Solve the Problem of unsuccessful interaction between RSA encryption and decryption in Java and. Net Environments

Source: Internet
Author: User
Tags pfx file

As required by the project, we need to implement the function of encrypting information with the RSA public key in the Java environment, and then decrypting the information with the RSA private key in the. NET environment;
I have never been deeply touched by. net before, so I still have no idea about this problem, but I think this problem can be solved, because RSA encryption and decryptionAlgorithmIt is too mature. Standard support should be provided for all languages;

However, after tests, we found that there are still many obstacles to cross-platform interaction, and there are too many standard-supported platforms. The direct manifestation is that there is no problem with decryption after encryption on the platform, however, if one party encrypts the data, the other party cannot decrypt the data !!

Because the encrypted result is a byte array, the byte array is base64-encoded before transmission;

The following interesting problems are found during problem solving:
1 ,. net has several methods to convert strings into byte arrays, such as encoding. default. getstring, byteconverter. getbytes, etc. However, these methods are not equivalent and should be used with caution. The former meets our expectation, and each letter returns a byte, while the latter returns 2 bytes, the second byte value is 0;
2 ,. the value range of byte in the. NET and Java environments is different. in Java, the value range is-128-127. net is 0-255. because many of the encrypted byte arrays are non-visible characters, they can only be viewed by byte values. Therefore, pay attention to the differences between the two platforms, however, it is normal that the byte values of the same characters differ by 256, but the implementations of different platforms are different;
3. In the. NET environment, the same RSA public key is used to encrypt the same string. The results are different each time! In the Java environment, the results are the same each time. This is the key to solving the interconnection problem! The reason is as follows :.To enhance the security of the RSA encryption algorithm, a random number is generated and encrypted together with the original data. This is obviously not a standard RSA encryption; the RSA encryption in Java is completely standardized without adding random numbers; In this way, the encryption standards of both parties are different, so one party cannot encrypt and decrypt the other party!
4. Since we have found the reason why the two sides cannot communicate with each other, we can only try to eliminate the difference between the two. There are two ways: one is to modify the. NET side. Code , Discard the default RSA Algorithm Implementation class, and implement a set of classes that support standardization. The second is that the Java side modifies the code and maintains the consistency. method 2 has almost no implementation because it cannot be seen. net Source code And cannot know the random number adding rules. In addition, if the Java side modifies the rules, it may cause many new problems in the future. net interconnection, but also with PHP and other languages; the method is feasible but not difficult, but fortunately there are already talents.. net, you can refer to http://www.codeproject.com/csharp/biginteger.aspproject;
5. Although the class file for implementing the standardized RSA algorithm is found, he needs two parameters d and modules in the RSA private key. But we use certificates and cannot use them directly. Fortunately. NET provides the certificate pfx File Import and Export functions, through the x509certificate2 class; pay attention to the initial parameters, there will be a big use;
6. As mentioned above. net will automatically add a certain random number during encryption, so the data blocks that can be operated upon each RSA encryption will become smaller. standard RSA encryption can operate on 128 bytes each time, according to the actual test results ,.. Net can only encrypt up to 117 bytes. If you want to encrypt a large-length string, you must splice it. If you only need to encrypt data within bytes, the RSA implementation method of biginteger can be considered;

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.