(RSA密钥的长度-11),比如1024位的,明文长度不能超过117。
密文的长度总是密钥的长度的一半,比如1024位的,密文长度是64,如果是1032位,密文长度是65位
1024位=1024bit=128byte,128-11=117。
RSA加密内容的长度有限,和密钥长度有关,这是它的算法决定的。不过一般可以用RSA加密其他算法的密钥,比如用RSA加密DES的密钥,再用DES算法加密明文数据。
RSA一般还是用来签名比较多,如果只是签名用的话,加密明文的MD5值就可以了
java中默认填充方式是RSA/ECB/PKCS1Padding,Cipher.getInstance("RSA/ECB/PKCS1Padding");android不是
java
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
android
Cipher cipher = Cipher.getInstance("RSA/ECB/NoPadding");
在服务端和客户端都使用 Cipher cipher = Cipher.getInstance("RSA/ECB/NoPadding");即可
参考:
http://stackoverflow.com/questions/6069369/rsa-encryption-difference-between-java-and-android
http://stackoverflow.com/questions/2956647/rsa-encrypt-with-base64-encoded-public-key-in-android
各种 padding 对输入数据长度的要求:
私钥加密:
RSA_PKCS1_PADDING RSA_size-11
RSA_NO_PADDING RSA_size-0
RSA_X931_PADDING RSA_size-2
公钥加密
RSA_PKCS1_PADDING RSA_size-11
RSA_SSLV23_PADDING RSA_size-11
RSA_X931_PADDING RSA_size-2
RSA_NO_PADDING RSA_size-0
RSA_PKCS1_OAEP_PADDING RSA_size-2 * SHA_DIGEST_LENGTH-2
1. #include
2. #include
3. int main()
4. {
5. RSA *r;
6. int bits=1024,ret,len,flen,padding,i;
7. unsigned long e=RSA_3;
8. BIGNUM *bne;
9. unsigned char *key,*p;
10. BIO *b;
11. unsigned char from[500],to[500],out[500];
12. bne=BN_new();
13. ret=BN_set_word(bne,e);
14. r=RSA_new();
15. ret=RSA_generate_key_ex(r,bits,bne,NULL);
16. if(ret!=1)
17. {
18. printf("RSA_generate_key_ex err!\n");
19. return -1;
20. }
21.
22. b=BIO_new(BIO_s_mem());
23. ret=i2d_RSAPrivateKey_bio(b,r);
24. key=malloc(1024);
25. len=BIO_read(b,key,1024);
26. BIO_free(b);
27. b=BIO_new_file("rsa.key","w");
28. ret=i2d_RSAPrivateKey_bio(b,r);
29. BIO_free(b);
30. 116
31.
32.
33.
34.
35. flen=RSA_size(r);
36. printf("please select private enc padding : \n");
37. printf("1.RSA_PKCS1_PADDING\n");
38. printf("3.RSA_NO_PADDING\n");
39. printf("5.RSA_X931_PADDING\n");
40. scanf("%d",&padding);
41. if(padding==RSA_PKCS1_PADDING)
42. flen-=11;
43. else if(padding==RSA_X931_PADDING)
44. flen-=2;
45. else if(padding==RSA_NO_PADDING)
46. flen=flen;
47. else
48. {
49. printf("rsa not surport !\n");
50. return -1;
51. }
52. for(i=0;i
53. memset(&from[i],i,1);
54. len=RSA_private_encrypt(flen,from,to,r,padding);
55. if(len<=0)
56. {
57. printf("RSA_private_encrypt err!\n");
58. return -1;
59. }
60. len=RSA_public_decrypt(len,to,out,r,padding);
61. if(len<=0)
62. {
63. printf("RSA_public_decrypt err!\n");
64. return -1;
65. }
66. if(memcmp(from,out,flen))
67. {
68. printf("err!\n");
69. return -1;
70. }
71.
72. printf("please select public enc padding : \n");
73. printf("1.RSA_PKCS1_PADDING\n");
74. 117
75. printf("2.RSA_SSLV23_PADDING\n");
76. printf("3.RSA_NO_PADDING\n");
77. printf("4.RSA_PKCS1_OAEP_PADDING\n");
78. scanf("%d",&padding);
79. flen=RSA_size(r);
80. if(padding==RSA_PKCS1_PADDING)
81. flen-=11;
82. else if(padding==RSA_SSLV23_PADDING)
83. flen-=11;
84. else if(padding==RSA_X931_PADDING)
85. flen-=2;
86. else if(padding==RSA_NO_PADDING)
87. flen=flen;
88. else if(padding==RSA_PKCS1_OAEP_PADDING)
89. flen=flen-2 * SHA_DIGEST_LENGTH-2 ;
90. else
91. {
92. printf("rsa not surport !\n");
93. return -1;
94. }
95. for(i=0;i
96. memset(&from[i],i+1,1);
97. len=RSA_public_encrypt(flen,from,to,r,padding);
98. if(len<=0)
99. {
100. printf("RSA_public_encrypt err!\n");
101. return -1;
102. }
103. len=RSA_private_decrypt(len,to,out,r,padding);
104. if(len<=0)
105. {
106. printf("RSA_private_decrypt err!\n");
107. return -1;
108. }
109. if(memcmp(from,out,flen))
110. {
111. printf("err!\n");
112. return -1;
113. }
114. printf("test ok!\n");
115. RSA_free(r);
116. return 0;
117. }
复制代码
