KeyFactory.generatePublic来自硬编码的X.509证书

时间:2012-05-28 08:51:45

标签: java android x509

我需要将我的应用分为应用和扩展程序。所以我为Google Play下载程序库(android-sdk \ extras \ google \ play_apk_expansion \ downloader_sample)举了一个例子。项目构建良好,但它在

崩溃 
byte[] decodedKey = Base64.decode(encodedPublicKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); // "RSA"
return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey));<code>

,在字符串keyFactory.generatePublic上。 它来自src \ com \ google \ android \ vending \ licensing \ LicenseChecker.java (Android的SDK \演员\谷歌\ play_licensing \库\ SRC) 错误:

E/AndroidRuntime(523): java.lang.IllegalArgumentException: java.security.spec.InvalidKeySpecException: java.lang.IllegalArgumentException: Bad sequence size: 3

键看起来像:

private static final String BASE64_PUBLIC_KEY =
"MIIB5TCCAU6gAwIBAgIET45f9zANBgkqhkiG9w0BAQUFADA3MQswCQYDVQQGEwJVUzEQMA4GA1UE" +
"ChMHQW5kcm9pZDEWMBQGA1UEAxMNQW5kcm9pZCBEZWJ1ZzAeFw0xMjA0MTgwNjMyMjNaFw00MjA0" +
"MTEwNjMyMjNaMDcxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdBbmRyb2lkMRYwFAYDVQQDEw1BbmRy" +
"b2lkIERlYnVnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh2IN5HhCp1X+gLaga06VXr/MZ" +
"JpkzhxMdg5yWyOkj50ZDCPywAh8LcNEih9XjYswAXwRHxZpUy9VFqgGcku33AAdHxyK7KK4ge7u5" +
"a7KY11CJhxMUbOGezGldMUTwBA0ZSuObfW402I4Y4ciAsMrOnhZqSTI/tTdAWv6cPTiJQQIDAQAB" +
"MA0GCSqGSIb3DQEBBQUAA4GBAAZ89R7OMtkQnGpE6s/crqUMysAXOaHktrr6mV/4VknoLHWJUsRg" +
"iv34rAFpd1SDg0HS8HklIymcwFkrewwx9MzryYtZEdBjvo2EeTz5u8nxQNz9sqChaya0oSXB/VI8" +
"nZBnoJ+n5Zbj7QfIgG7thrT4+n4pIDO83+E6zVW6RnIh";

如果我将密钥更改为随机字符串,我会得到:

E/AndroidRuntime(478): java.lang.IllegalArgumentException: java.security.spec.InvalidKeySpecException: java.lang.ClassCastException: com.android.org.bouncycastle.asn1.DERApplicationSpecific cannot be cast to com.android.org.bouncycastle.asn1.ASN1Sequence

我尝试生成关键规范并且不会导致错误,但这不是我需要的:

RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger("12345678", 16), new BigInteger("11", 16));
KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM);
return keyFactory.generatePublic(pubKeySpec);

我重新检查了证书的生成和导出。看起来是正确的。 密钥对生成:

keytool.exe -genkey -keyalg "RSA" -keysize 2048 -v -keystore key2.store -storepass <storepwd> -keypass <keypwd>

,导出

keytool.exe -export -rfc -storepass <storepwd> -keystore key2.store -file key222.cer

这是调试代码。我将在发布时使用Google Play的公钥。 硬编码x.509证书并在app中使用它的正确方法是什么?

1 个答案:

答案 0 :(得分:3)

这不是有效的编码公钥,它似乎是Android调试证书。请注意,公钥!=证书,尽管证书确实包含公钥。另请注意,任何两个随机BigInteger都不构成有效的密钥对(至少它们必须是素数)。要解析实际证书,您需要这样的东西:

FileInputStream fis = new FileInputStream(filename);
BufferedInputStream bis = new BufferedInputStream(fis);

CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(bis);

你到底想要做什么?

相关问题
最新问题