使用“RSA / ECB / PKCS7Padding”与弹性城堡 [英] Using "RSA/ECB/PKCS7Padding" with Bouncy Castle
问题描述
我尝试使用RSA / ECB / PKCS7Padding进行加密。它在JCE中不受支持。所以我下载了Bouncy城堡,但似乎Bouncy城堡也不支持这种转变。以下代码:
Security.insertProviderAt(new BouncyCastleProvider(),1);
Cipher cipher = Cipher.getInstance(RSA / ECB / PKCS7Padding);
throws
Caused by:java.security.NoSuchAlgorithmException:在javax.crypto.Cipher.getInstance(Cipher.java:524)中找不到任何支持RSA / ECB / PKCS7Padding的提供者
$
....
Caused by:javax.crypto.NoSuchPaddingException:不支持的填充PKCS7Padding
at sun.security.pkcs11.P11RSACipher.engineSetPadding(P11RSACipher.java:129)
在javax.crypto.Cipher $ Transform。 setModePadding(Cipher.java:360)
at javax.crypto.Cipher.getInstance(Cipher.java:517)
... 4 more
TIA。
解决方案即使这样的事情存在,使用RSA与PKCS#7填充或从PKCS#7填充直接派生的方案将是不安全的(或更准确地说,不会是CPA安全的)。
无限多的可能是客户端不需要PKCS#7 填充,但加密数据应包含在 CMS邮件格式 中。 PKCS#7是此格式的前身,PKCS#7填充只是此规范的一小部分。
Bouncy Castle包含此格式的实现: p>
S / MIME和CMS(PKCS7 / RFC 3852)的生成器/处理器。
目前包含在
bcpkix *
JAR文件中。I tried to use "RSA/ECB/PKCS7Padding" for encryption. It is not supported in JCE. So I downloaded Bouncy Castle but it seems that Bouncy Castle also does not support this transformation. The following codes:
Security.insertProviderAt(new BouncyCastleProvider(), 1); Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS7Padding");
throws
Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/PKCS7Padding at javax.crypto.Cipher.getInstance(Cipher.java:524) .... Caused by: javax.crypto.NoSuchPaddingException: Unsupported padding PKCS7Padding at sun.security.pkcs11.P11RSACipher.engineSetPadding(P11RSACipher.java:129) at javax.crypto.Cipher$Transform.setModePadding(Cipher.java:360) at javax.crypto.Cipher.getInstance(Cipher.java:517) ... 4 more
Am I doing it correctly?
TIA.
解决方案Even if such a thing would exist, using RSA with PKCS#7 padding or a scheme directly derived from PKCS#7 padding would be insecure (or, to be more precise, it would not be CPA-secure).
What is infinitely more likely is that the client doesn't require PKCS#7 padding but that the encrypted data should be contained in a CMS message format. PKCS#7 is a predecessor of this format, the PKCS#7 padding is only a small part of this specification.
Bouncy Castle contains an implementation of this format:
Generators/Processors for S/MIME and CMS (PKCS7/RFC 3852).
currently contained in the
bcpkix*
JAR files.这篇关于使用“RSA / ECB / PKCS7Padding”与弹性城堡的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!