PHP RSA加密字符串的Android设备解密失败，解密结果不正确

The code that encrypts a string PHP-serverside. I use the PKCS8 and not PKCS1 so that I can unencrypt on Android side.

The code for the Encryption follows: I use the phpseclib.

include('libs/PHPSecLib/Crypt/RSA.php');

...code to lookup public and private keys stored in database omitted...

$rsa = new Crypt_RSA();
$rsa->loadKey($row['pref_pub_key']); // public key stored in MySQL BLOB.

$plaintext = 'Testing 123';

$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS8); //USE PKCS8
$ciphertext = $rsa->encrypt($plaintext);

echo $ciphertext;

$rsa->loadKey($row['pref_priv_key']); // private key stored in MySQL BLOB
echo $rsa->decrypt($ciphertext);

$query = "UPDATE preferences SET pref_license = ?;          

    //execute query to store the encrypted text in pref_license BLOB field.
    try {
        $stmt   = $db->prepare($query);
        $stmt->bindParam(1,$ciphertext);
        $stmt->bindParam(2,$ref);

        $db->errorInfo();

        $result = $stmt->execute();
    }
    catch (PDOException $ex) {
        $response["success"] = 0;
        $response["message"] = "Database Error. Couldn't update Pref post with License!" . $ex->getMessage();
        echo $response["message"];
        die(json_encode($response));
    }

I basically encrypt the string, and store it in a BLOB field, for later reference.

I generate the Private Public KEYPAIR and store in BLOB in the following manner, and send the privatekey to the Android device:

include('libs/PHPSecLib/Crypt/RSA.php');

$rsa = new Crypt_RSA();

$rsa->setPrivateKeyFormat(CRYPT_RSA_PRIVATE_FORMAT_PKCS8);
$rsa->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS8);

extract($rsa->createKey()); 

//echo $privatekey . '<br/><br/>' . $publickey; //I can see that it worked!

if (!empty($_POST)) {
    //initial update query to store the keys in BLOBS on SERVER MYSQL

    $query = "UPDATE  preferences SET pref_priv_key = ?, pref_pub_key = ?
    WHERE pref_device_serial = ?";


    //execute query
    try {
        $stmt   = $db->prepare($query);
        $stmt->bindParam(1,$privatekey);
        $stmt->bindParam(2,$publickey);
        $stmt->bindParam(3,$_POST['p_device_serial']);


        $db->errorInfo();

        $result = $stmt->execute();
    }
    catch (PDOException $ex) {
        $response["success"] = 0;
        $response["message"] = "Database Error. Couldn't update Pref post!" . $ex->getMessage();
        die(json_encode($response));
    }
}

//then I send the $privatekey to the Android device and save it there.
//to then later decrypt the serverside encrypted string.

$response["success"] = 1;
$response["pk"] = $privatekey;
$response["message"] = "Key Pair successfully generated.";    

    echo json_encode($response);

On the Android device, I use ans AsyncTask to request the Encrypted String and then read the PrivateKey from the local sqlite blob field, and try and decrypt the string:

 class GetLicense extends AsyncTask<String, String, String> {

        @Override
        protected void onPreExecute() {
            super.onPreExecute();
            pDialog = new ProgressDialog(LicenseActivity.this);
            pDialog.setMessage("Retrieving License Data...");
            pDialog.setIndeterminate(false);
            pDialog.setCancelable(true); 
            pDialog.show();
        }

        @Override
        protected String doInBackground(String... args) {
            int success;
            String elicense;

            try {
                getPref = LicenseActivity.this.openOrCreateDatabase("aaa.db", Context.MODE_PRIVATE, null);

                Cursor c = getPref.rawQuery("SELECT * FROM preferences", null);


                Log.d("request!", "starting");
                if (c != null) {
                    if (c.moveToFirst()) {
                        do {

                            String Preferences_Id = c.getString(c.getColumnIndex(SupaAttendDb.KEY_ROWID));
                            String Preferences_UUID = c.getString(c.getColumnIndex(SupaAttendDb.KEY_Preferences_PREFUUID));
                            String Preferences_Device_Serial = c.getString(c.getColumnIndex(SupaAttendDb.KEY_Preferences_PREFDEVICESERIAL));
                            sPK = c.getString(c.getColumnIndex(SupaAttendDb.KEY_Preferences_PREFPK));

                            // Building Parameters

                            List<NameValuePair> params = new ArrayList<NameValuePair>();
                            params.add(new BasicNameValuePair("p_uuid", Preferences_UUID));

