[英]Store/Retrieve Elliptic Curve Cryptography (ECC) public key and private key
I have to write code to generate the ECC key pair.我必须编写代码来生成 ECC 密钥对。
Then I use the public key to encrypt string and use the private key to decrypt.然后我使用公钥加密字符串并使用私钥解密。
Now I store the key pair by write it to pem file and store on external memory.现在我将密钥对写入 pem 文件并存储在外部存储器中。
It does not seem safe.似乎并不安全。
So how to store and retrieve these key?那么如何存储和检索这些密钥呢?
Here is my code to generate key pair and write to pem file:这是我生成密钥对并写入 pem 文件的代码:
btnGenKey.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("prime256v1");
try {
KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA","SC");
g.initialize(spec, new SecureRandom());
KeyPair keyPair = g.generateKeyPair();
privateKey = keyPair.getPrivate();
publicKey = keyPair.getPublic();
Toast.makeText(MainActivity.this, "GEN KEY SUCCESS!!", Toast.LENGTH_SHORT).show();
String state;
state = Environment.getExternalStorageState();
if(Environment.MEDIA_MOUNTED.equals(state))
{
File root = Environment.getExternalStorageDirectory();
File dir = new File(root.getAbsolutePath()+"/EDCSA1");
if(!dir.exists())
{
dir.mkdir();
}
File pub = new File(dir,"pub.pem");
File prv = new File(dir,"pri.pem");
try
{
FileOutputStream fileOutputStream = new FileOutputStream(pub);
StringWriter writer = new StringWriter();
PemWriter pemWriter = new PemWriter(writer);
pemWriter.writeObject(new PemObject("PUBLIC KEY",publicKey.getEncoded()));
pemWriter.flush();
pemWriter.close();
String publickeyPem = writer.toString();
fileOutputStream.write(publickeyPem.getBytes());
fileOutputStream.close();
Toast.makeText(MainActivity.this, "SAVE PUBLICKEY", Toast.LENGTH_SHORT).show();
///
FileOutputStream fileOutputStream2 = new FileOutputStream(prv);
StringWriter writer2 = new StringWriter();
PemWriter pemWriter2 = new PemWriter(writer2);
pemWriter2.writeObject(new PemObject("PRIVATE KEY",privateKey.getEncoded()));
pemWriter2.flush();
pemWriter2.close();
String privatekeyPem = writer2.toString();
fileOutputStream2.write(privatekeyPem.getBytes());
fileOutputStream2.close();
Toast.makeText(MainActivity.this, "SAVE PRIVATE", Toast.LENGTH_SHORT).show();
}
catch (Exception ex)
{
ex.printStackTrace();
}
}
} catch (Exception e) {
e.printStackTrace();
}
}
});
I would not suggest the pem file .我不会建议 pem 文件。 The best way to store your secret info in android would be in the
keystore
as its very secure.在 android 中存储您的秘密信息的最佳方法是在
keystore
因为它非常安全。 read more about keystore here . 在此处阅读有关密钥库的更多信息。
If you are looking for cipher transformation to apply refer this as this has a list of algorithms and cipher transformations you can use.如果您正在寻找要应用的密码转换,请参考这里,因为它有一个您可以使用的算法和密码转换列表。
Here is a general idea about how you can use all of this.这是有关如何使用所有这些的一般想法。
1) Initialise a keystore, Generate a key pair(public and private key) 1)初始化密钥库,生成密钥对(公钥和私钥)
2) Encrypt your string and store it in storage(shared preferences, db etc) 2)加密您的字符串并将其存储在存储中(共享首选项,db等)
3) get the encrypted string from storage and decrypt it for your use. 3)从存储中获取加密的字符串并解密以供您使用。
UPDATE :Examples
更新:示例
Please refer these examples if you want a complete working 1) https://developer.android.com/training/articles/keystore.html 2) http://www.androidauthority.com/use-android-keystore-store-passwords-sensitive-information-623779/如果您想要完整的工作,请参考这些示例 1) https://developer.android.com/training/articles/keystore.html 2) http://www.androidauthority.com/use-android-keystore-store-passwords -敏感信息-623779/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.