[英]Keystore operation failed with RSA sign and verify
我很难使用RSA进行签名和验证。 以下是我使用的RSA
类的一部分。 该方法init()
privateKey()
和publicKey()
很好地工作encrypt()
和decrypt()
方法(最后两个此处未列出),所以我认为我做了我的里面的一些错误sign()
方法。 还没有对方法verify()
进行测试,因为签名没有成功,所以我无法继续前进。 请看一下...
我的RSA
类是:
class RSA
{
private final static String ANDROID_KEY_STORE = "AndroidKeyStore";
public final static int ANY_PURPOSE = KeyProperties.PURPOSE_ENCRYPT |
KeyProperties.PURPOSE_DECRYPT | KeyProperties.PURPOSE_SIGN |
KeyProperties.PURPOSE_VERIFY;
public final static long CENTURY = (100 * 365) + 24;
public enum KeySize
{
BIT_512 ( 512),
BIT_768 ( 768),
BIT_1024 (1024),
BIT_2048 (2048),
BIT_3072 (3072),
BIT_4096 (4096);
private int value;
KeySize(int value)
{
this.value = value;
}
public int value()
{
return this.value;
}
}
public enum SignatureAlgorithm
{
MD5WithRSA ("MD5WithRSA"),
SHA1WithRSA ("SHA1WithRSA"),
SHA1WithRSA_PSS ("SHA1WithRSA/PSS"),
SHA224WithRSA ("SHA224WithRSA"),
SHA224WithRSA_PSS ("SHA224WithRSA/PSS"),
SHA256WithRSA ("SHA256WithRSA"),
SHA256WithRSA_PSS ("SHA256WithRSA/PSS"),
SHA384WithRSA ("SHA384WithRSA"),
SHA384WithRSA_PSS ("SHA384WithRSA/PSS"),
SHA512WithRSA ("SHA512WithRSA"),
SHA512WithRSA_PSS ("SHA512WithRSA/PSS");
private String value;
SignatureAlgorithm(String value)
{
this.value = value;
}
public String value()
{
return this.value;
}
}
public static KeyPair init(final String alias, final RSA.KeySize keySize,
final long validityDays, final Boolean reset)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, NoSuchProviderException, InvalidAlgorithmParameterException
{
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
keyStore.load(null);
if (reset || (!keyStore.containsAlias(alias)))
{
final long now = java.lang.System.currentTimeMillis();
KeyPairGenerator keyPairGenerator = KeyPairGenerator
.getInstance(KeyProperties.KEY_ALGORITHM_RSA, ANDROID_KEY_STORE);
keyPairGenerator.initialize(
new KeyGenParameterSpec.Builder(alias, RSA.ANY_PURPOSE)
.setRandomizedEncryptionRequired(false)
.setDigests(
KeyProperties.DIGEST_NONE, KeyProperties.DIGEST_MD5,
KeyProperties.DIGEST_SHA1, KeyProperties.DIGEST_SHA224,
KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA384,
KeyProperties.DIGEST_SHA512)
.setKeySize(keySize.value())
.setEncryptionPaddings(
KeyProperties.ENCRYPTION_PADDING_NONE,
KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1,
KeyProperties.ENCRYPTION_PADDING_RSA_OAEP)
.setCertificateSubject(new X500Principal(
"CN=Android, O=Android Authority"))
.setCertificateSerialNumber(new BigInteger(256, new Random()))
.setCertificateNotBefore(new Date (now - (now % 1000L)))
.setCertificateNotAfter(new Date(((new Date(now - (now % 1000L)))
.getTime()) + (validityDays * 86400000L)))
.build());
return keyPairGenerator.generateKeyPair();
}
else return null;
}
public static PublicKey publicKey(final String alias)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, UnrecoverableEntryException
{
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
keyStore.load(null);
return keyStore.getCertificate(alias).getPublicKey();
}
public static PrivateKey privateKey(final String alias)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, UnrecoverableEntryException
{
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
