RSA icon indicating copy to clipboard operation
RSA copied to clipboard
verified publisher icon RustCrypto

Interoperability issue with RSA OAEP encryption

Open tsilva97 opened this issue 4 years ago • 1 comments

I'm having interoperability problems when encrypting a small payload with a RSA public key and decrypting it with a RSA private key. The encryption is made using this library and the decryption is made using Golang's rsa package.

Decryption is made using this library in the following way:

let public_key = RsaPublicKey::new(rsa::BigUint::from_bytes_be(&n), rsa::BigUint::from_bytes_be(&e.to_be_bytes())).unwrap();

let mut rng = OsRng;
let padding = PaddingScheme::new_oaep_with_mgf_hash::<Sha256, Sha256>();
let enc_key = public_key.encrypt(&mut rng, padding, &payload).expect("failed to encrypt");

The library in Golang uses RSA OAEP with SHA-256 and SHA-256 for the MGF1.

I've been successful in encrypting the payload using Java Crypto by using the following, which confirms that the Golang implementation uses RSA OAEP with SHA-256 and SHA-256 for the MGF1.:

Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING");
cipher.init(Cipher.ENCRYPT_MODE, pub,
        new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), PSource.PSpecified.DEFAULT));
byte[] encryptedKey = cipher.doFinal(secretKey.getEncoded());

I've been dealing with this problem for some time now and I haven't been able to find the right way to make this work. Am I using the library wrong or is there the possibility of an underlying problem with interoperability?

tsilva97 avatar Jan 07 '22 11:01 tsilva97

  • Could you provide a more full example for both the rust and the go version you are using please?

dignifiedquire avatar Jan 17 '22 14:01 dignifiedquire

Closing for lack of a repro.

Please reopen/refile with a repro against one of the latest v0.9 prereleases (or newer) if the issue persists.

tarcieri avatar Apr 25 '23 03:04 tarcieri