javax.crypto pkcs1p使用相同的填充类型添加RSA enc/dec和iOS security SecKeyEncrypt有什么区别
我尝试在iOS上使用RSA(SecKeyEncrypt)和kSecPaddingPKCS1对AES密钥进行加密,然后使用RSA算法的标准java provider(javax.crypto)对密钥进行解密。我正在成功地接收java应用程序生成的公钥,将其存储在iOS密钥链中,并使用它加密aes密钥,但在java应用程序上接收时,我得到了众所周知的异常javax.crypto.BadPaddingException:数据必须以零开始。当我禁用填充时,同样的代码也会起作用(有时会起作用)。那么,iOS和JavaPatForm上使用的填充之间的区别在哪里呢?有人能给我答案吗?我在这个问题上挣扎太久了。失去耐心 源代码。1) 生成对称密钥,2)使用我的java应用程序中的rsa公钥包装它。(Tke公钥由java app发送到客户端的模和指数创建)3)准备NSData:使用加密密钥初始化,附加aes加密数据,发送到java app。然后java应用程序获取前128个字节(加密的aes密钥)并尝试对其进行解密,此时抛出异常javax.crypto pkcs1p使用相同的填充类型添加RSA enc/dec和iOS security SecKeyEncrypt有什么区别,java,ios,cryptography,rsa,Java,Ios,Cryptography,Rsa,我尝试在iOS上使用RSA(SecKeyEncrypt)和kSecPaddingPKCS1对AES密钥进行加密,然后使用RSA算法的标准java provider(javax.crypto)对密钥进行解密。我正在成功地接收java应用程序生成的公钥,将其存储在iOS密钥链中,并使用它加密aes密钥,但在java应用程序上接收时,我得到了众所周知的异常javax.crypto.BadPaddingException:数据必须以零开始。当我禁用填充时,同样的代码也会起作用(有时会起作用)。那么,iO
[tools generateSymmetricKey];
NSData* encryptedSymetricKey = [tools wrapSymmetricKey:[tools getSymmetricKeyBytes] keyRef:[tools getPeerPublicKeyRef]];
int option = kCCOptionPKCS7Padding;
NSData* aesEncr = [tools doCipher:data key:[tools getSymmetricKeyBytes] context:kCCEncrypt padding:(CCOptions *)&option];
NSMutableData * result = [[NSMutableData alloc] initWithData:encryptedSymetricKey];
[result appendData:aesEncr];
从CryptoExercise中借用的方法应该对我有用:
- (NSData *)wrapSymmetricKey:(NSData *)symmetricKey keyRef:(SecKeyRef)publicKey {
OSStatus sanityCheck = noErr;
size_t cipherBufferSize = 0;
size_t keyBufferSize = 0;
LOGGING_FACILITY( symmetricKey != nil, @"Symmetric key parameter is nil." );
LOGGING_FACILITY( publicKey != nil, @"Key parameter is nil." );
NSData * cipher = nil;
uint8_t * cipherBuffer = NULL;
// Calculate the buffer sizes.
cipherBufferSize = SecKeyGetBlockSize(publicKey);
keyBufferSize = [symmetricKey length];
if (kTypeOfWrapPadding == kSecPaddingNone) {
LOGGING_FACILITY( keyBufferSize <= cipherBufferSize, @"Nonce integer is too large and falls outside multiplicative group." );
} else {
LOGGING_FACILITY( keyBufferSize <= (cipherBufferSize - 11), @"Nonce integer is too large and falls outside multiplicative group." );
}
// Allocate some buffer space. I don't trust calloc.
cipherBuffer = malloc( cipherBufferSize * sizeof(uint8_t) );
memset((void *)cipherBuffer, 0x0, cipherBufferSize);
// Encrypt using the public key.
sanityCheck = SecKeyEncrypt( publicKey,
kSecPaddingPKCS1,
(const uint8_t *)[symmetricKey bytes],
keyBufferSize,
cipherBuffer,
&cipherBufferSize
);
LOGGING_FACILITY1( sanityCheck == noErr, @"Error encrypting, OSStatus == %d.", sanityCheck );
// Build up cipher text blob.
cipher = [NSData dataWithBytes:(const void *)cipherBuffer length:(NSUInteger)cipherBufferSize];
if (cipherBuffer) free(cipherBuffer);
return cipher;
-(NSData*)WrapsSymmetry键:(NSData*)symmetricKey键参考:(SecKeyRef)公钥{
OSStatus sanityCheck=noErr;
大小\u t cipherBufferSize=0;
大小\u t keyBufferSize=0;
日志记录工具(symmetricKey!=nil,@“对称密钥参数为nil”);
日志记录工具(publicKey!=nil,@“关键参数为nil”);
NSData*密码=零;
uint8_t*cipherBuffer=NULL;
//计算缓冲区大小。
cipherBufferSize=SecKeyGetBlockSize(公钥);
keyBufferSize=[symmetricKey长度];
if(kTypeOfRappadding==kSecPaddingNone){
LOGGING_FACILITY(keyBufferSize)添加Objective-C代码您在哪里加密如何在java端导出公钥?如何在iOS端导入公钥?您可能还想看看(或向我们展示)使用RSA/ECB/NoPadding对填充数据进行解密的结果。@wojtek maka:你找到解决方案了吗?我实际上也在为同样的问题而挣扎,我花了一段时间才找到这个问题。