我有一个学校的作业,用于制作具有 RSA 功能的应用程序。
我阅读了很多关于我应该如何做的文档,其中大部分都在工作,除了一件我无法理解的事情。
我需要/想要做的事情是提取公钥的模数和指数,将其发送到数据库,以便可以与不同的用户共享(例如在聊天应用程序中)。
这一切正常,我可以提取,并且可以使用这些值生成公钥,但我确实面临的问题是它生成了一个作为“openSSLRSAPublicKey”的 key 。 (见图):
Wrong RSA keys
图为我在手机AndroidKeyStore中的公钥,以及已经转换好的“好友公钥”。
我将包含一些代码 fragment 并展示我如何做这些事情,如果有任何不清楚的地方,我会尝试更新我的问题。
这就是我生成 key 的方式:
// if keypair alias doesn't exist yet make a new pair, and return the public key
// if exists already return the public key
public static PublicKey createKeyPairsOrGetPublicKey(String Uid) {
PublicKey publicKey;
try {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
keyStore.load(null);
if (!keyStore.containsAlias(Uid)) {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore");
keyPairGenerator.initialize(
new KeyGenParameterSpec.Builder(
Uid,
KeyProperties.PURPOSE_DECRYPT
| KeyProperties.PURPOSE_ENCRYPT
| KeyProperties.PURPOSE_VERIFY
| KeyProperties.PURPOSE_SIGN)
.setDigests(KeyProperties.DIGEST_SHA256)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
.build());
KeyPair keyPair = keyPairGenerator.generateKeyPair();
publicKey = keyPair.getPublic();
} else {
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry)
keyStore.getEntry(Uid, null);
publicKey = privateKeyEntry.getCertificate().getPublicKey();
}
} catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException | InvalidAlgorithmParameterException | NoSuchProviderException | UnrecoverableEntryException e) {
e.printStackTrace();
publicKey = null;
}
return publicKey;
}
这反过来提取模数和指数
// createKeyPairsOrGetPublicKey is a method that's shown as first in this question
PublicKey publicKey = Helper_Security.createKeyPairsOrGetPublicKey(user.getUid());
if (publicKey != null) {
RSAPublicKey rsaKey = (RSAPublicKey) publicKey;
BigInteger publicExponent = rsaKey.getPublicExponent();
BigInteger publicModulus = rsaKey.getModulus();
// the hashmap is used to put in values and send it to firebase.
HashMap<String, String> userMap = new HashMap<>();
userMap.put(FIRST_NAME, firstNameInputEt.getText().toString());
userMap.put(LAST_NAME, lastNameInputEt.getText().toString());
userMap.put(PUBLIC_EXPONENT, publicExponent.toString());
userMap.put(PUBLIC_MODULUS, publicModulus.toString());
myRef.setValue(userMap).addOnSuccessListener(new OnSuccessListener<Void>() {
@Override
public void onSuccess(Void aVoid) {
// When the send is a success open another activity
Intent intent = new Intent(
parentActivity, MainActivity.class);
startActivity(intent);
parentActivity.finish();
}
});
} else {
Toast.makeText(parentActivity, "Something went wrong", Toast.LENGTH_SHORT).show();
}
接下来我将模数和指数转换回公钥
// convert the public key from the friend from a string to a public key
public static RSAPublicKey convertStringToPublicKey(String publicExponent, String publicModulus) {
RSAPublicKey publicKey;
try {
BigInteger modulus = new BigInteger(publicModulus);
BigInteger exponent = new BigInteger(publicExponent);
RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(modulus, exponent);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
publicKey = (RSAPublicKey) keyFactory.generatePublic(rsaPublicKeySpec);
} catch (Exception e) {
e.printStackTrace();
publicKey = null;
}
return publicKey;
}
毕竟,我想用公钥加密一条消息:
// encrypt a text with a public key
public static String encryptWithPublicKey(PublicKey publicKey, String textToEncrypt) {
try {
Cipher inCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
inCipher.init(Cipher.ENCRYPT_MODE, publicKey);
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
CipherOutputStream cipherOutputStream = new CipherOutputStream(
outputStream, inCipher);
cipherOutputStream.write(Base64.decode(textToEncrypt, Base64.DEFAULT));
cipherOutputStream.close();
byte[] vals = outputStream.toByteArray();
return Base64.encodeToString(vals, Base64.DEFAULT);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
这反过来又给了我一个异常(exception):
W/System.err: java.security.InvalidKeyException: Unsupported key type: OpenSSLRSAPublicKey{modulus=d695704c74b3392c48574a62cb8503fb5204998e41d434199df75aa81813e66e263e32e537fcdc2924287c7b817aee39d34c933145d131ac86e40d31752064d86a782f5384da54d7f18d105b85dc3e6dc9e0adf9614e697cf7898fb83c97d37768a89674a7240defe2dbe45cad70aa9a1d753b7f6658a9cba018ee7e89f720d358f4788055f72116dbd041cc3adcf7e97350a67d0c6fbc926561547e3ad30548ea0abccea68d701b04d26aa7fc4fca40b6bedeb2c4dd0c94f19ad06b60c39ac57fea05106e497b5fe9163bd3f6d06ef0fd8934cd933f2bb8b328d04c719ca7a5b300c5d0214a5d46b406171c2a05c5da8103a361bff6e88da7f557e261f62ed5,publicExponent=10001}
W/System.err: at android.security.keystore.AndroidKeyStoreRSACipherSpi.initKey(AndroidKeyStoreRSACipherSpi.java:371)
W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.init(AndroidKeyStoreCipherSpiBase.java:169)
W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:105)
W/System.err: at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:612)
W/System.err: at javax.crypto.Cipher.tryCombinations(Cipher.java:521)
W/System.err: at javax.crypto.Cipher.getSpi(Cipher.java:437)
W/System.err: at javax.crypto.Cipher.init(Cipher.java:815)
W/System.err: at javax.crypto.Cipher.init(Cipher.java:774)
W/System.err: at com.pxlpe.chatapppe.Helpers.Helper_Security.encryptWithPublicKey(Helper_Security.java:102)
W/System.err: at com.pxlpe.chatapppe.fragments.ConversationFragment.onViewClicked(ConversationFragment.java:104)
W/System.err: at com.pxlpe.chatapppe.fragments.ConversationFragment_ViewBinding$1.doClick(ConversationFragment_ViewBinding.java:37)
W/System.err: at butterknife.internal.DebouncingOnClickListener.onClick(DebouncingOnClickListener.java:22)
W/System.err: at android.view.View.performClick(View.java:5697)
W/System.err: at android.view.View$PerformClick.run(View.java:22526)
W/System.err: at android.os.Handler.handleCallback(Handler.java:739)
W/System.err: at android.os.Handler.dispatchMessage(Handler.java:95)
W/System.err: at android.os.Looper.loop(Looper.java:158)
W/System.err: at android.app.ActivityThread.main(ActivityThread.java:7224)
W/System.err: at java.lang.reflect.Method.invoke(Native Method)
W/System.err: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
W/System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)
我的想法是我需要以某种方式将 openSSLRSAPublicKey 转换为 AndroidKeyStoreRSAPublicKey,但我找不到任何文档真正的问题是什么,我查看了字节码,这是完全相同的,调试时查看模数和指数也正确使用。
任何指针都受到高度赞赏,
感谢您在高级和快乐的编码中!
最佳答案
问题与评论中指出的@Maarten Bodewes 完全一样。
我删除了“AndroidKeyStoreBCWorkaround”,现在一切正常。
// encrypt a text with a public key
public static String encryptWithPublicKey(PublicKey publicKey, String textToEncrypt) {
try {
// changed this:
// Cipher inCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
// to this and all seem to work now
Cipher inCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
inCipher.init(Cipher.ENCRYPT_MODE, publicKey);
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
CipherOutputStream cipherOutputStream = new CipherOutputStream(
outputStream, inCipher);
cipherOutputStream.write(Base64.decode(textToEncrypt, Base64.DEFAULT));
cipherOutputStream.close();
byte[] vals = outputStream.toByteArray();
return Base64.encodeToString(vals, Base64.DEFAULT);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
关于java - 在android中使用公钥加密,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/48475809/