解码 OAEP 填充时出错
使用 RSACryptoServiceProvider.Decrypt
解密文本时,我收到错误:
解码 OAEP 填充时发生错误。
这是我的代码:
CspParameters cspParam = new CspParameters();
cspParam = new CspParameters();
cspParam.Flags = CspProviderFlags.UseMachineKeyStore;
clsCertificates cc = new clsCertificates();
string a = "";
cc.OpenStoreIE(ref a);
cc.SetProperties();
X509Certificate2 cert = new X509Certificate2();
cert = cc.x509_2Cert;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cspParam);
//to gentrate private and public keys from the certificate
rsa.FromXmlString(cert.PublicKey.Key.ToXmlString(false));
String publicKey = rsa.ToXmlString(false); // gets the public key
String privateKey = rsa.ToXmlString(true); // gets the private key working if paramter is false if true give error key is not valid for use in specified state
Response.Write("<Textarea rows=10 cols=100>PUBLIC: " + publicKey + "</TextArea>");
Response.Write("<Textarea rows=10 cols=100>PRIVATE: " + privateKey + "</Textarea>");
Response.Write("<BR>Encrypting the string \"HelloThere\" with the public Key:<BR>");
String str = "HelloThere";
RSACryptoServiceProvider RSA2 = new RSACryptoServiceProvider(cspParam);
//---Load the Public key---
RSA2.FromXmlString(publicKey);
//working with the folowing line instead of above but i need the keys of he certificte
//RSA2.ToXmlString(true);
Byte[] EncryptedStrAsByt = RSA2.Encrypt(System.Text.Encoding.Unicode.GetBytes(str), true);
String EncryptedStr = System.Text.Encoding.Unicode.GetString(EncryptedStrAsByt);
Response.Write("<Textarea rows=10 cols=100>Encrypted String: " + EncryptedStr + "</Textarea>");
Response.Write("<BR>Decrypting the Encrypted String with the Private key:<BR>");
RSACryptoServiceProvider RSA3 = new RSACryptoServiceProvider(cspParam);
//---Load the Private key---
RSA3.FromXmlString(privateKey);
//working with the folowing line instead of above but i need the keys of he certificte
//RSA3.ToXmlString(true);
Byte[] DecryptedStrAsByt = RSA3.Decrypt(EncryptedStrAsByt, true );//Error if true then error is error occured while decoding the OAE$P padding and if false then error is bad key i am using windows xp so it should be true.
String DecryptedStr = System.Text.Encoding.Unicode.GetString(DecryptedStrAsByt);
Response.Write("<Textarea rows=10 cols=100>Decrypted String: " + DecryptedStr + "</Textarea>");
如果我不使用数字证书的密钥,上面的代码就可以工作。 但如果密钥来自数字证书,我会收到 OAEP 填充错误。
注意:此问题是解码 OAEP 填充时出错问题的延续
While decrypting text using RSACryptoServiceProvider.Decrypt
, I am getting the error:
Error occurred while decoding OAEP padding.
Here's my code:
CspParameters cspParam = new CspParameters();
cspParam = new CspParameters();
cspParam.Flags = CspProviderFlags.UseMachineKeyStore;
clsCertificates cc = new clsCertificates();
string a = "";
cc.OpenStoreIE(ref a);
cc.SetProperties();
X509Certificate2 cert = new X509Certificate2();
cert = cc.x509_2Cert;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cspParam);
//to gentrate private and public keys from the certificate
rsa.FromXmlString(cert.PublicKey.Key.ToXmlString(false));
String publicKey = rsa.ToXmlString(false); // gets the public key
String privateKey = rsa.ToXmlString(true); // gets the private key working if paramter is false if true give error key is not valid for use in specified state
Response.Write("<Textarea rows=10 cols=100>PUBLIC: " + publicKey + "</TextArea>");
Response.Write("<Textarea rows=10 cols=100>PRIVATE: " + privateKey + "</Textarea>");
Response.Write("<BR>Encrypting the string \"HelloThere\" with the public Key:<BR>");
String str = "HelloThere";
RSACryptoServiceProvider RSA2 = new RSACryptoServiceProvider(cspParam);
//---Load the Public key---
RSA2.FromXmlString(publicKey);
//working with the folowing line instead of above but i need the keys of he certificte
//RSA2.ToXmlString(true);
Byte[] EncryptedStrAsByt = RSA2.Encrypt(System.Text.Encoding.Unicode.GetBytes(str), true);
String EncryptedStr = System.Text.Encoding.Unicode.GetString(EncryptedStrAsByt);
Response.Write("<Textarea rows=10 cols=100>Encrypted String: " + EncryptedStr + "</Textarea>");
Response.Write("<BR>Decrypting the Encrypted String with the Private key:<BR>");
RSACryptoServiceProvider RSA3 = new RSACryptoServiceProvider(cspParam);
//---Load the Private key---
RSA3.FromXmlString(privateKey);
//working with the folowing line instead of above but i need the keys of he certificte
//RSA3.ToXmlString(true);
Byte[] DecryptedStrAsByt = RSA3.Decrypt(EncryptedStrAsByt, true );//Error if true then error is error occured while decoding the OAE$P padding and if false then error is bad key i am using windows xp so it should be true.