                            try {
                                //Get Encrypted License from server
                                JSONObject json = jsonParser.makeHttpRequest(
                                        GET_LICENSE_URL, "POST", params);

                                // full json response

                                // json success element
                                success = json.getInt(TAG_SUCCESS);
                                if (success == 1) {
                                    sData = json.getString(TAG_LICENSE);

..then I save the the license to Android SQLite. code not required ... In the onPostExecute, I format the PrivateKey and then try to decrypt the sData, but get the incorrect data back, and not 'Testing 123'.

        protected void onPostExecute(String file_url) {

            pDialog.dismiss(); 
            String privKeyPEM = sPK.replace("-----BEGIN PRIVATE KEY-----
", "");
            privKeyPEM = privKeyPEM.replace("-----END PRIVATE KEY-----", "");
            byte[] b = Base64.decode(privKeyPEM,Base64.DEFAULT);

            KeyFactory keyFactory = null;
            try {
                keyFactory = KeyFactory.getInstance("RSA");
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            }

            EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(b); //This decodes properly without any exceptions.
            PrivateKey privateKey2 = null;
            try {
                privateKey2 = keyFactory.generatePrivate(privateKeySpec);
            } catch (InvalidKeySpecException e) {
                e.printStackTrace();
            } 
            byte[] decryptedData = null;
            Cipher cipher = null;
            try {
                cipher = Cipher.getInstance("RSA");
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            } catch (NoSuchPaddingException e) {
                e.printStackTrace();
            } 
            try {
                cipher.init(Cipher.DECRYPT_MODE,privateKey2);
            } catch (InvalidKeyException e) {
                e.printStackTrace();
            }
            byte[] sD = Base64.decode(sData, Base64.DEFAULT);// Here I try to get the encrypted string retrieved from server into a byte[].
            try {
                decryptedData = cipher.doFinal(sD); // no errors, but I get the incorrect unencrypted string.
            } catch (IllegalBlockSizeException e) {
                e.printStackTrace();
            } catch (BadPaddingException e) {
                e.printStackTrace();
            }
            if (decryptedData != null){
                String decrypted = new String(decryptedData);
                //decryptedData = Base64.encode(decryptedData,Base64.DEFAULT);
                Toast.makeText(LicenseActivity.this, decrypted, Toast.LENGTH_LONG).show();
            }

        }
}

I realise I'm just doing something stupid in this last bit of code where I try and decode the Encrypted string, and then decrypt it. Hope you can point me in the correct direction, and sorry for being long winded.

Oh and yes, before you ask, I retrieve the license from the server with the following PHP:

require("config.inc.php");

if (!empty($_POST)) {

//initial query
$query = "SELECT pref_uuid, pref_license, pref_device_serial FROM preferences WHERE pref_uuid = :p_uuid"; 

    $query_params = array(':p_uuid' => $_POST['p_uuid']); 

    //execute query
    try {
        $stmt = $db->prepare($query);

        $db->errorInfo();

        $result = $stmt->execute($query_params);
    }
    catch (PDOException $ex) {
        $response["success"] = 0;
        $response["message"] = "Database Error. Couldn't retrieve License details!" . $ex->getMessage();
        die(json_encode($response));
    }

    if(!$result) {
        $response["success"] = 0;
        $response["message"] = "Database Error. Couldn't return Licenses!" . $ex->getMessage();
        die(json_encode($response));
    }


    $row = $stmt->fetch(PDO::FETCH_ASSOC);

        $response["license"] = base64_encode($row['pref_license']); // I encode it here before I send the encrypted string off to android device.
        $response["message"] = "License Record successfully retrieved";
        $response["success"] = 1; 

echo json_encode($response); 

}

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douxianji6181 2015-04-30 19:10
关注
OK so thanks to Maarten Bodewes , I went back to PKCS#1 on the serverside, then couldn't work with it on Android side as expected. I discovered SpongyCastle library, and was able to extract the Modulus and privateExponent from the PrivateKey, then I was able to successfully unencrypt the encrypted string. THANKS MAARTEN!!!!

