RSA encryption and decryption in net, ios uses pkcs1, while java uses pkcs8
If it is modulo 1024 (usually 1024), the length of the private key in pkcs1 format should be 812. If it is in pkcs8 format, the key length is 861.
Download and install openssl: https://pan.baidu.com/s/1ggQJIIR
I am using Win64OpenSSL_Light-1_1_0g.exe here
PKCS1 private key generation:
OpenSSL> genrsa -out pkcs1_private.pem 1024 Generating RSA private key, 1024 bit long modulus .........++++++ .............................++++++ e is 65537 (0x10001)
content:
-----BEGIN RSA PRIVATE KEY----- MIICWwIBAAKBgQCYMTaH4NMw5fQsgx3pv8xaAxhOdtUz/m5nfl9XHtGboXNzUzx/ ehh8c3RgpGcig83JXOYOXafmx3OS28Ed3e2fmC5Yo5RD6DRHnBCid28EjQ5PgCTd dNqDvcXU3YMH4sO1qNBx5MQpk92Kt/NdquIJmzhgpjP15MO5CFHcU90ZvQIDAQAB AoGANlvdjkrPI/f+bqemV4caBkx0shHftOJ7rJuGkid/1oakJdzlDuMdO9ZBCwOt krZhGjsEML1i6xryPNIg9/n8lSdQqIUW61HXYwKUK5xQWz/MstWbbIx3t5driQFR Fv53NLdemeF/0AJiD5COO1fkoM+1By2LlI0ths8cQLcOpgECQQDIc46yV1N5IuS0 MYD0LgggaJ08WF0PrwjXgs+DRp3+ZE5WTs1JDkBQM9E598xbmy7AAFtdtR3L5CH8 5Qh+KfwJAkEAwl4MuRMdIjiHiw1YoIUliy6t3XPvxeOEiG/P15adKrxI5A5QylM0 TtbZT3YZurdy3nrJ75LxuU9cSYKzxtVFFQJAMboJElD7kjeHyPPm66xns7KAHzJE k9l2NhBrbkOcejlj/aE65/6zEbJpGxpQBgGvTU5JXCvMIoKLs/MVckb0EQJASze+ ULkW4zFhMuy9SZF9T/mGi1bciYZcubgbhODifbFTu/3WQhYk/gWjH18i4eEwcOyv zSjepsoRetk73UyXaQJAOfr3Gg1dGvoLiwZ3fXoDVupahnKg73SAd72 + 24qQs2AT 16T8FKop259xisLu+WSUTfSUhao5qOpZJ/PTwFRlzw== -----END RSA PRIVATE KEY-----
Convert PKCS1 private key to PKCS8 (this format is generally called by Java)
OpenSSL> pkcs8 -topk8 -inform PEM -in pkcs1_private.pem -outform pem -nocrypt -out pkcs8_private.pem
content:
-----BEGIN PRIVATE KEY----- MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJgxNofg0zDl9CyD Hem/zFoDGE521TP+bmd+X1ce0Zuhc3NTPH96GHxzdGCkZyKDzclc5g5dp+bHc5Lb wR3d7Z+YLlijlEPoNEecEKJ3bwSNDk+AJN102oO9xdTdgwfiw7Wo0HHkxCmT3Yq3 812q4gmbOGCmM/Xkw7kIUdxT3Rm9AgMBAAECgYA2W92OSs8j9/5up6ZXhxoGTHSy Ed+04nusm4aSJ3/WhqQl3OUO4x071kELA62StmEaOwQwvWLrGvI80iD3+fyVJ1Co hRbrUddjApQrnFBbP8yy1ZtsjHe3l2uJAVEW/nc0t16Z4X/QAmIPkI47V+Sgz7UH LYuUjS2GzxxAtw6mAQJBAMhzjrJXU3ki5LQxgPQuCCBonTxYXQ+vCNeCz4NGnf5k TlZOzUkOQFAz0Tn3zFubLsAAW121HcvkIfzlCH4p/AkCQQDCXgy5Ex0iOIeLDVig hSWLLq3dc+/F44SIb8/Xlp0qvEjkDlDKUzRO1tlPdhm6t3LeesnvkvG5T1xJgrPG 1UUVAkAxugkSUPuSN4fI8+brrGezsoAfMkST2XY2EGtuQ5x6OWP9oTrn/rMRsmkb GlAGAa9NTklcK8wigouz8xVyRvQRAkBLN75QuRbjMWEy7L1JkX1P+YaLVtyJhly5 uBuE4OJ9sVO7/dZCFiT+BaMfXyLh4TBw7K/NKN6myhF62TvdTJdpAkA5+vcaDV0a +guLBnd9egNW6lqGcqDvdIB3vb7bipCzYBPXpPwUqinbn3GKwu75ZJRN9JSFqjmo 6lkn89PAVGXP -----END PRIVATE KEY-----
Generate public key:
The private key of PKCS1 generates the public key:
OpenSSL> rsa -in pkcs1_private.pem -pubout -out pkcs1_public.pem
writing RSA key
content:
-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYMTaH4NMw5fQsgx3pv8xaAxhO dtUz/m5nfl9XHtGboXNzUzx/ehh8c3RgpGcig83JXOYOXafmx3OS28Ed3e2fmC5Y o5RD6DRHnBCid28EjQ5PgCTddNqDvcXU3YMH4sO1qNBx5MQpk92Kt/NdquIJmzhg pjP15MO5CFHcU90ZvQIDAQAB -----END PUBLIC KEY-----
The private key of PKCS8 generates the public key:
OpenSSL> rsa -in pkcs8_private.pem -pubout -out pkcs8_public.pem
writing RSA key
content:
-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYMTaH4NMw5fQsgx3pv8xaAxhO dtUz/m5nfl9XHtGboXNzUzx/ehh8c3RgpGcig83JXOYOXafmx3OS28Ed3e2fmC5Y o5RD6DRHnBCid28EjQ5PgCTddNqDvcXU3YMH4sO1qNBx5MQpk92Kt/NdquIJmzhg pjP15MO5CFHcU90ZvQIDAQAB -----END PUBLIC KEY-----
It turns out that both public keys are the same.