String DecryptedStr = System.Text.Encoding.Unicode.GetString(DecryptedStrAsByt);
Response.Write("<Textarea rows=10 cols=100>Decrypted String: " + DecryptedStr + "</Textarea>");
The above is works if I am not using the keys of my digital certificate. but if the keys are from the digital certificate, I get the OAEP padding error.
Note: This question is in continuation of the Error occurred while decoding OAEP padding question
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(8)
一个常见的错误是尝试使用公钥进行解密。
A common mistake is to try to decrypt using the public key.
我遇到了这个问题。
UnicodeEncoding.GetBytes
并不总是UnicodeEncoding.GetString
的逆。这就是
RSACryptoServiceProvider.Decrypt
失败的原因。 网络上的许多加密/解密示例都使用 Unicode 编码。 不要使用 Unicode 编码。 请改用Convert.FromBase64String
和Convert.ToBase64String
。I ran into this exact problem.
UnicodeEncoding.GetBytes
is not always the inverse ofUnicodeEncoding.GetString
.This is why
RSACryptoServiceProvider.Decrypt
fails. A lot of encrypt/decrypt examples on the web use Unicode encoding. Do not use Unicode encoding. UseConvert.FromBase64String
andConvert.ToBase64String
instead.此错误通常表明您正在使用公钥进行解密,而您应该使用私钥进行解密。 试一试。
This error normally indicates you are using a public key to decrypt, while you should be using a private key for decryption. Give it a try.
就我而言,错误是由错误的填充设置引起的。
我有
openssl_public_encrypt()
和OPENSSL_PKCS1_PADDING
作为 PHP 和keypair.decrypt()
,默认值RSA_PKCS1_OAEP_PADDING
in node-rsa。因此,也不要忘记检查这些选项。
In my case the error has been caused by wrong padding settings.
I had
openssl_public_encrypt()
withOPENSSL_PKCS1_PADDING
as a default value in PHP andkeypair.decrypt()
with the default valueRSA_PKCS1_OAEP_PADDING
in node-rsa.So don't forget to check these options too.
仅供参考,您仍然可以使用正确的密钥序列(encr:pub key,decr:priv key)进行(加密/解密)加密 - 即仍然可以使用私钥解密时出现此错误 - 它可能是错误的私钥(即来自另一个证书/密钥对),而不是与您最初加密的公共密钥配对的私钥。 如果您关闭 OAEP 填充并收到“错误数据”异常,则这是另一个指示。
FYI, you can still be (en/de)crypting in the right key sequence (encr:pub key, decr:priv key) - i.e. can still get this error decrypting with a private key - it just may be the wrong private key (i.e. from another cert/key pair), not the one paired w/ the pub key with which u encrypted initially. If u turn off OAEP padding and get a "bad data" exception, that's another indication.
当我们使用错误的密钥进行解密时,我们遇到了这个问题。
We were getting this issue when we were using the wrong key for decryption.
RSA加密可能会产生不可读的字符,请确保在写入/读取加密结果时不要因表示结束的特殊字符而剪切字符串; 例如,您不能使用 strlen,因为它会在字符串中遇到“\0”时停止。
RSA encryption may result non readable character, make sure not to cut the string due to special character indicating end of something during write/read the encryption result; e.g you must not use strlen for it will stop when encounter a '\0' in the string.
另一件需要检查的事情是:在解密操作中,由于忘记将公钥传递到
RSACryptoServiceProvider
进行加密操作,因此出现了此错误。Another thing to check: it was giving me this error, on the decrypt operation, as a result of forgetting to pass the public key into the
RSACryptoServiceProvider
for the encrypt operation.