tags:

views:

129

answers:

1
+1  Q: 

Is PKCS#1 V2.0 implemented for Java?

I need encrypt data using exactly the PKCS#1 V2.0 encryption method (defined in item 7.2.1 of the PKCS#1V2 specification).

Is it already implemented for Java?

I'm thinking in something like just pass a parameter to javax.crypto.Cipher specifying "PKCS#1V2", I wonder if there is something like this?

+1  A: 

PKCS#1 v2.0 encryption is usually called OAEP encryption. So:

Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");

The place to look is the Java Cryptography Architecture documents: Standard Algorithm Name Documentation or Sun Providers Documentation.

As you can see the SunJCE provider supports the following variations of OAEP:

  • OAEPWITHMD5ANDMGF1PADDING
  • OAEPWITHSHA1ANDMGF1PADDING
  • (OAEPWITHSHA-1ANDMGF1PADDING)
  • OAEPWITHSHA-256ANDMGF1PADDING
  • OAEPWITHSHA-384ANDMGF1PADDING
  • OAEPWITHSHA-512ANDMGF1PADDING
Rasmus Faber  2010-06-01 21:20:48
Sun Providers Documentation, yes, Standard Algorithm Name Docs, no. Sun does not promise to implement everything they have reserved a name for. As an example, the "ECIES" algorithm name is reserved, but no Sun provider implements it.
GregS  2010-06-01 22:23:53
The Standard Algorithm Name Documentation helps you find the correct name instead of "PKCS#1V2". The Sun Providers Documentation helps you find out whether the Sun provider implements it or if you should try to find another provider.
Rasmus Faber  2010-06-02 05:12:08
@RasmusFaber Looks like OAEP (Optimal Asymmetric Encryption Padding) it's just the padding definition. Is PKCS1V2 just about padding?
Tom Brito  2010-06-02 14:15:56
GregS  2010-06-02 15:27:34
@Tom Brito: Basically yes.
Rasmus Faber  2010-06-02 17:56:40
I didn't found this names, but found XMLCipher.RSA_OAEP in apache commons, that is the same thing. Anyway, thanks!
Tom Brito  2010-06-11 17:40:11

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java