cryptography-kotlin icon indicating copy to clipboard operation
cryptography-kotlin copied to clipboard

Published 20 hours ago verified publisher icon whyoleg

RSA/ECB/PKCS1Padding

Open chandrakant-kshirsagar opened this issue 10 months ago • 8 comments

@whyoleg How to use the below code here.

Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");

chandrakant-kshirsagar avatar Apr 15 '24 06:04 chandrakant-kshirsagar

Hey! Sorry, but RSA with PKCS1 encryption is not yet supported. Only RSA OAEP is supported for now.

Could you please describe why do you need this specific algorithm? Is it needed to community with some old software? I'm asking this, because generally, RSA with PKCS1 encryption is not supposed to be used for new applications, so that's why I delayed adding it, providing more robust algorithms first.

whyoleg avatar Apr 15 '24 07:04 whyoleg

@whyoleg thanks for the information.

Currently, I am converting my old code to compose-multiplatform, which uses RSA/ECB/PKCS1Padding encryption. Should I migrate my code to RSA OAEP or is there any further plan for RSA with PKCS1?

chandrakant-kshirsagar avatar Apr 15 '24 08:04 chandrakant-kshirsagar

Yeah, if you control server part and so could use RSA OAEP for your use case - then it's better to do it. RSA with PKCS1 encryption probable will be supported in upcoming release, but there is no date yet - may be in a couple of months - hard to predict my workload right now.

whyoleg avatar Apr 15 '24 20:04 whyoleg

@whyoleg I will discuss with my backend team about changing the encryption to RSA OAEP. Thank you for your support.👍

chandrakant-kshirsagar avatar Apr 18 '24 06:04 chandrakant-kshirsagar

import java.security.KeyFactory import java.security.spec.X509EncodedKeySpec import android.util.Base64 import javax.crypto.Cipher

actual object RSAUtils {
    actual fun encryptData(str: String, key: String): String { 
        val keyBytes = Base64.decode(key,Base64.NO_WRAP)
        val pubKeySpec = X509EncodedKeySpec(keyBytes)
        val keyFactory = KeyFactory.getInstance("RSA")
        val pubKey = keyFactory.generatePublic(pubKeySpec)
 
        val cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding")
        cipher.init(Cipher.ENCRYPT_MODE, pubKey)
        val encryptedBytes = cipher.doFinal(str.toByteArray())
        // NO_WRAP 表示不在结果中加上换行和空格
        return URLEncoder.encode(Base64.encodeToString(encryptedBytes,Base64.NO_WRAP), "UTF-8")
    }
}

Android is implemented in KMM. I don't know how to write iOS. The hard author wrote the code of iOS and merged into the library

e9ab98e991ab avatar Jul 08 '24 07:07 e9ab98e991ab

Hi, Plus one here, unfortunately I cannot change the server side encryption, so looking forward to 0.4.0! Thanks!

ivanpataki avatar Aug 02 '24 13:08 ivanpataki

I would also have the use case to use AES ECB encryption for an old app that cannot be migrated to a safer encryption. So it would be great in the future to implement it.

jvondermarck avatar Aug 29 '24 07:08 jvondermarck

AES.ECB, RSA.RAW (jdk: RSA/ECB/NoPadding) and RSA.PKCS1 encryption (RSA/ECB/PKCS1Padding) are available in main branch and so in 0.4.0 snapshots. No date for release yet as I need to finish other things. API is a bit clattered for those legacy RSA algorithms (e.g digest is required, but is not used). It will be definitely changed before 1.0 someday.

whyoleg avatar Aug 29 '24 07:08 whyoleg

0.4.0 was just released! RSA encryption with PKCS1 padding and without padding are available now.

whyoleg avatar Oct 12 '24 08:10 whyoleg