2

根据文档,我正在实现 RSACryptoToken,这是 RSA 加密令牌的接口。有 twp 方法,称为 decryptRSA 和 signRSA - 它们应该被实现。在文档中有一条信息,他们应该执行原始 RSA 解密和原始 RSA 签名操作。

  1. 什么是原始 RSA 操作?
  2. 这是否意味着没有填充?
  3. 黑莓或 Bouncy Castle 是否提供此类 API?
4

2 回答 2

1

Basically PKCS#1 v1.5 consists of three parts:

  1. the RSA operations themselves,
  2. the PKCS#1 padding and
  3. an ASN.1 encodign of the hash.

The hash is ASN.1 encoded to include an ASN.1 Object Identifier which uniquely specifies the hash that is used, and the value, like this:

DigestInfo ::= SEQUENCE {
    digestAlgorithm AlgorithmIdentifier,
    digest OCTET STRING
}

This is directly copied from the PKCS#1 specifications (which are pretty readable and publicly available). Note that the encoding is directly specified as bytes as well in the standards.

Blackberry operations only provide 1) and 2), meaning that you have to supply an ASN.1, DER encoded structure containing the hash yourself. No such a structure is defined for the encryption/decryption, only the padding is removed.

Encryption uses random padding (internally) versus non-random padding for signatures. This allows you to encrypt "YES" twice, while an eavesdropper cannot detect if it is YES or NO. The padding is also required to protect the signature against attacks.

于 2012-01-29T23:37:03.250 回答
0

我解决了这个问题,操作 signRSA 和 decryptRSA 应该执行相同的纯模运算

感谢帮助

于 2012-02-15T12:48:45.540 回答