AndroidKeyStore无法生成证书
[英]AndroidKeyStore cannot generate certificate
问题描述
I have been trying to solve this issue regarding AndroidKeyStore . 
我一直在尝试解决有关AndroidKeyStore问题。 My app seems to not getting Android native provider for NONEwithRSA signing algorithm. 我的应用似乎无法获得NONEwithRSA签名算法的Android本机提供程序。 This is the code reference: 这是代码参考:
Calendar startDate = Calendar.getInstance();
Calendar endDate = Calendar.getInstance();
endDate.add(Calendar.YEAR, 30);
KeyPairGeneratorSpec keyPairGeneratorSpec = new KeyPairGeneratorSpec.Builder(context)
.setAlias("aliasName")
.setSubject(new X500Principal("CN=aliasName"))
.setSerialNumber(BigInteger.TEN)
.setStartDate(startDate.getTime())
.setEndDate(endDate.getTime())
.build();
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
keyPairGenerator.initialize(keyPairGeneratorSpec);
keyPairGenerator.generateKeyPair();
Once generateKeyPair() gets called, I got the following exception stack trace. 一旦调用generateKeyPair() ,我将获得以下异常堆栈跟踪。
Caused by: java.security.SignatureException: java.security.ProviderException: No provider for NONEwithRSA
at com.google.android.gms.org.conscrypt.OpenSSLSignature.engineSign(:com.google.android.gms@12673012@12.6.73 (020408-194189626):6)
at java.security.Signature$SignatureImpl.engineSign(Signature.java:672)
at java.security.Signature.sign(Signature.java:381)
at com.android.org.bouncycastle.x509.X509Util.calculateSignature(X509Util.java:248)
at com.android.org.bouncycastle.x509.X509V3CertificateGenerator.generate(X509V3CertificateGenerator.java:434)
at com.android.org.bouncycastle.x509.X509V3CertificateGenerator.generate(X509V3CertificateGenerator.java:412)
at android.security.AndroidKeyPairGenerator.generateKeyPair(AndroidKeyPairGenerator.java:133)
... 26 more
Caused by: java.security.ProviderException: No provider for NONEwithRSA
at java.security.Signature$SignatureImpl.getSpi(Signature.java:734)
at java.security.Signature$SignatureImpl.engineInitSign(Signature.java:692)
at java.security.Signature.initSign(Signature.java:343)
at com.google.android.gms.org.conscrypt.CryptoUpcalls.rawSignDigestWithPrivateKey(:com.google.android.gms@12673012@12.6.73 (020408-194189626):11)
at com.google.android.gms.org.conscrypt.NativeCrypto.EVP_DigestSignFinal(Native Method)
at com.google.android.gms.org.conscrypt.OpenSSLSignature.engineSign(:com.google.android.gms@12673012@12.6.73 (020408-194189626):2)
... 32 more
No solution is found related to my issue. 找不到与我的问题有关的解决方案。 Does anyone have any idea on how to solve this? 有谁知道如何解决这个问题?
1 个解决方案
解决方案1
0 2018-05-31 08:16:15
You can replace the line with 您可以用
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
As it is showing in logs that No provider for NONEwithRSA 如日志中所示,没有NONEwithRSA的提供程序
Updated 更新
You can try the below code for generating key pair in Androidkeystore and android version should be greater than 18 您可以尝试以下代码在Androidkeystore中生成密钥对,而android版本应大于18
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
// generator.initialize(spec);
generator.initialize(new KeyGenParameterSpec.Builder(
alias ,
KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY)
.setDigests(KeyProperties.DIGEST_SHA256,
KeyProperties.DIGEST_SHA512)
.setCertificateSubject(new X500Principal("CN=aliasName" ))
.setCertificateNotBefore(start.getTime())
.setCertificateNotAfter(end.getTime())
.setCertificateSerialNumber(BigInteger.ONE)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
.build());
KeyPair keyPair = generator.generateKeyPair();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.