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

在JavaScript中加密字符串并使用RSA技术在PHP中解密 javascript php
2013-12-13 11:26

回答 1 已采纳 Use HTTPS. What you are doing will never be able to protect you against active attacks (MitM) sin
在用GO语言加密的同时，如何在c＃中解密RSA加密的字符串。解码OAEP填充时发生错误 c#
2018-01-11 13:39

回答 2 已采纳 After addressing comments by @bartonjs I've also changed response response from go to var encryp
RSA加密字节改变，String与byte转出问题
2015-08-13 08:01

回答 2 已采纳 字符串变成字符数组，是否为正确。你需要看看加密需要的数据，跟你输入的字符串类型如何转换
RSA.rar_RSA算法 c++_rsa_rsa c++_字符串加密解密_解密
2022-09-23 23:13

RSA算法的演示程序,分组加密功能,可以对任意长度的字符串进行加密解密
求助：RSA加密发送http请求失败 java
2021-06-19 20:27

回答 2 已采纳 package com.example.demo1; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException;
JAVA和IOS对接RSA加密问题 ios java
2016-03-31 11:24

回答 3 已采纳 Java和android及iOS对接RSA加密经验IOS 与JAVA RSA加密解密----------------------同志你好，我是CSDN问答机器人小N，奉组织之命为你提供参考答案，编程尚
有全部源码，我调用openssl库的RSA和AES算法进行加密。加密字符串太长就会报错，具体如下。算法
2015-08-05 00:52

回答 1 已采纳 rsa加密算法是有限制的。受到密钥长度限制。你应该把要加密的内容分块。一块块加密。这样可以避免长度限制问题
字符串的RSA加密与解密 c语言实现
2020-09-19 16:00

C语言对RSA的简单实现，通过对指定字符串进行加密解密来验证程序的正确性。直接修改程序的内部宏定义实现自己的需求。
matlb关于RSA算法加解密问题 matlab 算法
2022-03-15 22:59

回答 1 已采纳 %利用扩展欧几里得算法求取e关于r的模反元素d if(mod(r,e)~=0) [g,d,y]=gcd(e,r); if d<0 d = d+r; end end
RSA算法中的公钥和私钥可以保存在数据库里面吗？ java mysql python
2019-04-15 15:22

回答 1 已采纳可以存在数据库，不过同样的读取后存本地，为了安全可以使用后再删除，不过RSA客户端只要有公钥就行了，私钥只有服务端持有，不会被篡改的，公钥任何人都可以知道。
用openssl_seal加密的php数据。如何在c＃中解码？ c# php
2011-05-16 20:44

回答 1 已采纳 Found the issue here myself. In the c# code I was doing an extra encoding to base64 to get it back
js rsa 长字符加密解密亲测成功
2020-12-22 11:16

//加密 var encrypt = new JSEncrypt(); encrypt.setPublicKey(PUBLIC_KEY); var encrypted = encrypt.encryptLong("results"); console.log('加密后数据:%o', encrypted); //解密 var decrypt = new JSEncrypt(); ...
请教一下各位前辈, 关于rsa算法理解的问题 c++ c语言 java python
2019-08-02 19:40

回答 2 已采纳 RSA是基于大数的公约对的吧，理论上以目前电脑的速度，即使for循环也是暴力破解不了的，在游戏中，也经常使用RSA加密网络通信数据。这里有一个Java实现的加密解锁类，你可以参考一下: [http:
python rsa加密解密 字符串_Python实现RSA长字符串的加解密
2020-12-15 13:59

weixin_39907762的博客 # -*- coding: utf-8 -*-# Author: arefulimport base64import rsa.commonfrom Crypto.PublicKey import RSAdef rsa_encrypt_bytes(pub_key, bytes_str):if not isinstance(bytes_str, bytes):return Nonepubkey = r...
python之RSA加密解密源码
2022-06-25 17:41

文档中提供了python3实现RSA公钥加密、私钥解密、私钥加密、公钥解密、私钥签名、公钥验签，整套源代码及公钥私钥文件，亲测可用
没有解决我的问题, 去提问

悬赏问题

¥15 如何用stata画出文献中常见的安慰剂检验图
¥15 c语言链表结构体数据插入
¥40 使用MATLAB解答线性代数问题
¥15 COCOS的问题COCOS的问题
¥15 FPGA-SRIO初始化失败
¥15 MapReduce实现倒排索引失败
¥15 ZABBIX6.0L连接数据库报错，如何解决？(操作系统-centos)
¥15 找一位技术过硬的游戏pj程序员
¥15 matlab生成电测深三层曲线模型代码
¥50 随机森林与房贷信用风险模型

PHP RSA加密字符串的Android设备解密失败，解密结果不正确

1条回答 默认 最新

悬赏问题

1条回答默认最新