[英]AndroidKeyStore cannot generate certificate
我一直在尝试解决有关AndroidKeyStore问题。 我的应用似乎无法获得NONEwithRSA签名算法的Android本机提供程序。 这是代码参考:
Calendar startDate = Calendar.getInstance();
Calendar endDate = Calendar.getInstance();
endDate.add(Calendar.YEAR, 30);
KeyPairGeneratorSpec keyPairGeneratorSpec = new KeyPairGeneratorSpec.Builder(context)
.setAlias("aliasName")
.setSubject(new X500Principal("CN=aliasName"))
.setSerialNumber(BigInteger.TEN)
.setStartDate(startDate.getTime())
.setEndDate(endDate.getTime())
.build();
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
keyPairGenerator.initialize(keyPairGeneratorSpec);
keyPairGenerator.generateKeyPair();
一旦调用generateKeyPair() ,我将获得以下异常堆栈跟踪。
Caused by: java.security.SignatureException: java.security.ProviderException: No provider for NONEwithRSA
at com.google.android.gms.org.conscrypt.OpenSSLSignature.engineSign(:com.google.android.gms@12673012@12.6.73 (020408-194189626):6)
at java.security.Signature$SignatureImpl.engineSign(Signature.java:672)
at java.security.Signature.sign(Signature.java:381)
at com.android.org.bouncycastle.x509.X509Util.calculateSignature(X509Util.java:248)
at com.android.org.bouncycastle.x509.X509V3CertificateGenerator.generate(X509V3CertificateGenerator.java:434)
at com.android.org.bouncycastle.x509.X509V3CertificateGenerator.generate(X509V3CertificateGenerator.java:412)
at android.security.AndroidKeyPairGenerator.generateKeyPair(AndroidKeyPairGenerator.java:133)
... 26 more
Caused by: java.security.ProviderException: No provider for NONEwithRSA
at java.security.Signature$SignatureImpl.getSpi(Signature.java:734)
at java.security.Signature$SignatureImpl.engineInitSign(Signature.java:692)
at java.security.Signature.initSign(Signature.java:343)
at com.google.android.gms.org.conscrypt.CryptoUpcalls.rawSignDigestWithPrivateKey(:com.google.android.gms@12673012@12.6.73 (020408-194189626):11)
at com.google.android.gms.org.conscrypt.NativeCrypto.EVP_DigestSignFinal(Native Method)
at com.google.android.gms.org.conscrypt.OpenSSLSignature.engineSign(:com.google.android.gms@12673012@12.6.73 (020408-194189626):2)
... 32 more
找不到与我的问题有关的解决方案。 有谁知道如何解决这个问题?
您可以用
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
如日志中所示,没有NONEwithRSA的提供程序
更新
您可以尝试以下代码在Androidkeystore中生成密钥对,而android版本应大于18
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
// generator.initialize(spec);
generator.initialize(new KeyGenParameterSpec.Builder(
alias ,
KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY)
.setDigests(KeyProperties.DIGEST_SHA256,
KeyProperties.DIGEST_SHA512)
.setCertificateSubject(new X500Principal("CN=aliasName" ))
.setCertificateNotBefore(start.getTime())
.setCertificateNotAfter(end.getTime())
.setCertificateSerialNumber(BigInteger.ONE)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
.build());
KeyPair keyPair = generator.generateKeyPair();
是否可以生成64字节(256位)密钥并使用AndroidKeyStore存储/检索它?
[英]Is it possible to generate a 64-byte (256-bit) key and store/retrieve it with AndroidKeyStore?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.