Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support padding mode choice in javascript for private encrypt / public decrypt #16

merged 4 commits into from
Feb 24, 2015


Copy link

@krisb krisb commented Feb 10, 2013

Necessary to support private encryption / public decryption with existing no padding based libraries. This was a particular issue for me due to RSA/None/NoPadding being the default for java based RSA using Bouncy Castle Provider.

Copy link

Just FYI -- You can use RSA_PKCS1_OAEP_PADDING on ursa, which is the default, and tell Bouncy Castle to use OAEP as well.

        AsymmetricBlockCipher blockCipher = new RSAEngine();
        blockCipher = new org.bouncycastle.crypto.encodings.OAEPEncoding(blockCipher);
        blockCipher.init(false, privKey);

You'd think the same would work with RSA_PKCS1_PADDING, but I couldn't get encryption-decryption to work with org.bouncycastle.crypto.encodings.PKCS1Encoding.

Also, apparently, RSA with no padding is insecure.

@ox ox closed this Jul 23, 2013
@ox ox reopened this Jul 23, 2013
Copy link

I'm working on getting all these old pull requests merged, @ox did you mean to close and then re-open this?

Copy link

ox commented Dec 5, 2014

I don't remember this PR and have nothing to do with it. Close it, I guess?

On Thu, Dec 4, 2014 at 5:57 PM, Jeremie Miller

I'm working on getting all these old pull requests merged, @ox did you mean to close and then re-open this?

Reply to this email directly or view it on GitHub:
#16 (comment)

Copy link

@krisb are you still using your fork that supports no-padding (or is anyone else)? I haven't tested it yet, but the advantage I see of having it merged in is that it allows the app to implement its own padding and just use this lib to do the crypto.

As @ryanrhee mentioned using no-padding as the end result is definitely unwise, but at least this would give more padding choices than what is built in?

Copy link
Contributor Author

krisb commented Feb 4, 2015

@quartzjer I am. I'm not advocating using no padding, but if you don't control the other end of things and its using no padding then this is the only choice available.

@quartzjer quartzjer merged commit 06ea0c3 into JoshKaufman:master Feb 24, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet

Successfully merging this pull request may close these issues.

None yet

4 participants