在使用secp256k1
曲线执行椭圆曲线加密时,我注意到虽然代码和测试用例在Android Studio IDE上编译,但它们不能在Android设备上编译,因为曲线未在{{{ 1}}移动设备使用的。将曲线更改为jre/jdk
我似乎在将publicKey的十六进制字符串转换为prime256v1
对象时遇到了困难。
给出数据库中PublicKey
的十六进制字符串。我希望Android客户端将PublicKey.getEncoded()
转换为将byte[]
字符串转换为hex
对象。我正在使用PublicKey
转换byte[]
,如下所示:
X509EncodedKeySpec()
从十六进制字符串到public static PublicKey getPublicKey(byte[] pk) throws NoSuchAlgorithmException, InvalidKeySpecException {
EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(pk);
KeyFactory kf = KeyFactory.getInstance("EC");
PublicKey pub = kf.generatePublic(publicKeySpec);
return pub;
}
的转换如下:
byte[]
从public static byte[] hexStringToByteArray(String hexString) {
byte[] bytes = new byte[hexString.length() / 2];
for(int i = 0; i < hexString.length(); i += 2){
String sub = hexString.substring(i, i + 2);
Integer intVal = Integer.parseInt(sub, 16);
bytes[i / 2] = intVal.byteValue();
String hex = "".format("0x%x", bytes[i / 2]);
}
return bytes;
}
到Hex字符串的转换如下:
byte[]
然而,当我在Android应用程序(7.0,API 24)上运行时,我得到以下系统错误
public static String convertBytesToHex(byte[] bytes) {
char[] hexChars = new char[bytes.length * 2];
for ( int j = 0; j < bytes.length; j++ ) {
int v = bytes[j] & 0xFF;
hexChars[j * 2] = hexArray[v >>> 4];
hexChars[j * 2 + 1] = hexArray[v & 0x0F];
}
return new String(hexChars).toLowerCase();
}
在Android设备上将Hex字符串转换为ECK实例的PublicKey的推荐方法是什么。
以下是您可以执行的示例代码:
W/System.err: java.security.spec.InvalidKeySpecException: java.lang.RuntimeException: error:0c0000b9:ASN.1 encoding routines:OPENSSL_internal:WRONG_TAG
at com.android.org.conscrypt.OpenSSLKey.getPublicKey(OpenSSLKey.java:295)
at com.android.org.conscrypt.OpenSSLECKeyFactory.engineGeneratePublic(OpenSSLECKeyFactory.java:47)
at java.security.KeyFactory.generatePublic(KeyFactory.java:357)
public class ECDSA {
public static KeyPair generateKeyPair() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec ecSpec = new ECGenParameterSpec("prime256v1");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
keyGen.initialize(ecSpec, random);
KeyPair pair = keyGen.generateKeyPair();
return pair;
}
public static PublicKey getPublicKey(byte[] pk) throws NoSuchAlgorithmException, InvalidKeySpecException {
EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(pk);
KeyFactory kf = KeyFactory.getInstance("EC");
PublicKey pub = kf.generatePublic(publicKeySpec);
return pub;
}
public static PrivateKey getPrivateKey(byte[] privk) throws NoSuchAlgorithmException, InvalidKeySpecException {
EncodedKeySpec privateKeySpec = new X509EncodedKeySpec(privk);
KeyFactory kf = KeyFactory.getInstance("EC");
PrivateKey privateKey = kf.generatePrivate(privateKeySpec);
return privateKey;
}
}
答案 0 :(得分:1)
最后我们得到了一个真正的MCVE,我们现在可以看到你没有使用正确的编码私钥类。 X509EncodedKeySpec
仅适用于公钥。来自javadocs(强调我的):
此类表示已编码的公钥的ASN.1编码 根据ASN.1类型SubjectPublicKeyInfo。
对于私钥,正确的编码通常是PKCS8EncodedKeySpec
。可以通过检查Key.getFormat()
的输出来确定编码。因此,请将getPrivateKey
的方法ECDSA
更改为
public static PrivateKey getPrivateKey(byte[] privk) throws NoSuchAlgorithmException, InvalidKeySpecException {
EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privk);
KeyFactory kf = KeyFactory.getInstance("EC");
PrivateKey privateKey = kf.generatePrivate(privateKeySpec);
return privateKey;
}