BADPADING:在java上解密加密字符串时出现加密错误

我使用

SwiftyRSA

使用

PKCS1

填充对带有公钥的字符串进行加密。不幸的是，当我在Java上解密加密字符串时，我发现了

BadPadding:Encryption Error

。到目前为止，我发现Java使用

模式

加密/解密字符串，但iOS/Swift中没有

模式

。请告诉我应该使用哪种算法在Swift和Java之间进行加密/解密

这是要加密/解密的公钥和私钥

快速加密

let publicKey = try PublicKey(pemNamed: "public")
let clear = try ClearMessage(string: inString, using: .utf8)
let encrypted = try clear.encrypted(with: publicKey, padding: .init(rawValue: 0))
let base64 = encrypted.data.base64EncodedString()

public class CryptographyUsingKeystore {
    private static final String ALGORITHM = "RSA";
    public static byte[] encrypt(PublicKey publicKey, byte[] inputData)
            throws Exception {
        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.PUBLIC_KEY, publicKey);
        byte[] encryptedBytes = cipher.doFinal(inputData);
        return encryptedBytes;
    }
    public static byte[] decrypt(PrivateKey privateKey, byte[] inputData)
            throws Exception {
        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.PRIVATE_KEY, privateKey);
        byte[] decryptedBytes = cipher.doFinal(inputData);
        return decryptedBytes;
    }
    public static void main(String[] args) throws Exception {
        KeyProvider keyProvider = new KeyProvider();

        PublicKey publicKey = myKey.getPemPublicKey();
        //PrivateKey privateKey = (PrivateKey) keyProvider.getPrivateKey();

        byte[] encryptedData = encrypt(publicKey,
                "Hello".getBytes());

        System.out.println("Encrypted Key.... ");
        System.out.println(new String(Base64.getEncoder().encode(encryptedData)));

      byte[] decryptedData = decrypt(privateKey, encryptedData);

        System.out.println("Decrypted key.... ");
        System.out.println(new String(decryptedData));
    }
}

要解密的Java

let publicKey = try PublicKey(pemNamed: "public")
let clear = try ClearMessage(string: inString, using: .utf8)
let encrypted = try clear.encrypted(with: publicKey, padding: .init(rawValue: 0))
let base64 = encrypted.data.base64EncodedString()

public class CryptographyUsingKeystore {
    private static final String ALGORITHM = "RSA";
    public static byte[] encrypt(PublicKey publicKey, byte[] inputData)
            throws Exception {
        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.PUBLIC_KEY, publicKey);
        byte[] encryptedBytes = cipher.doFinal(inputData);
        return encryptedBytes;
    }
    public static byte[] decrypt(PrivateKey privateKey, byte[] inputData)
            throws Exception {
        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.PRIVATE_KEY, privateKey);
        byte[] decryptedBytes = cipher.doFinal(inputData);
        return decryptedBytes;
    }
    public static void main(String[] args) throws Exception {
        KeyProvider keyProvider = new KeyProvider();

        PublicKey publicKey = myKey.getPemPublicKey();
        //PrivateKey privateKey = (PrivateKey) keyProvider.getPrivateKey();

        byte[] encryptedData = encrypt(publicKey,
                "Hello".getBytes());

        System.out.println("Encrypted Key.... ");
        System.out.println(new String(Base64.getEncoder().encode(encryptedData)));

      byte[] decryptedData = decrypt(privateKey, encryptedData);

        System.out.println("Decrypted key.... ");
        System.out.println(new String(decryptedData));
    }
}

Java crypto（JCA）使用语法算法/模式/填充（或仅转换）来指定所有密码。如果只指定算法，则默认为模式和填充对于RSA，没有实际的操作模式，转换（ECB）中的模式只是一个占位符，以符合固定语法。但有明显不同的填充方案

我不是一个敏捷的人，但是0实际上是sigRaw，PKCS1是1。 如果是这样，则使用“raw”=不填充对应于Java的NoPadding进行加密，因此使用Java默认PKCS1Padding进行解密将失败。请尝试“RSA/ECB/NoPadding”。或者更好，用PKCS1加密，用PKCS1解密（显式或默认），因为

警告：不带填充的RSA加密在语义上总是不安全的，这取决于您使用它的方式，通常是完全不安全的（例如，攻击者可以快速解密您的所有数据）。这就是为什么它不是默认值，也不推荐使用的原因。然而，安全性不是stackoverflow的主题；这是crypto.SX和security.SX的主题，其中有大量的Q和As解释未添加的“教科书”或“幼稚”RSA加密的危险