当我使用存储在HSM接收中的私钥解密加密的SecretKeyData时
javax.crypto.BadPaddingException:lHash不匹配 在in.gov.uidai.kyc.client.RSAPadding.unpadOAEP(RSAPadding.java:396) 在in.gov.uidai.kyc.client.RSAPadding.unpad(RSAPadding.java:244) 在in.gov.uidai.kyc.client.RSAPadding.unpad(RSAPadding.java:227) 在in.gov.uidai.kyc.client.DataDecryptorNew.decryptSecretKeyData(DataDec) ryptorNew.java:437)
private byte[] decryptSecretKeyData(byte[] encryptedSecretKey, byte[] iv) throws Exception {
try {
Cipher rsaCipher = Cipher.getInstance(TRANSFORMATION_NOPADDING, providerPKCS11);
rsaCipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] paddedPlainText = rsaCipher.doFinal(encryptedSecretKey);
/* Ensure leading zeros not stripped */
if (paddedPlainText.length < keyLength / 8) {
byte[] tmp = new byte[keyLength / 8];
System.arraycopy(paddedPlainText, 0, tmp, tmp.length - paddedPlainText.length, paddedPlainText.length);
System.out.println("Zero padding to " + (keyLength / 8));
paddedPlainText = tmp;
}
System.out.println("OAEP padded plain text: " + DatatypeConverter.printHexBinary(paddedPlainText));
OAEPParameterSpec paramSpec = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
RSAPadding padding = RSAPadding.getInstance(RSAPadding.PAD_OAEP_MGF1, keyLength / 8, new SecureRandom(), paramSpec);
byte[] plainText2 = padding.unpad(paddedPlainText);
System.out.println("Unpadded plain text: " + DatatypeConverter.printHexBinary(plainText2));
return plainText2;
} catch (GeneralSecurityException e) {
e.printStackTrace();
throw new Exception("Failed to decrypt AES secret key using RSA.", e);
}
}