Search code examples
javapythonrsapublic-key-encryptionsteam

RSA Encryption in java and python gives different encryption result

I am trying to encrypt my password with RSA public key that is send by steam.

I have code in python that gives a encryped password that I expect and the java code gives a different result.

Here is the code in python : 

import rsa
import base64
import requests

rsa_mod = int("a34c87e072501474c5b75dbfb179bd240123bdcda2f79c450b3224bdbe2527ded280706a727fcced28a4a00187165285df8bf0c37721c682808502d89ac05d1cb521babdfee8d4cd0e12169a139338418b0b8ddb0d0066e027bd1c4bb18928b996416a1f671e0754428c53b2234cb5cfc67adbd93006d6c4ca4f5459b8cb22e675ee04e045387db331659e3143c71c941c092fe56e665f8ae21c73153a31a287fb85178d51d710ebb33ad6b437af5fe073b4a2a969920364fd595f824d4b0bca41216b66865fc8e020ef3b36ddc3613f6fdd8559471cc7165384562e20ca422f32a12e9a064279d80ad03d1d111922993e8e62e94da9ae4cf0bd7a08708f047b", 16)
rsa_exp = int("010001", 16)
password = "password"

rsa_key = rsa.PublicKey(rsa_mod, rsa_exp)

encrypedPassword = base64.b64encode(rsa.encrypt(password.encode('utf-8'), rsa_key))

print(encrypedPassword)

The result from python :

b'P7VLrCteJCfoV4UELktZlDjjcQRRhLOcRhoqdd3H2rKe3KQpWPfBfMQZhxpF7NDoNx5KXDnXO7Ew9o87egxOUbAHvmckrorD4VQHNauoSjQR03ibxfNSMwRh8CJOOJVi6wykvijIPHuJBZtNI8XhgNYn8LJLz4jN37MJmocCi80oB/UCSsS3v87mUYo6Ik1xTmqiOxojRLzhw9Lfw1A33pEj4NfiwnLRjE7jd1evAtfgTUiOLXhaUv5J8PYTwzUmLZTft+8JsLEUzaYSfAxbL6M0s6s62dFCKmrAmrKtPwl8VD+6BlWCLdt1j2JNQuND+OZIpjyY7KadTGtCA8if3A=='

Here is the java code :

private final String PASSWORD = "password";
private final String publickey_mod= "a34c87e072501474c5b75dbfb179bd240123bdcda2f79c450b3224bdbe2527ded280706a727fcced28a4a00187165285df8bf0c37721c682808502d89ac05d1cb521babdfee8d4cd0e12169a139338418b0b8ddb0d0066e027bd1c4bb18928b996416a1f671e0754428c53b2234cb5cfc67adbd93006d6c4ca4f5459b8cb22e675ee04e045387db331659e3143c71c941c092fe56e665f8ae21c73153a31a287fb85178d51d710ebb33ad6b437af5fe073b4a2a969920364fd595f824d4b0bca41216b66865fc8e020ef3b36ddc3613f6fdd8559471cc7165384562e20ca422f32a12e9a064279d80ad03d1d111922993e8e62e94da9ae4cf0bd7a08708f047b";
private final String publickey_exp = "010001" ;

private String encryptPassWordWithRSAKey() {
  BigInteger module = new BigInteger(publickey_mod, 16);
  BigInteger exponent = new BigInteger(publickey_exp, 16);
  try {
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    RSAPublicKeySpec publicKeySpec = new RSAPublicKeySpec(module, exponent);
    RSAPublicKey publicKey = (RSAPublicKey) keyFactory.generatePublic(publicKeySpec);

    Cipher cipher = Cipher.getInstance("RSA");
    cipher.init(Cipher.ENCRYPT_MODE, publicKey);
    byte[] encryptedPassWord = cipher.doFinal(PASSWORD.getBytes(StandardCharsets.UTF_8));
    return Base64.getEncoder().encodeToString(encryptedPassWord);
} catch (IllegalBlockSizeException | BadPaddingException | NoSuchPaddingException | NoSuchAlgorithmException | InvalidKeyException | InvalidKeySpecException e) {
    System.out.println("Exception in encryptPassWordWithRSAKey method of LoginExecutor");
    e.printStackTrace();
    return null;
  }
}

public String getEncryptedkey(){
  return this.encryptPassWordWithRSAKey();
}

Result from above code:

SrA4QK2FXFIB/c5ZOuUJ+SZLTcgYyp3eWYD7TTo7krfiyRxbSekVQHAooBzL/k8/DQwbUxR5InUKHxAqUMZ9MU87H+ULXOGi9a0N/37ymTXBnqGna8XvjtnpeVG8h5PXilZdLqeGDdn5wuNNtN6+61rPsifYJy2M9BUdXIfs2EyS0LQixRkPcfQN4Qd+K6UPBLpc7D4SUkTMJSDgp7umZeifz+hEPmE+FYEBtmDf1uLFB4/B9srgyDxLXjFZS/gk27EYrtEuiPbR0pmZs75JCRFk0Y5p1wQEmgCujs3+PuJTXdyHdrO4fxqTGHzKZRau2zZOaT3RWoU/x/u8QSKfZg==

I have already tried to use Cipher.getInstance("RSA/ECB/PKCS1Padding") but does not give expected result.

All the help is appreciated. Have a wonderful day.

Solution

  • Stopped working on this for a while. Got back to this and found that I was making a very stupid mistake. The Encryption is right. When I was passing password as the query parameter, I need to replace the '=', '+', '/' with url encoding. Reference from : w3schools.com/tags/ref_urlencode.ASP.

    Here is the final code that I added : 

    String urlSafePassword = Base64.getEncoder().encodeToString(encryptedPassWord);
            urlSafePassword.replace("/", "%2F");
            urlSafePassword.replace("+", "%2B");
            urlSafePassword.replace("=", "%3D");
            return urlSafePassword;

    I kept thinking that my encrytion type.

    Thanks for all the help guys. Have a great day.