![](/img/trans.png)
[英]Is it possible to generate a 64-byte (256-bit) key and store/retrieve it with AndroidKeyStore?
[英]AndroidKeyStore cannot generate certificate
我一直在嘗試解決有關AndroidKeyStore
問題。 我的應用似乎無法獲得NONEwithRSA
簽名算法的Android
本機提供程序。 這是代碼參考:
Calendar startDate = Calendar.getInstance();
Calendar endDate = Calendar.getInstance();
endDate.add(Calendar.YEAR, 30);
KeyPairGeneratorSpec keyPairGeneratorSpec = new KeyPairGeneratorSpec.Builder(context)
.setAlias("aliasName")
.setSubject(new X500Principal("CN=aliasName"))
.setSerialNumber(BigInteger.TEN)
.setStartDate(startDate.getTime())
.setEndDate(endDate.getTime())
.build();
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
keyPairGenerator.initialize(keyPairGeneratorSpec);
keyPairGenerator.generateKeyPair();
一旦調用generateKeyPair()
,我將獲得以下異常堆棧跟蹤。
Caused by: java.security.SignatureException: java.security.ProviderException: No provider for NONEwithRSA
at com.google.android.gms.org.conscrypt.OpenSSLSignature.engineSign(:com.google.android.gms@12673012@12.6.73 (020408-194189626):6)
at java.security.Signature$SignatureImpl.engineSign(Signature.java:672)
at java.security.Signature.sign(Signature.java:381)
at com.android.org.bouncycastle.x509.X509Util.calculateSignature(X509Util.java:248)
at com.android.org.bouncycastle.x509.X509V3CertificateGenerator.generate(X509V3CertificateGenerator.java:434)
at com.android.org.bouncycastle.x509.X509V3CertificateGenerator.generate(X509V3CertificateGenerator.java:412)
at android.security.AndroidKeyPairGenerator.generateKeyPair(AndroidKeyPairGenerator.java:133)
... 26 more
Caused by: java.security.ProviderException: No provider for NONEwithRSA
at java.security.Signature$SignatureImpl.getSpi(Signature.java:734)
at java.security.Signature$SignatureImpl.engineInitSign(Signature.java:692)
at java.security.Signature.initSign(Signature.java:343)
at com.google.android.gms.org.conscrypt.CryptoUpcalls.rawSignDigestWithPrivateKey(:com.google.android.gms@12673012@12.6.73 (020408-194189626):11)
at com.google.android.gms.org.conscrypt.NativeCrypto.EVP_DigestSignFinal(Native Method)
at com.google.android.gms.org.conscrypt.OpenSSLSignature.engineSign(:com.google.android.gms@12673012@12.6.73 (020408-194189626):2)
... 32 more
找不到與我的問題有關的解決方案。 有誰知道如何解決這個問題?
您可以用
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
如日志中所示,沒有NONEwithRSA的提供程序
更新
您可以嘗試以下代碼在Androidkeystore中生成密鑰對,而android版本應大於18
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
// generator.initialize(spec);
generator.initialize(new KeyGenParameterSpec.Builder(
alias ,
KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY)
.setDigests(KeyProperties.DIGEST_SHA256,
KeyProperties.DIGEST_SHA512)
.setCertificateSubject(new X500Principal("CN=aliasName" ))
.setCertificateNotBefore(start.getTime())
.setCertificateNotAfter(end.getTime())
.setCertificateSerialNumber(BigInteger.ONE)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
.build());
KeyPair keyPair = generator.generateKeyPair();
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.