode(pubKey64);
KeyFactory rsaKeyFac = KeyFactory.getInstance("RSA");
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(key);
RSAPublicKey pbk = (RSAPublicKey) rsaKeyFac.generatePublic(keySpec);
System.out.println("MODE:"+Cipher.ENCRYPT_MODE);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
cipher.init(Cipher.ENCRYPT_MODE, pbk);
byte[] encDate = cipher.doFinal(data);
return encDate;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
這是我在PHP腳本中得到的結果:
use phpseclib\Crypt\RSA as RSA;
$PUB_KEY = '-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ1fKGMV/yOUnY1ysFCk0yPP4bfOolC/nTAyHmoser+1yzeLtyYsfitYonFIsXBKoAYwSAhNE+ZSdXZs4A5zt4EKoU+T3IoByCoKgvpCuOx8rgIAqC3O/95pGb9n6rKHR2sz5EPT0aBUUDAB2FJYjA9Sy+kURxa52EOtRKolSmEwIDAQAB
-----END PUBLIC KEY-----';
$PAYLOAD = 'b78850d2f35108b4bc4e7a41';
function encrypt($key,$payload){
$rsa = new RSA();
$rsa->loadKey($key); // public key
$rsa->setEncryptionMode(2);
$ciphertext = $rsa->encrypt($payload);
return base64_encode($ciphertext);
}
Java版本使用的是PKCSPADDING,因此我將phpseclib的模式設置為2,即PKCSPADDING,但仍然無法正常工作。 我有什么想念的嗎? 有人可以幫我指出一下嗎?
更新:
不知道這是否是引起它的原因,但是我刪除了“ ----- BEGIN PUBLIC KEY -----”和“ ----- END PUBLIC KEY -----”部分,並且它起作用了。
感謝大家的幫助。
嘗試執行define('CRYPT_RSA_PKCS15_COMPAT', true);
在開始加密過程之前。
引用phpseclib 2.0的RSA.php:
/**
* RSAES-PKCS1-V1_5-DECRYPT
*
* See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}.
*
* For compatibility purposes, this function departs slightly from the description given in RFC3447.
* The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the
* private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the
* public key should have the second byte set to 2. In RFC3447 (PKCS#1 v2.1), the second byte is supposed
* to be 2 regardless of which key is used. For compatibility purposes, we'll just check to make sure the
* second byte is 2 or less. If it is, we'll accept the decrypted string as valid.
*
* As a consequence of this, a private key encrypted ciphertext produced with \phpseclib\Crypt\RSA may not decrypt
* with a strictly PKCS#1 v1.5 compliant RSA implementation. Public key encrypted ciphertext's should but
* not private key encrypted ciphertext's.
*
* @access private
* @param string $c
* @return string
*/
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.