> From: owner-openssl-us...@openssl.org On Behalf Of Dan Si Atat > Sent: Wednesday, November 19, 2014 14:32
> I am trying to emulate in OpenSSL java encryption algorithm. > When using "RSA_public_encrypt" are there parameters to emulate any of these > combinations of parameters in Java? > "RSA/ECB/OAEPWITHMD5ANDMGF1PADDING" or "RSA/ECB/PKCS1Padding"? > I tried using "RSA_PKCS1_PADDING" as a padding parameter but when I decrypt > the encrypted text in Java I get a BadPadding exception. Then you're doing something wrong. I can encrypt in openssl with PKCS1_PADDING or OAEP_PADDING and decrypt in Java with RSA/ECB/PKCS1PADDING (or just RSA, because Java defaults to PKCS1 padding) or RSA/ECB/OAEPWITHSHA1ANDMGF1PADDING (SHA1 not MD5; openssl doesn't do OEAP-MD5, nor the SHA-2s) and vice versa. Tested with openssl 0.9.8za 1.0.0j,m 1.0.1c,h versus Java 7u15 7u72 8u05 8u25 which are the versions I currently have on my "throwaway" test environment. (FWIW I do have "unlimited crypto" policy in all Javas, although I don't think that makes a difference for RSA.) Are you sure you're using (halves of) the same keypair on both sides? Key mismatch will definitely manifest as bad padding. Are you treating the data as binary (C/C++ "b", Java Stream bytes not Reader/Writer chars) or encoding/decoding to a form that exactly preserves bits (usually base64 or hex)? (Although if not I would usually expect length errors rather than padding.) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
