当前,我在应用中使用Android Keystore来模糊共享首选项,以便存储用户的个人数据。
当前,当尝试在特定设备(运行Android 7.1.1的Oneplus 3T)上使用Keystore时,密码使用生成的密钥崩溃,错误为KeyNotYetValidException。在其他设备中,它不会崩溃。
我尝试将密钥有效期设置为去年,但是遇到了同样的问题。
这是密钥创建代码:
val start = GregorianCalendar()
start.add(Calendar.YEAR, -1)
val end = GregorianCalendar()
end.add(Calendar.YEAR, 25)
lateinit var spec: AlgorithmParameterSpec
spec = KeyGenParameterSpec.Builder(ALIAS, KeyProperties.PURPOSE_ENCRYPT.or(KeyProperties.PURPOSE_DECRYPT))
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
.setUserAuthenticationRequired(false)
.setCertificateSubject(X500Principal("CN=$ALIAS"))
.setCertificateSerialNumber(BigInteger.valueOf(1337))
.setKeyValidityStart(start.time)
.setKeyValidityEnd(end.time)
.build()
这是我得到的堆栈跟踪:
Caused by: android.security.keystore.KeyNotYetValidException: Key not yet valid
at android.security.KeyStore.getInvalidKeyException(KeyStore.java:684)
at android.security.KeyStore.getInvalidKeyException(KeyStore.java:748)
at android.security.keystore.KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(KeyStoreCryptoOperationUtils.java:54)
at android.security.keystore.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:89)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:265)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:109)
at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:2977)
at javax.crypto.Cipher.tryCombinations(Cipher.java:2884)
at javax.crypto.Cipher$SpiAndProviderUpdater.updateAndGetSpiAndProvider(Cipher.java:2789)
at javax.crypto.Cipher.chooseProvider(Cipher.java:956)
at javax.crypto.Cipher.init(Cipher.java:1199)
at javax.crypto.Cipher.init(Cipher.java:1143)
at com.app.myapp.SecureStorage.booo006F006F006Foooo
这里有什么建议吗?