英文:
Compatibility of .rsaEncryptionOAEPSHA256 algorithm on iOS with Java
问题
我正试图在iOS应用程序与Java后端之间进行通信。在使用 SecKeyCreateEncryptedData
中的 .rsaEncryptionOAEPSHA256
算法进行加密时,后端显示以下堆栈跟踪:
Caused by: java.lang.SecurityException: 调用 doFinal(byte[]) 时抛出异常。
at ... 101 个常见帧被省略
Caused by: javax.crypto.BadPaddingException: 解密错误
at java.base/sun.security.rsa.RSAPadding.unpadOAEP(RSAPadding.java:497)
at java.base/sun.security.rsa.RSAPadding.unpad(RSAPadding.java:292)
at java.base/com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:366)
at java.base/com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:392)
at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2207)
... 103 个常见帧被省略
Java 后端正在使用 SunJCE
提供程序中的 RSA/ECB/OAEPWithSHA-256AndMGF1Padding
算法。该提供程序将 MGF1 摘要设置为使用 SHA-1
。然而,iOS 的默认设置是使用 SHA-256
。
- 在iOS的代码中,我如何更改此设置以使其兼容?
注意: 需要明确的是,使用iOS上的 .rsaEncryptionPKCS1
进行相同交互,其中后端使用Java中的 RSA/ECB/PKCS1Padding
,目前正正常运行。
英文:
I am trying to communicate from an iOS application to a Java backend. When using the .rsaEncryptionOAEPSHA256
algorithm in SecKeyCreateEncryptedData
for encryption, the backend shows the following stacktrace:
Caused by: java.lang.SecurityException: Exception thrown while invoking doFinal(byte[]).
at ... 101 common frames omitted
Caused by: javax.crypto.BadPaddingException: Decryption error
at java.base/sun.security.rsa.RSAPadding.unpadOAEP(RSAPadding.java:497)
at java.base/sun.security.rsa.RSAPadding.unpad(RSAPadding.java:292)
at java.base/com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:366)
at java.base/com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:392)
at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2207)
... 103 common frames omitted
The Java backend is using the RSA/ECB/OAEPWithSHA-256AndMGF1Padding
algorithm from the SunJCE
provider. This provider uses SHA-1
for the MGF1 digest. However the default for iOS is to use SHA-256
.
- How can I change this in the code for iOS to make this compatible?
Note: To be clear, the exact same interaction is currently working fine with .rsaEncryptionPKCS1
on iOS where the backend uses RSA/ECB/PKCS1Padding
in Java.
答案1
得分: 1
面对相同的问题,根据我所研究和实验的情况,几乎不可能在iOS上支持RSA/ECB/OAEPWithSHA-256AndMGF1Padding。
类似问题:https://stackoverflow.com/questions/47237524/encrypt-rsa-ecb-oaepwithsha-256andmgf1padding-swift
但是这只解决了算法问题,而没有解决填充问题。
英文:
Faced the same issue, from what I've researched & experimented with, it's practically impossible to support RSA/ECB/OAEPWithSHA-256AndMGF1Padding on iOS.
Similiar issue: https://stackoverflow.com/questions/47237524/encrypt-rsa-ecb-oaepwithsha-256andmgf1padding-swift
But this only addressed the algorithm but not the padding issue.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论