使用公钥进行RSA解密 [英] RSA decryption with a public key

问题描述

我的Android项目中有一些解密问题。

I've got some decryption problems in my Android project.

我收到一个用私钥签名的字符串，我必须用公钥验证（解密）它。
我想获得与使用PHP函数完全相同的结果 - openssl_public_decrypt（ http://php.net/manual/pl/function.openssl-public-decrypt.php ）

I'm getting a string signed with a private key and I have to verify(decrypt) it with a public key. I'd like to get exactly the same result as if I were using a PHP function - openssl_public_decrypt ( http://php.net/manual/pl/function.openssl-public-decrypt.php )

I我必须在我的Java项目中这样做，所以我可以使用Java库（例如BouncyCastle，或其他什么，任何推荐？）

I have to do this in my Java project, so I can use Java libs (e.g BouncyCastle, or something else, any recommendations? )

任何想法如何解决这个问题？

Any ideas how to solve this?

好的，这是我的代码。
我得到这样的公钥

Ok, here's my code. I'm getting the public key like this

PEMReader reader = new PEMReader(new InputStreamReader(ctx
                .getAssets().open("pubkey.pem")));
        Object obj;
        while ((obj = reader.readObject()) != null) {
             if (obj instanceof RSAPublicKey) {
                pubKey = (RSAPublicKey) obj;
                return pubKey;
            }
        }

我总是得到公钥而没有任何问题。

And I always get the public key without any problems.

Cipher c = Cipher.getInstance("RSA/NONE/NoPadding", "SC");
c.init(Cipher.DECRYPT_MODE, pubKey);
byte[] result = c.doFinal(data_to_decrypt.getBytes());

结果（将字节转换为字符串后）我得到 022c06571c6a263b389fcd93159cb311abb880bddf51b7c916dd1ae。 ..

And as a result(after converting bytes to string) I get 022c06571c6a263b389fcd93159cb311abb880bddf51b7c916dd1ae...

其中php函数返回
sd8dsa348acvcx87 | 00454 | OK | 15000 | CDE 这是一个正确的输出。

where php functions returns sd8dsa348acvcx87|00454|OK|15000|CDE and this is a correct output.

推荐答案

Java已经有了Java Cryptography Extension Framework，它只是为这些东西。

Java has got the Java Cryptography Extension Framework, which is just designed for these things.

BouncyCastle是这个框架的加密提供程序。这意味着，它为您的Java Cryptography Extension提供了加密算法的实现。

BouncyCastle is a Cryptography Provider for this framework. This means, it provides your Java Cryptography Extension with implementations of cryptography algorithms.

您可以在包 java中找到基本类。安全性和 javax.crypto

要使用公钥解密您的邮件，您可以尝试以下方法：

To decrypt your message with a public key you could try the following:

// Use RSA/NONE/NoPadding as algorithm and BouncyCastle as crypto provider
Cipher asymmetricCipher = Cipher.getInstance("RSA/NONE/NoPadding", "BC");

// asume, that publicKeyBytes contains a byte array representing
// your public key
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyBytes);

KeyFactory keyFactory;
keyFactory = KeyFactory.getInstance(publicKeySpec.getFormat());
Key key = keyFactory.generatePublic(publicKeySpec);

// initialize your cipher
asymmetricCipher.init(Cipher.DECRYPT_MODE, key);
// asuming, cipherText is a byte array containing your encrypted message
byte[] plainText = asymmetricCipher.doFinal(cipherText);

请注意，此示例非常基本且缺少多次尝试捕获块。此外，您不应使用不填充的非对称密码，因为这会使您容易受到重放攻击。您可能还会遇到密钥长度问题。在某些Java包中，限制了允许的最大密钥长度。这可以通过使用无限强度策略文件来解决。

Please note, that this example is very basic and lacks several try catch blocks. Also, you should not use an asymmetric cipher without padding as this makes you vulnerable to replay attacks. You may also encounter issues with the key length. In some Java packages, the maximum allowed key length is restricted. This may be solved by using the unlimited strength policy files.

我希望，这可以帮助您开始使用Java加密。

I hope, this helps you in getting started with the Java cryptography.

这篇关于使用公钥进行RSA解密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！