Android的RSA解密(失败)/服务器端加密(openssl_public_encrypt) [英] Android RSA decryption (fails) / server-side encryption (openssl_public_encrypt)
问题描述
我想用我的设备上生成的RSA密钥我的Android应用程序解密的字符串。加密是由PHP服务完成的,利用我的应用程序提供的RSA公钥。我的问题是与解密,这将失败。
I am trying to decrypt a string in my android application using RSA keys generated on my device. The encryption is done by a php service, using the public rsa key provided by my application. My problem is with decryption, which fails.
我做以下内容:
-
生成密钥对在Android(带KeyPairGenerator.getInstance(RSA)) - >确定
Generating KeyPair on Android (with KeyPairGenerator.getInstance("RSA")) -> OK
这两个密钥(公钥和私钥)正在BASE64带Base64.en code codeD之后保存到文件(pubKey.getEn codeD())和使用相同私钥。 - >确定
Both keys (public and private) are saved into files after being "base64" encoded with Base64.encode(pubKey.getEncoded()) and the same with the private key. -> OK
当我打电话我的web服务,我通过我的公钥(在基地64)后的变量 - >确定
When I am calling my webservice, I pass my public key (in base 64) in a post variable -> OK
Web服务(PHP服务),使用公共密钥加密短字符串,用openssl_public_encrypt功能。加密的字符串转换为base64。 - >似乎确定,该函数不返回FALSE
The web service (a php service), uses the public key to encrypt a short string, with the openssl_public_encrypt function. The encrypted string is converted to base64. -> Seems OK, the function does not return FALSE.
应用程序检索服务的结果,和德codeS它(Base64.de code()) - > OK(我检查时,收到的字节与匹配所产生的一在openssl_public_encrypt()函数)
The application retrieves the result of the service, and decodes it (Base64.decode()) -> OK (I have check, the bytes received matches with the one generated by the openssl_public_encrypt() function)
的最后一件事是解密这个字符串,我做以下内容: - > NOT OK
The last thing is to decrypt this string, I am doing the following : -> NOT OK
密码加密= Cipher.getInstance(RSA);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE,privateKey);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
字节[] = decryptedBytes cipher.doFinal(cryptedBytes);
byte[] decryptedBytes = cipher.doFinal(cryptedBytes);
字符串decryptedString =新的String(decryptedBytes);
String decryptedString = new String(decryptedBytes);
的System.out.println(decryptedString);
System.out.println(decryptedString);
解密的结果不我原来的字符串相匹配。
The result of the decryption does not match my original string.
我失去了一些东西?
推荐答案
OpenSSL的使用填充= OPENSSL_PKCS1_PADDING 默认情况下。所以必须在两侧是相同的填充机制,你应该使用 Cipher.getInstance(RSA / ECB / PKCS1Padding)。这也是你可以在Java SE使用什么。
OpenSSL uses padding = OPENSSL_PKCS1_PADDING by default. So to have the same padding mechanism at both sides you should use Cipher.getInstance("RSA/ECB/PKCS1Padding"). This is also what you could use in Java SE.
请注意,这是很危险的,依赖于密码缺省操作模式。许多实现有不同的默认值,而这些可能很难抬起头来。所以总是尽量充分指定算法/模式来使用。
Note that it is very dangerous to depend on default modes of operation in cryptography. Many implementations have different defaults, and those can be hard to look up. So always try to fully specify the algorithm/mode to use.
您可以尝试其他的RSA的填充方式,但要注意 - 不幸的是 - Android已经禁用了很多从充气城堡源$ C $ C就能适应算法和别名
You could try other RSA padding modes, but note that - unfortunately - Android has disabled a lot of algorithms and aliases from the Bouncy Castle source code they adapted.
这篇关于Android的RSA解密(失败)/服务器端加密(openssl_public_encrypt)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
