bouncycastle支持RSA PKCS1-OAEP填充吗？

Question

我正在Java/Android中实现加密代码以匹配iOS加密.在iOS中,使用以下填充方案使用RSA加密:PKCS1-OAEP

但是当我尝试用PKCS1-OAEP创建Cipher时.

Cipher c = Cipher.getInstance("RSA/None/PKCS1-OAEP", "BC");

下面是堆栈跟踪

javax.crypto.NoSuchPaddingException: PKCS1-OAEP unavailable with RSA.
    at com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi.engineSetPadding(CipherSpi.java:240)
    at javax.crypto.Cipher.getCipher(Cipher.java:324)
    at javax.crypto.Cipher.getInstance(Cipher.java:237) 

也许这RSA/None/PKCS1-OAEP是不正确的？但无法找到任何明确的答案,要么说PKCS1-OAEP不受支持,要么是正确的定义方式.

我正在使用spongycastle库,所以有完整的bouncycastle实现.

Answer 1

第一个答案中的代码确实有效,但不推荐使用它,因为它使用BouncyCastle内部类,而不是JCA泛型接口,使代码BouncyCastle具体.例如,它将很难切换到SunJCE提供程序.

Bouncy Castle从版本1.50开始支持以下OAEP填充名称.

• RSA/NONE/OAEPWithMD5AndMGF1Padding
• RSA/NONE/OAEPWithSHA1AndMGF1Padding
• RSA/NONE/OAEPWithSHA224AndMGF1Padding
• RSA/NONE/OAEPWithSHA256AndMGF1Padding
• RSA/NONE/OAEPWithSHA384AndMGF1Padding
• RSA/NONE/OAEPWithSHA512AndMGF1Padding

然后适当的RSA-OAEP密码初始化看起来像

Cipher c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");

Answer 2

如果其他人遇到类似的加密编码/填充问题,则以下代码有效

    SubjectPublicKeyInfo publicKeyInfo = new SubjectPublicKeyInfo(
            ASN1Sequence.getInstance(rsaPublicKey.getEncoded()));

    AsymmetricKeyParameter param = PublicKeyFactory
            .createKey(publicKeyInfo);
    AsymmetricBlockCipher cipher = new OAEPEncoding(new RSAEngine(),
            new SHA1Digest());
    cipher.init(true, param);

    return cipher.processBlock(stuffIWantEncrypted, 0, 32);