The following link has the online production address: http://tool.chacuo.net/cryptrsapkcs1pkcs8
None of the above conversions have a private key password
Notice:
When using rsa for encryption, if the reported length is abnormal, then segmented encryption and decryption must be performed.
RSA encryption and decryption: A 1024-bit certificate supports a maximum of 117 bytes for encryption and 128 for decryption; A 2048-bit certificate supports a maximum of 245 bytes for encryption and 256 for decryption. The maximum number of bytes supported during encryption: the number of certificate bits /8 -11 (for example: a 2048-bit certificate, the maximum number of encrypted bytes supported: 2048/8 - 11 = 245 ) In order to improve security, the RSA encryption algorithm in .NET needs to add some random numbers before the data to be encrypted. Therefore, use the RSA encryption algorithm in .NET to encrypt up to 117 bytes of data at a time (more than 117 bytes need to be split into Multiple segments are encrypted separately and then connected), after encryption, an encrypted data with a length of 128 bytes is obtained. The maximum length of plaintext that RSA can actually encrypt is also 1024bits, but the question arises: what if it is less than this length? Padding is required, because if there is no padding, the user cannot distinguish the real length of the decrypted content, and the content such as strings is not a big problem, with 0 as the terminator,
but it is difficult to understand the binary data, because it is not sure what follows The 0 is the content or the content terminator. As long as padding is used, the actual plaintext length is occupied, so there is a saying of 117 bytes.
The padding standards we generally use include NoPPadding, OAEPPadding, PKCS1Padding, etc. The padding suggested by PKCS#1 occupies 11 bytes.
What if it is larger than this length? The padding of many algorithms is often in the back, but the padding of PKCS is in the front. This is an intentional design, and the first byte is intentionally set to 0 to ensure that the value of m is less than n.
In this way, 128 bytes (1024bits) - minus 11 bytes is exactly 117 bytes, but for RSA encryption, padding is also involved in encryption, so it is still understood according to 1024bits, but the actual plaintext is only 117 bytes. .
Use flow in docking:
There are two sets of four keys: A's public key (PUB_A), A's private key (PRI_A); B's public key (PUB_B), B's private key (PRI_B). The public key is generally used for encryption, and the private key is used for signature. Usually the public key is made public, but the private key can only be held privately. The public key and the private key uniquely correspond, and the content signed with a certain public key can only be de-signed and verified with the corresponding private key; similarly, the content encrypted with a certain private key can only be decrypted with the corresponding public key. At this time, the whole process of signing and encrypting the information sent by A to B is as follows: 1. A first signs the message (usually a digest of the message) with its own private key (PRI_A). 2. A then uses B's public key (PUB_B) to encrypt the information content and signature information. In this way, when B receives the information from A, the steps to obtain the information content are as follows: 1. Decrypt the content encrypted by A with B's public key (PUB_B) with its own private key (PRI_B); 2. After obtaining the decrypted plaintext, use A's public key (PUB_A) to unsign A with A's own private key ( PRI_A) signature. Thus, the entire process guarantees the end-to-end unique confirmation of the beginning. A's signature can only be unsigned by A's public key, so that B can confirm that the information is sent by A; A's encryption can only be decrypted by B's private key, so that A can confirm that the information can only be read by B .
But in the process of my use, I found that only the public key can be encrypted and the private key can be decrypted. (It should be that I don't understand where, so I can't encrypt the private key and decrypt the public key)
Now the general connection is
1. Use the other party's private key to sign the message to generate a sign, and then encrypt the message and sign using the other party's public key
2. After the other party receives the data, it first decrypts it with its own private key, and then signs the decrypted message with the private key, and compares it with the passed sign.
RSA is just an encryption algorithm. For signing, the content needs to be HASHed and then encrypted. For example, SHA1WithRSA is a commonly used RSA signing algorithm.