RSA / ECB / OAEPWithSHA-256AndMGF1Padding, but with MGF1 using SHA-256?

Question

RSA / ECB / OAEPWithSHA-256AndMGF1Padding, but with MGF1 using SHA-256?

I found the hard way which is in the standard Oracle Java Crypto provider

Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");

uses MFG1 associated with SHA-1; SHA-256 is used only for label designation (in practice, empty). The only solution I found to actually use SHA-256 in MFG1 (using this answer and comment ) used an alternative form Cipher.init:

cipher.init(Cipher.DECRYPT_MODE, privKey, new OAEPParameterSpec(
    "SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT
));

Question: Is there a transformation that Cipher.getInstancewill recognize with an effect similar "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"except MGF1 using SHA-256?

+4

java cryptography

fgrieu Nov 06 '15 at 18:03

source share

1 answer

Maarten Bodewes · Accepted Answer · 2015-11-06T22:45:05+0000

No no.

Java . , OpenJDK.

init com.sun.crypto.provider.RSACipher :

            spec = new OAEPParameterSpec(oaepHashAlgorithm, "MGF1",
                MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);

Java 8 update 60 OpenJDK. , .

RSA / ECB / OAEPWithSHA-256AndMGF1Padding, but with MGF1 using SHA-256?

More articles: