[英]Is it possible to generate a 64-byte (256-bit) key and store/retrieve it with AndroidKeyStore?
[英]Is possible to put own key to AndroidKeyStore?
我在考虑这个问题:
是否可以将自己的密钥AndroidKeyStore
并将其用于其他操作(签署一些文本/文档)?
我已经为签名算法SPHINCS
生成了一个PostQuantum
密钥( PostQuantum
/发布),其中包括BouncyCastle
库。
有什么方法,如何初始化我的计划?
谢谢您的提示:)
有一个示例代码,我如何通过BouncyCastle SPHINCS生成priv / pub密钥:
SPHINCS256KeyPairGenerator generator = new SPHINCS256KeyPairGenerator();
generator.init(new SPHINCS256KeyGenerationParameters(new RiggedRandom(), new SHA3Digest(256)));
AsymmetricCipherKeyPair kp = generator.generateKeyPair();
SPHINCSPrivateKeyParameters priv = (SPHINCSPrivateKeyParameters)kp.getPrivate();
SPHINCSPublicKeyParameters pub = (SPHINCSPublicKeyParameters)kp.getPublic();
尝试这样的事情(Andorid M(6.0)+的示例)
@TargetApi(Build.VERSION_CODES.M)
private void initGeneratorWithKeyGenParameterSpec() {
try {
KeyPairGenerator generator = KeyPairGenerator.getInstance("ALGORITHM", "AndroidKeyStore");
String alias = "myAlias";
Calendar startDate = Calendar.getInstance();
Calendar endDate = Calendar.getInstance();
endDate.add(Calendar.YEAR, 20);
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(
alias, KeyProperties.PURPOSE_ENCRYPT|KeyProperties.PURPOSE_DECRYPT)
.setCertificateSubject(new X500Principal("CN=" + alias))
.setCertificateSerialNumber(BigInteger.valueOf(1337))
.setCertificateNotBefore(startDate.getTime())
.setCertificateNotAfter(endDate.getTime())
.setBlockModes(KeyProperties.BLOCK_MODE_ECB)
.setDigests(KeyProperties.DIGEST_SHA256)
.setKeySize(2048)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1);
generator.initialize(builder.build());
generator.generateKeyPair();
} catch (Exception e) {
mLogger.logException(Logger.Level.ERROR, Logger.Category.ENCRYPTION, "KeyStoreWrapper", "initGeneratorWithKeyGenParameterSpec()", e);
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.