You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm using OAEP padding as part of some decryption/encryption steps -
specifically using: /ECB/OAEPWithSHA1AndMGF1Padding
Testing encryption/decryption via standard ruby 1.9.3 and openssl 0.9.8e
works as expected. We don't explicitly name the above padding - we pass
OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING (padding parameter 4) to openssl's
RSA decryption methods and it works correctly.
Modifying that file and changing MD5->SHA1 fixed our issues. Is there a
reason why this is the case? I'm trying to understand why the behaviour is
different between standard ruby and JRuby.
The text was updated successfully, but these errors were encountered:
👍 Having this exact same problem, resulting in the following error:
OpenSSL::PKey::RSAError: data hash wrong
from org/jruby/ext/openssl/PKeyRSA.java:467:in `private_decrypt'
Doesn't look like OAEPWithSHA1AndMGF1Padding is supported. Duplicating the exact same code but passing the correct algorithm works, but it would be nice to use the packaged library.
balmas
added a commit
to balmas/jruby-openssl
that referenced
this issue
Jul 7, 2015
I'm using OAEP padding as part of some decryption/encryption steps -
specifically using: /ECB/OAEPWithSHA1AndMGF1Padding
Testing encryption/decryption via standard ruby 1.9.3 and openssl 0.9.8e
works as expected. We don't explicitly name the above padding - we pass
OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING (padding parameter 4) to openssl's
RSA decryption methods and it works correctly.
When repeating the same test via JRuby 1.7.11 + 1.9.3, we saw padding
failures and after some debugging, linked it to the fact that the default
JRuby padding associated with padding parameter 4 (
https://github.com/jruby/jruby/blob/master/ext/openssl/src/main/java/org/jruby/ext/openssl/PKeyRSA.java#L443
)
is actually the same algorithm but with MD5 vs SHA1 as the digest algorithm.
Modifying that file and changing MD5->SHA1 fixed our issues. Is there a
reason why this is the case? I'm trying to understand why the behaviour is
different between standard ruby and JRuby.
The text was updated successfully, but these errors were encountered: