我有一个学校的作业,用于制作具有 RSA 功能的应用程序。
我阅读了很多关于我应该如何做的文档,其中大部分都在工作,除了一件我无法理解的事情。
我需要/想要做的事情是提取公钥的模数和指数,将其发送到数据库,以便可以与不同的用户共享(例如在聊天应用程序中)。

这一切正常,我可以提取,并且可以使用这些值生成公钥,但我确实面临的问题是它生成了一个作为“openSSLRSAPublicKey”的 key 。 (见图):

Wrong RSA keys

图为我在手机AndroidKeyStore中的公钥,以及已经转换好的“好友公钥”。

我将包含一些代码 fragment 并展示我如何做这些事情,如果有任何不清楚的地方,我会尝试更新我的问题。

这就是我生成 key 的方式:

// if keypair alias doesn't exist yet make a new pair, and return the public key
// if exists already return the public key
public static PublicKey createKeyPairsOrGetPublicKey(String Uid) {
    PublicKey publicKey;

    try {
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
        keyStore.load(null);

        if (!keyStore.containsAlias(Uid)) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore");
            keyPairGenerator.initialize(
                    new KeyGenParameterSpec.Builder(
                            Uid,
                            KeyProperties.PURPOSE_DECRYPT
                                    | KeyProperties.PURPOSE_ENCRYPT
                                    | KeyProperties.PURPOSE_VERIFY
                                    | KeyProperties.PURPOSE_SIGN)
                            .setDigests(KeyProperties.DIGEST_SHA256)
                            .setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
                            .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
                            .build());

            KeyPair keyPair = keyPairGenerator.generateKeyPair();

            publicKey = keyPair.getPublic();
        } else {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry)
                    keyStore.getEntry(Uid, null);
            publicKey = privateKeyEntry.getCertificate().getPublicKey();
        }

    } catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException | InvalidAlgorithmParameterException | NoSuchProviderException | UnrecoverableEntryException e) {
        e.printStackTrace();
        publicKey = null;
    }

    return publicKey;
}

这反过来提取模数和指数
// createKeyPairsOrGetPublicKey is a method that's shown as first in this question

PublicKey publicKey = Helper_Security.createKeyPairsOrGetPublicKey(user.getUid());

if (publicKey != null) {
  RSAPublicKey rsaKey = (RSAPublicKey) publicKey;
  BigInteger publicExponent = rsaKey.getPublicExponent();
  BigInteger publicModulus = rsaKey.getModulus();

// the hashmap is used to put in values and send it to firebase.
  HashMap<String, String> userMap = new HashMap<>();
  userMap.put(FIRST_NAME, firstNameInputEt.getText().toString());
  userMap.put(LAST_NAME, lastNameInputEt.getText().toString());
  userMap.put(PUBLIC_EXPONENT, publicExponent.toString());
  userMap.put(PUBLIC_MODULUS, publicModulus.toString());

    myRef.setValue(userMap).addOnSuccessListener(new OnSuccessListener<Void>() {
      @Override
      public void onSuccess(Void aVoid) {
        // When the send is a success open another activity
        Intent intent = new Intent(
        parentActivity, MainActivity.class);
        startActivity(intent);
        parentActivity.finish();
        }
    });
  } else {
  Toast.makeText(parentActivity, "Something went wrong", Toast.LENGTH_SHORT).show();
}

接下来我将模数和指数转换回公钥
// convert the public key from the friend from a string to a public key
public static RSAPublicKey convertStringToPublicKey(String publicExponent, String publicModulus) {
    RSAPublicKey publicKey;

    try {
        BigInteger modulus = new BigInteger(publicModulus);
        BigInteger exponent = new BigInteger(publicExponent);
        RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(modulus, exponent);

        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        publicKey = (RSAPublicKey) keyFactory.generatePublic(rsaPublicKeySpec);
    } catch (Exception e) {
        e.printStackTrace();
        publicKey = null;
    }
    return publicKey;
}

毕竟,我想用公钥加密一条消息:
// encrypt a text with a public key
public static String encryptWithPublicKey(PublicKey publicKey, String textToEncrypt) {
    try {
        Cipher inCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
        inCipher.init(Cipher.ENCRYPT_MODE, publicKey);

        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(
                outputStream, inCipher);
        cipherOutputStream.write(Base64.decode(textToEncrypt, Base64.DEFAULT));
        cipherOutputStream.close();

        byte[] vals = outputStream.toByteArray();
        return Base64.encodeToString(vals, Base64.DEFAULT);
    } catch (Exception e) {
        e.printStackTrace();
        return null;
    }
}

这反过来又给了我一个异常(exception):
    W/System.err: java.security.InvalidKeyException: Unsupported key type: OpenSSLRSAPublicKey{modulus=d695704c74b3392c48574a62cb8503fb5204998e41d434199df75aa81813e66e263e32e537fcdc2924287c7b817aee39d34c933145d131ac86e40d31752064d86a782f5384da54d7f18d105b85dc3e6dc9e0adf9614e697cf7898fb83c97d37768a89674a7240defe2dbe45cad70aa9a1d753b7f6658a9cba018ee7e89f720d358f4788055f72116dbd041cc3adcf7e97350a67d0c6fbc926561547e3ad30548ea0abccea68d701b04d26aa7fc4fca40b6bedeb2c4dd0c94f19ad06b60c39ac57fea05106e497b5fe9163bd3f6d06ef0fd8934cd933f2bb8b328d04c719ca7a5b300c5d0214a5d46b406171c2a05c5da8103a361bff6e88da7f557e261f62ed5,publicExponent=10001}
    W/System.err:     at android.security.keystore.AndroidKeyStoreRSACipherSpi.initKey(AndroidKeyStoreRSACipherSpi.java:371)
    W/System.err:     at android.security.keystore.AndroidKeyStoreCipherSpiBase.init(AndroidKeyStoreCipherSpiBase.java:169)
    W/System.err:     at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:105)
    W/System.err:     at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:612)
    W/System.err:     at javax.crypto.Cipher.tryCombinations(Cipher.java:521)
    W/System.err:     at javax.crypto.Cipher.getSpi(Cipher.java:437)
    W/System.err:     at javax.crypto.Cipher.init(Cipher.java:815)
    W/System.err:     at javax.crypto.Cipher.init(Cipher.java:774)
    W/System.err:     at com.pxlpe.chatapppe.Helpers.Helper_Security.encryptWithPublicKey(Helper_Security.java:102)
    W/System.err:     at com.pxlpe.chatapppe.fragments.ConversationFragment.onViewClicked(ConversationFragment.java:104)
    W/System.err:     at com.pxlpe.chatapppe.fragments.ConversationFragment_ViewBinding$1.doClick(ConversationFragment_ViewBinding.java:37)
    W/System.err:     at butterknife.internal.DebouncingOnClickListener.onClick(DebouncingOnClickListener.java:22)
    W/System.err:     at android.view.View.performClick(View.java:5697)
    W/System.err:     at android.view.View$PerformClick.run(View.java:22526)
    W/System.err:     at android.os.Handler.handleCallback(Handler.java:739)
    W/System.err:     at android.os.Handler.dispatchMessage(Handler.java:95)
    W/System.err:     at android.os.Looper.loop(Looper.java:158)
    W/System.err:     at android.app.ActivityThread.main(ActivityThread.java:7224)
    W/System.err:     at java.lang.reflect.Method.invoke(Native Method)
    W/System.err:     at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
    W/System.err:     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)

我的想法是我需要以某种方式将 openSSLRSAPublicKey 转换为 AndroidKeyStoreRSAPublicKey,但我找不到任何文档真正的问题是什么,我查看了字节码,这是完全相同的,调试时查看模数和指数也正确使用。

任何指针都受到高度赞赏,
感谢您在高级和快乐的编码中!

最佳答案

问题与评论中指出的@Maarten Bodewes 完全一样。
我删除了“AndroidKeyStoreBCWorkaround”,现在一切正常。

 // encrypt a text with a public key
    public static String encryptWithPublicKey(PublicKey publicKey, String textToEncrypt) {
        try {
            // changed this:
            // Cipher inCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
            // to this and all seem to work now
            Cipher inCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            inCipher.init(Cipher.ENCRYPT_MODE, publicKey);

            ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(
                    outputStream, inCipher);
            cipherOutputStream.write(Base64.decode(textToEncrypt, Base64.DEFAULT));
            cipherOutputStream.close();

            byte[] vals = outputStream.toByteArray();
            return Base64.encodeToString(vals, Base64.DEFAULT);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

关于java - 在android中使用公钥加密,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/48475809/

10-13 04:18