0

I am trying to remove the spongy castle provider from my cryptography class and to use the Spongy castle light library directly (maven:com.madgag:sc-light-jdk15on:1.47.0.3) I have a problem during changing a RSA encrypt logic, below is the code :

Original Code:

final PublicKey pKey = KeyFactory.getInstance("RSA", "SC").generatePublic(new X509EncodedKeySpec(publicKey));
final Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");

Modified Code:

AsymmetricKeyParameter asypublicKey = PublicKeyFactory.createKey(publicKey);
org.spongycastle.crypto.encodings.PKCS1Encoding e = new org.spongycastle.crypto.encodings.PKCS1Encoding(new RSAEngine());
e.init(true, asypublicKey);

the above code seems to be not equal as before. Can anyone tell me the equivalent of the orginal code I can rewrite with spongycastle library without using Javax.Crypto library?

Thx

Prabhakaran
  • 1,264
  • 2
  • 20
  • 47
  • I see few reasons to use Spongy for normal cryptographic operations. If the device contains a provider that performs fast, secure native cryptography then the benefits are lost. Just for my curiosity / knowledge: why are you switching to the lightweight API of Spongy? – Maarten Bodewes Mar 01 '18 at 08:49

1 Answers1

1

RSA PKCS#1 encryption is indeterministic. That's another way of saying that the PKCS#1 pads the plaintext message with random values before it performs modular exponentiation with the public exponent. If you're getting identical values then you know something is wrong, not right.

To test your code you need to simply decrypt the message. If it succeeds, then you know the ciphertext was generated the way it should be.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263