我很难使用RSA进行签名和验证。以下是我使用的RSA课程的一部分。方法init(),privateKey()和publicKey()适用于encrypt()和decrypt()方法(此处未列出的最后两个),因此我假设我在内部犯了一些错误我的sign()方法。方法verify()尚未经过测试,因为签名失败,所以我无法继续前进。请看看......
我的RSA课程是:
class RSA
{
private final static String ANDROID_KEY_STORE = "AndroidKeyStore";
public final static int ANY_PURPOSE = KeyProperties.PURPOSE_ENCRYPT |
KeyProperties.PURPOSE_DECRYPT | KeyProperties.PURPOSE_SIGN |
KeyProperties.PURPOSE_VERIFY;
public final static long CENTURY = (100 * 365) + 24;
public enum KeySize
{
BIT_512 ( 512),
BIT_768 ( 768),
BIT_1024 (1024),
BIT_2048 (2048),
BIT_3072 (3072),
BIT_4096 (4096);
private int value;
KeySize(int value)
{
this.value = value;
}
public int value()
{
return this.value;
}
}
public enum SignatureAlgorithm
{
MD5WithRSA ("MD5WithRSA"),
SHA1WithRSA ("SHA1WithRSA"),
SHA1WithRSA_PSS ("SHA1WithRSA/PSS"),
SHA224WithRSA ("SHA224WithRSA"),
SHA224WithRSA_PSS ("SHA224WithRSA/PSS"),
SHA256WithRSA ("SHA256WithRSA"),
SHA256WithRSA_PSS ("SHA256WithRSA/PSS"),
SHA384WithRSA ("SHA384WithRSA"),
SHA384WithRSA_PSS ("SHA384WithRSA/PSS"),
SHA512WithRSA ("SHA512WithRSA"),
SHA512WithRSA_PSS ("SHA512WithRSA/PSS");
private String value;
SignatureAlgorithm(String value)
{
this.value = value;
}
public String value()
{
return this.value;
}
}
public static KeyPair init(final String alias, final RSA.KeySize keySize,
final long validityDays, final Boolean reset)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, NoSuchProviderException, InvalidAlgorithmParameterException
{
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
keyStore.load(null);
if (reset || (!keyStore.containsAlias(alias)))
{
final long now = java.lang.System.currentTimeMillis();
KeyPairGenerator keyPairGenerator = KeyPairGenerator
.getInstance(KeyProperties.KEY_ALGORITHM_RSA, ANDROID_KEY_STORE);
keyPairGenerator.initialize(
new KeyGenParameterSpec.Builder(alias, RSA.ANY_PURPOSE)
.setRandomizedEncryptionRequired(false)
.setDigests(
KeyProperties.DIGEST_NONE, KeyProperties.DIGEST_MD5,
KeyProperties.DIGEST_SHA1, KeyProperties.DIGEST_SHA224,
KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA384,
KeyProperties.DIGEST_SHA512)
.setKeySize(keySize.value())
.setEncryptionPaddings(
KeyProperties.ENCRYPTION_PADDING_NONE,
KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1,
KeyProperties.ENCRYPTION_PADDING_RSA_OAEP)
.setCertificateSubject(new X500Principal(
"CN=Android, O=Android Authority"))
.setCertificateSerialNumber(new BigInteger(256, new Random()))
.setCertificateNotBefore(new Date (now - (now % 1000L)))
.setCertificateNotAfter(new Date(((new Date(now - (now % 1000L)))
.getTime()) + (validityDays * 86400000L)))
.build());
return keyPairGenerator.generateKeyPair();
}
else return null;
}
public static PublicKey publicKey(final String alias)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, UnrecoverableEntryException
{
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
keyStore.load(null);
return keyStore.getCertificate(alias).getPublicKey();
}
public static PrivateKey privateKey(final String alias)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, UnrecoverableEntryException
{
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
