我得到android.security.KeyStoreException: Unknown error在极少数设备上使用不同的Android版本(6 - 8)
这是我的密钥生成代码:
final KeyPairGenerator keyGenerator = KeyPairGenerator
.getInstance(KeyProperties.KEY_ALGORITHM_RSA,
ANDROID_KEY_STORE);
keyGenerator.initialize(new KeyGenParameterSpec.Builder(ALIAS,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setKeySize(2048)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
.build());
return keyGenerator.generateKeyPair();
这就是我加载keyPair的方式:
if (keyStore.containsAlias(ALIAS))
{
KeyStore.Entry entry = keyStore.getEntry(ALIAS, null);
if (entry != null)
{
if (entry instanceof KeyStore.PrivateKeyEntry)
{
Log.i(TAG, "KeyPair found.");
KeyStore.PrivateKeyEntry pke = (KeyStore.PrivateKeyEntry) entry;
Certificate cert = pke.getCertificate();
if (cert != null)
{
return new KeyPair(cert.getPublicKey(), pke.getPrivateKey());
}
Log.w(TAG, "Cert / Public Key is null");
}
}
}
这是我的解密代码:
Cipher RSACipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
RSACipher.init(Cipher.DECRYPT_MODE, privateKey);
return new String(RSACipher.doFinal(base64.decode(textToDecrypt)), "UTF-8");
这是一个失败的解密过程的示例stracktrace:
Caused by javax.crypto.IllegalBlockSizeException
at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:519)
at javax.crypto.Cipher.doFinal(Cipher.java:1736)
at com.examplecompany.security.EncryptionController.decryptAsymmetric(EncryptionController.java:297)
at com.example.crypto.android2.services.CryptoClass.decryptMessage(CryptoClass.java:684)
at com.example.crypto.android2.services.CryptoClass.handleDecryption(CryptoClass.java:619)
at com.example.crypto.android2.services.CryptoClass.doInBackgroundInternal(CryptoClass.java:450)
at com.example.crypto.android2.services.CryptoClass.doInBackground(CryptoClass.java:165)
at com.example.crypto.android2.services.CryptoClass.doInBackground(CryptoClass.java:84)
at android.os.AsyncTask$2.call(AsyncTask.java:333)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
at java.lang.Thread.run(Thread.java:764)
Caused by android.security.KeyStoreException: Unknown error
at android.security.KeyStore.getKeyStoreException(KeyStore.java:1137)
at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
at javax.crypto.Cipher.doFinal(Cipher.java:1736)
at com.examplecompany.security.EncryptionController.decryptAsymmetric(EncryptionController.java:297)
at com.example.crypto.android2.services.CryptoClass.decryptMessage(CryptoClass.java:684)
at com.example.crypto.android2.services.CryptoClass.handleDecryption(CryptoClass.java:619)
at com.example.crypto.android2.services.CryptoClass.doInBackgroundInternal(CryptoClass.java:450)
at com.example.crypto.android2.services.CryptoClass.doInBackground(CryptoClass.java:165)
at com.example.crypto.android2.services.CryptoClass.doInBackground(CryptoClass.java:84)
at android.os.AsyncTask$2.call(AsyncTask.java:333)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
at java.lang.Thread.run(Thread.java:764)
在99.999%的要在数千台设备上加密的消息中,它运行良好,但有时会失败。你能救我吗?
答案 0 :(得分:0)
我从Android Issue Tracker找到了答案 明白,无限制
PublicKey,创造了解决方法 另一个known issue,与当前不相容Cipher。解决这个问题的方法是指定一个OAEPParameterSpec初始化时Cipher:
您需要以下作为Cipher初始化代码
OAEPParameterSpec spec = new OAEPParameterSpec(
"SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
RSACipher.init(Cipher.DECRYPT_MODE, privateKey, spec); // I added the same to the init in Cipher.ENCRYPT_MODE too