Phpseclib相当于Java RSA加密

I'm trying to reproduce Java encryption using Cipher cipher = Cipher.getInstance("RSA"); with PHP and phpseclib.

我正在尝试使用Cipher cipher = Cipher.getInstance（“RSA”）重现Java加密;使用PHP和phpseclib。

I tried this and so many things, but it seems the data are not correctly encrypted

我试过这么多东西，但似乎数据没有正确加密

$rsa = new Crypt_RSA();
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_OAEP);
$rsa->loadKey($pub_key);
$ciphertext = $rsa->encrypt($plaintext);

I tried different combination like

我尝试了不同的组合

$rsa->setMGFHash('sha512');
$rsa->setHash('sha512');
//$rsa->setMGFHash('sha256');
//$rsa->setHash('sha256');

without success.

没有成功。

Am I missing something?

我错过了什么吗？

1 个解决方案

#1

Don't ever use incomplete Cipher strings like this one:

不要像这样使用不完整的密码字符串：

Cipher cipher = Cipher.getInstance("RSA");

This doesn't specify the padding and therefore depends on which padding the default security provider prefers. This will probably default to:

这不指定填充，因此取决于默认安全提供程序更喜欢的填充。这可能默认为：

Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");

This would be compatible to

这将是兼容的

$rsa = new Crypt_RSA();
$rsa->loadKey($pub_key);
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$ciphertext = $rsa->encrypt($plaintext);

But you shouldn't use PKCS#1 v1.5 padding anymore. You really should be using OAEP (meaning):

但是你不应该再使用PKCS＃1 v1.5填充了。你真的应该使用OAEP（含义）：

Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");

and the phpseclib equivalent should be

和phpseclib等价物应该是

$rsa = new Crypt_RSA();
$rsa->loadKey($pub_ley);
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_OAEP);
$rsa->setHash('sha256');
$ciphertext = $rsa->encrypt($plaintext);

#1