keyStore.load(null);
return (PrivateKey) keyStore.getKey(alias, null);
}
public static byte[] sign(final String message, final String alias,
final SignatureAlgorithm algorithm)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, UnrecoverableEntryException,
InvalidKeyException, SignatureException
{
Signature instance = Signature.getInstance(algorithm.value());
instance.initSign(privateKey(alias), new SecureRandom());
instance.update(message.getBytes("UTF-8"));
return instance.sign();
}
public static Boolean verify(final String message, final byte[] signature,
final String alias, final SignatureAlgorithm algorithm)
throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
IOException, UnrecoverableEntryException,
InvalidKeyException, SignatureException
{
Signature instance = Signature.getInstance(algorithm.value());
instance.initVerify(publicKey(alias));
instance.update(message.getBytes("UTF-8"));
return instance.verify(signature);
}
}
我的Hex课程是:
class Hex
{
private final static char[] hexArray = "0123456789ABCDEF".toCharArray();
public static String bytesToHexString(final byte[] bytes)
{
char[] hexChars = new char[2 * bytes.length];
for (int i = 0; i < bytes.length; i++)
{
int b = bytes[i] & 0xFF;
hexChars[2 * i] = hexArray[b >>> 4];
hexChars[2 * i + 1] = hexArray[b & 0x0F];
}
return new String(hexChars);
}
}
我的测试代码是:
try
{
RSA.init("RSA", RSA.KeySize.BIT_512, RSA.CENTURY, true);
RSA.SignatureAlgorithm signatureAlgorithm = RSA.SignatureAlgorithm.SHA1WithRSA;
byte[] x = RSA.sign("My message", "RSA", signatureAlgorithm);
Log.d("RSA Test", "x: " + Hex.bytesToHexString(x));
Boolean y = RSA.verify("My message", x, "RSA", signatureAlgorithm);
Log.d("RSA Test", "y: " + (y? "True" : "False"));
}
catch (Exception e)
{
Log.d("RSA Test", "ERROR: " + e.toString());
}
输出是:
错误:java.security.InvalidKeyException:密钥库操作失败
调试显示错误发生在我的RSA.sign()方法内,当它调用initSign()时。
我的代码有什么问题?
答案 0 :(得分:6)
如果您使用RSA密钥进行签名,则必须在KeyGenParameterSpec中设置签名填充模式。你还没有这样做。例如,在init()方法中,您可以在.setEncryptionPaddings()之后添加以下行:
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
e.g。
keyPairGenerator.initialize(
new KeyGenParameterSpec.Builder(alias, RSA.ANY_PURPOSE)
.setRandomizedEncryptionRequired(false)
.setDigests(
KeyProperties.DIGEST_NONE, KeyProperties.DIGEST_MD5,
KeyProperties.DIGEST_SHA1, KeyProperties.DIGEST_SHA224,
KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA384,
KeyProperties.DIGEST_SHA512)
.setKeySize(keySize.value())
.setEncryptionPaddings(
KeyProperties.ENCRYPTION_PADDING_NONE,
KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1,
KeyProperties.ENCRYPTION_PADDING_RSA_OAEP)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
.setCertificateSubject(new X500Principal(
"CN=Android, O=Android Authority"))
.setCertificateSerialNumber(new BigInteger(256, new Random()))
.setCertificateNotBefore(new Date(now - (now % 1000L)))
.setCertificateNotAfter(new Date(((new Date(now - (now % 1000L)))
.getTime()) + (validityDays * 86400000L)))
.build());
其他支持的签名填充模式为SIGNATURE_PADDING_RSA_PSS。请注意,PSS签名和OAEP加密是用于签名和加密的更现代版本的RSA块格式。它们提供了更好的安全保障,并且应始终优先于其他模式,除非由于与现有代码库的互操作性问题而无法使用它们。
签名算法命名以&#34; PSS&#34;结尾,例如SHA224WithRSA_PSS显然仅用于PSS填充,而其他仅用于PKCS1填充。