keyStore.load(null);
return (PrivateKey) keyStore.getKey(alias, null);
}
public static byte[] sign(final String message, final String alias,
final SignatureAlgorithm algorithm)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, UnrecoverableEntryException,
InvalidKeyException, SignatureException
{
Signature instance = Signature.getInstance(algorithm.value());
instance.initSign(privateKey(alias), new SecureRandom());
instance.update(message.getBytes("UTF-8"));
return instance.sign();
}
public static Boolean verify(final String message, final byte[] signature,
final String alias, final SignatureAlgorithm algorithm)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, UnrecoverableEntryException,
InvalidKeyException, SignatureException
{
Signature instance = Signature.getInstance(algorithm.value());
instance.initVerify(publicKey(alias));
instance.update(message.getBytes("UTF-8"));
return instance.verify(signature);
}
}
我的Hex
类是:
class Hex
{
private final static char[] hexArray = "0123456789ABCDEF".toCharArray();
public static String bytesToHexString(final byte[] bytes)
{
char[] hexChars = new char[2 * bytes.length];
for (int i = 0; i < bytes.length; i++)
{
int b = bytes[i] & 0xFF;
hexChars[2 * i] = hexArray[b >>> 4];
hexChars[2 * i + 1] = hexArray[b & 0x0F];
}
return new String(hexChars);
}
}
我的测试代码是:
try
{
RSA.init("RSA", RSA.KeySize.BIT_512, RSA.CENTURY, true);
RSA.SignatureAlgorithm signatureAlgorithm = RSA.SignatureAlgorithm.SHA1WithRSA;
byte[] x = RSA.sign("My message", "RSA", signatureAlgorithm);
Log.d("RSA Test", "x: " + Hex.bytesToHexString(x));
Boolean y = RSA.verify("My message", x, "RSA", signatureAlgorithm);
Log.d("RSA Test", "y: " + (y? "True" : "False"));
}
catch (Exception e)
{
Log.d("RSA Test", "ERROR: " + e.toString());
}
输出为:
错误:java.security.InvalidKeyException:密钥库操作失败
调试显示,当它调用initSign()
时,该错误发生在我的RSA.sign()
方法内部。
我的代码有什么问题?
如果使用RSA密钥签名,则必须在KeyGenParameterSpec
设置签名填充模式。 您还没有这样做。 例如,在您的init()
方法中,您可以在.setEncryptionPaddings()
之后添加以下行:
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
例如
keyPairGenerator.initialize(
new KeyGenParameterSpec.Builder(alias, RSA.ANY_PURPOSE)
.setRandomizedEncryptionRequired(false)
.setDigests(
KeyProperties.DIGEST_NONE, KeyProperties.DIGEST_MD5,
KeyProperties.DIGEST_SHA1, KeyProperties.DIGEST_SHA224,
KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA384,
KeyProperties.DIGEST_SHA512)
.setKeySize(keySize.value())
.setEncryptionPaddings(
KeyProperties.ENCRYPTION_PADDING_NONE,
KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1,
KeyProperties.ENCRYPTION_PADDING_RSA_OAEP)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
.setCertificateSubject(new X500Principal(
"CN=Android, O=Android Authority"))
.setCertificateSerialNumber(new BigInteger(256, new Random()))
.setCertificateNotBefore(new Date(now - (now % 1000L)))
.setCertificateNotAfter(new Date(((new Date(now - (now % 1000L)))
.getTime()) + (validityDays * 86400000L)))
.build());
其他受支持的签名填充模式是SIGNATURE_PADDING_RSA_PSS
。 请注意,PSS签名和OAEP加密是用于签名和加密的RSA块格式化的更现代版本。 它们提供了更好的安全性保证,并且始终应优先于其他模式,除非由于现有代码库的互操作性问题而无法使用它们。
以“ PSS”结尾的签名算法名称(例如SHA224WithRSA_PSS
显然仅用于PSS填充,而其他名称仅用于PKCS1填充。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.