search

whyoleg / cryptography-kotlin

Kotlin Multiplatform cryptography / crypto library
https://whyoleg.github.io/cryptography-kotlin/
Apache License 2.0
286 stars 18 forks source link

RSA/ECB/PKCS1Padding #29

Open chandrakant-kshirsagar opened 5 months ago

chandrakant-kshirsagar commented 5 months ago

@whyoleg How to use the below code here.

Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");

whyoleg commented 5 months ago

Hey! Sorry, but RSA with PKCS1 encryption is not yet supported. Only RSA OAEP is supported for now.

Could you please describe why do you need this specific algorithm? Is it needed to community with some old software? I'm asking this, because generally, RSA with PKCS1 encryption is not supposed to be used for new applications, so that's why I delayed adding it, providing more robust algorithms first.

chandrakant-kshirsagar commented 5 months ago

@whyoleg thanks for the information.

Currently, I am converting my old code to compose-multiplatform, which uses RSA/ECB/PKCS1Padding encryption. Should I migrate my code to RSA OAEP or is there any further plan for RSA with PKCS1?

whyoleg commented 5 months ago

Yeah, if you control server part and so could use RSA OAEP for your use case - then it's better to do it. RSA with PKCS1 encryption probable will be supported in upcoming release, but there is no date yet - may be in a couple of months - hard to predict my workload right now.

chandrakant-kshirsagar commented 5 months ago

@whyoleg I will discuss with my backend team about changing the encryption to RSA OAEP. Thank you for your support.👍

e9ab98e991ab commented 2 months ago

import java.security.KeyFactory import java.security.spec.X509EncodedKeySpec import android.util.Base64 import javax.crypto.Cipher 

actual object RSAUtils {
    actual fun encryptData(str: String, key: String): String { 
        val keyBytes = Base64.decode(key,Base64.NO_WRAP)
        val pubKeySpec = X509EncodedKeySpec(keyBytes)
        val keyFactory = KeyFactory.getInstance("RSA")
        val pubKey = keyFactory.generatePublic(pubKeySpec)

        val cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding")
        cipher.init(Cipher.ENCRYPT_MODE, pubKey)
        val encryptedBytes = cipher.doFinal(str.toByteArray())
        // NO_WRAP 表示不在结果中加上换行和空格
        return URLEncoder.encode(Base64.encodeToString(encryptedBytes,Base64.NO_WRAP), "UTF-8")
    }
}

Android is implemented in KMM. I don't know how to write iOS. The hard author wrote the code of iOS and merged into the library

ivanpataki commented 2 months ago

Hi, Plus one here, unfortunately I cannot change the server side encryption, so looking forward to 0.4.0! Thanks!

jvondermarck commented 1 month ago

I would also have the use case to use AES ECB encryption for an old app that cannot be migrated to a safer encryption. So it would be great in the future to implement it.

whyoleg commented 1 month ago

AES.ECB, RSA.RAW (jdk: RSA/ECB/NoPadding) and RSA.PKCS1 encryption (RSA/ECB/PKCS1Padding) are available in main branch and so in 0.4.0 snapshots. No date for release yet as I need to finish other things. API is a bit clattered for those legacy RSA algorithms (e.g digest is required, but is not used). It will be definitely changed before 1.0 someday.