python vs java的rsa加密

標籤：default   sasl   XML   加密   pre   publickey   document   desc   pcs   

首先：java的加密解密模組需要更加精細的演算法細節指定

java的加密方式

javax.crypto.Cipher，定義的擷取方式

tatic Cipher    getInstance(String transformation)Returns a Cipher object that implements the specified transformation.static Cipher    getInstance(String transformation, Provider provider)Returns a Cipher object that implements the specified transformation.static Cipher    getInstance(String transformation, String provider)Returns a Cipher object that implements the specified transformation.

有兩個重要參數：

1. transformation定義為

A transformation is a string that describes the operation (or set of operations) to be performed on the given input, to produce some output. A transformation always includes the name of a cryptographic algorithm (e.g., AES), and may be followed by a feedback mode and padding scheme.A transformation is of the form:"algorithm/mode/padding" or"algorithm"(in the latter case, provider-specific default values for the mode and padding scheme are used). For example, the following is a valid transformation:     Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");

transformation有以下幾種：

Every implementation of the Java platform is required to support the following standard Cipher transformations with the keysizes in parentheses:AES/CBC/NoPadding (128)AES/CBC/PKCS5Padding (128)AES/ECB/NoPadding (128)AES/ECB/PKCS5Padding (128)DES/CBC/NoPadding (56)DES/CBC/PKCS5Padding (56)DES/ECB/NoPadding (56)DES/ECB/PKCS5Padding (56)DESede/CBC/NoPadding (168)DESede/CBC/PKCS5Padding (168)DESede/ECB/NoPadding (168)DESede/ECB/PKCS5Padding (168)RSA/ECB/PKCS1Padding (1024, 2048)RSA/ECB/OAEPWithSHA-1AndMGF1Padding (1024, 2048)RSA/ECB/OAEPWithSHA-256AndMGF1Padding (1024, 2048)These transformations are described in the Cipher section of the Java Cryptography Architecture Standard Algorithm Name Documentation. Consult the release documentation for your implementation to see if any other transformations are supported.

2.provider

可以通過Security.getProviders()查看

        java.security.Provider [] providers=Security.getProviders();        for(int i=0;i<providers.length;i++){            System.out.println(providers[i].getName());        }

具體的provider如下：

SUNSunRsaSignSunECSunJSSESunJCESunJGSSSunSASLXMLDSigSunPCSCSunMSCAPI

python的加密方式需要到具體的代碼裡面了，如

from crypto.PublicKey import RSAfrom crypto.Cipher import PKCS1_v1_5 as Cipher_pkcs1_v1_5# from Crypto.Signature import PKCS1_v1_5 as Signature_pkcs1_v1_5def rsaEncrypt(message):    key = ‘MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYLCumWz6MGHmAMLIaPt3SItIhMYHuyLn48muQz2xKj9PVqETGfjq/GTxHE3wfvGCEs/JXY1rV4uysUuAS/xwZuyJ9j+sB599lzmpxdhIWu/jGMR0h86nnpNUcssYwR3Bww3oU5+dYEtGpfOytMyh3eJeUZiNNBXqH+IaSYfU3hwIDAQAB‘    key1=base64.b64decode(key)    rsaKey=RSA.importKey(key1)    cipher=Cipher_pkcs1_v1_5.new(rsaKey)    temp=cipher.encrypt(message)    return binascii.b2a_hex(temp)if __name__ == ‘__main__‘:    rsaEncrypt(13950346593)

進入encypt方法中：

    def encrypt(self, message):        """Produce the PKCS#1 v1.5 encryption of a message.        This function is named ``RSAES-PKCS1-V1_5-ENCRYPT``, and it is specified in        `section 7.2.1 of RFC8017        <https://tools.ietf.org/html/rfc8017#page-28>`_.        :param message:            The message to encrypt, also known as plaintext. It can be of            variable length, but not longer than the RSA modulus (in bytes) minus 11.        :type message: bytes/bytearray/memoryview        :Returns: A byte string, the ciphertext in which the message is encrypted.            It is as long as the RSA modulus (in bytes).        :Raises ValueError:            If the RSA key length is not sufficiently long to deal with the given            message.        """

發現其支援的是

PKCS#1 v1.5 encryption

對應java的模式是：

RSA/ECB/PKCS1Padding (1024, 2048)

參考文獻：

【1】https://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html#getInstance(java.lang.String)

【2】https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#Cipher

python vs java的rsa加密