我正在尝试创建一个加密用户消息的应用。用户的公钥需要以字符串形式发布到服务器上。我生成Android Keystore PublicKey的方式如下:
public static PublicKey getOrCreatePublicKey(String alias) throws GeneralSecurityException, IOException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_PROVIDER);
keyStore.load(null);
if (!keyStore.containsAlias(alias) || keyStore.getCertificate(alias) == null) {
KeyGenParameterSpec spec = new KeyGenParameterSpec.Builder(
alias,
KeyProperties.PURPOSE_DECRYPT | KeyProperties.PURPOSE_ENCRYPT)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_OAEP)
.setDigests(KeyProperties.DIGEST_SHA256,
KeyProperties.DIGEST_SHA512)
.build();
KeyPairGenerator generator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, ANDROID_PROVIDER);
generator.initialize(spec);
generator.generateKeyPair();
}
return keyStore.getCertificate(alias).getPublicKey();
}
我尝试将公钥转换为字符串,再将其转换回公钥,如下:
public static PublicKey stringToPublicKey(String publStr) {
PublicKey publicKey = null;
try {
byte[] data = Base64.decode(publStr, Base64.DEFAULT);
X509EncodedKeySpec spec = new X509EncodedKeySpec(data);
KeyFactory fact = KeyFactory.getInstance("RSA");
publicKey = fact.generatePublic(spec);
} catch (GeneralSecurityException e) {
e.printStackTrace();
}
return publicKey;
}
public static String publicKeyToString(PublicKey publ) {
String publicKeyString = null;
try {
KeyFactory fact = KeyFactory.getInstance("RSA");
X509EncodedKeySpec spec = fact.getKeySpec(publ,
X509EncodedKeySpec.class);
publicKeyString = Base64.encodeToString(spec.getEncoded(), Base64.DEFAULT);
} catch (GeneralSecurityException e) {
e.printStackTrace();
}
return publicKeyString;
}
我尝试使用公钥和私钥加密和解密用户消息。
如果不将公钥转换为字符串,则加密可以正常进行。但是,如果将公钥转换为字符串并再次转换回公钥,则加密将无法正常工作。
我做错了什么?谢谢。
PublicKey publicKey1 = getOrCreatePublicKey("alias");
String publicKeyStr = publicKeyToString(publicKey1);
PublicKey publicKey2 = stringToPublicKey(publicKeyStr);
//this one works
String message = encrypt(str, publicKey1);
String decryptm = decrypt(message, privateKey);
//this one doesn't work
String message = encrypt(str, publicKey2);
String decryptm = decrypt(message, privateKey);
publicKeyString = Base64.encodeToString(publicKey.getEncoded(), Base64.DEFAULT);
对密钥进行编码。 - pedrofb