最近在逆向某Android App的時候複製了裏面一段Java寫的RSA解密代碼,把它放在Windows上執行,結果發現解密失敗,剛開始以爲是密文數據或者公鑰數據弄錯了,調試了下發現密文數據或者公鑰數據都沒問題,問題發生在通過公鑰數據生成公鑰,在Window上生成的公鑰是Sun RSA public key,在Android上生成的公鑰是OpenSSLRSAPublicKey,原因可能和Jdk版本有關係:Window上使用的是SunJdk,Android上使用的是OpenJdk。
Windows:
public class ExampleUnitTest {
@Test
public void testGetPublicKey() {
try{
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
System.out.println(publicKey);
}catch (Exception e){
}
}
}
Sun RSA public key, 1024 bits
modulus: 95213884349438225170527524041975750351683444678161946275254426695337973208253569775466173664279298747653058061430975492241277502919945076896996944444736550396126983267986003483379392361465058231916774917978538137429201243314904997369770567867017186086453893426267549310093584324574550363215845297101263978509
public exponent: 65537
Android:
public class ExampleInstrumentedTest {
@Test
public void testGetPublicKey() {
try{
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
Log.d("Test", "testGetPublicKey: "+publicKey);
}catch (Exception e){
}
}
}
testGetPublicKey: OpenSSLRSAPublicKey{modulus=cbeecbec35b18cde50f2f201e441f5d9b57dacb2ba780a2f93152295d7661e822a570035e55217234d3f6070794faf28d5c3975fd62e1cfbf714cd379c8ee2166544a555e3f89c0be9074f8acccced9a9e1a8071a6c30abeea3bc5c8565dd34fd34794da50cb74e68c5f93e9f0925b60f87c89aacb25a9e357fd819ef0cf5a11,publicExponent=10001}