我有以下代码在Windows上运行良好,与之配套使用的是用OpenSSL生成的一个带有2048 RSA密钥的证书。需要注意的重要部分是 mServerPublicKey = cert.getPublicKey(); 我需要这个公钥来完成我的使用案例。
String serverCertFile = "C:\\Users\\Me\\Documents\\cert.pem";
CertificateFactory certFactory;
FileInputStream inStream;
try {
certFactory = CertificateFactory
.getInstance("X.509");
inStream = new FileInputStream (serverCertFile);
X509Certificate cer = (X509Certificate) certFactory.generateCertificate(inStream);
mServerPublicKey = cer.getPublicKey();
inStream.close();
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
Log.d("SERVER CERTIFICATE","Unable to load certificate " + e.getMessage());
} catch (FileNotFoundException e){
e.printStackTrace();
Log.d("SERVER CERTIFICATE","Server certificate file missing " + e.getMessage());
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
它加载了我的证书,我可以使用公钥加密一条短消息发送到我的服务器。然而,在Android上的等效物并没有返回正确的公钥。有人之前遇到过这种情况吗?
try {
CertificateFactory certFactory;
certFactory = CertificateFactory.getInstance("X.509");
InputStream inputStream = getClass().getResourceAsStream(
"/assets/cert.pem");
X509Certificate cert = (X509Certificate) certFactory
.generateCertificate(inputStream);
mServerPublicKey = cer.getPublicKey();
}
在安卓平台上,证书被加载了,它的所有字段和值都是正确的,除了公钥不对。我浪费了两天时间试图解决这个问题。我注意到在两个平台上,提供商是不同的。在Windows上,我得到了Sun公司的证书实例,在安卓上则是BouncyCastle/spongycastle。这个是BC在安卓上有问题吗?
我还确认了当我提取公钥时也存在这个问题。
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszxAbWjxIJHIxs/5DNJ3 oNa8mYz9hdr0SZJaQDhaNsjS+R3RCO4CUAmCZUvGEaMyHfW78ykC26ssExlxSCju uoeHGGthM6+oSmlDFPDTItC3g4teEI8hyyRfyfN771CXi8DIKP12MN75jkYQoF3+ YrW4lIs1X0GMt2Fi6JxFnHvrhxWZLWrnabMxOyhYDXsvqVwWUx8w1I5dwep6aCb4 Km9gkOJKXs4+3nKjuUREydsXgZ1SEq7/vHWH3yiR4bIvsyqMSD0ndfBmbk+0+ml5 +9Gsv0+lg6d2cQRmbqh9qK6slYrBLKbZvwnBVn4iXNk/ZOVpN+TjZzKPfD3Q4grO QwIDAQAB -----END PUBLIC KEY-----
然后只需使用以下代码进行加载。没有抛出任何错误,但是公钥在Windows和安卓之间并不匹配。真的不知道我做错了什么。
InputStream inputStream2 = getClass().getResourceAsStream(
"/assets/certpk.pem");
InputStreamReader reader = new InputStreamReader(inputStream2);
BufferedReader br = new BufferedReader(reader);
StringBuffer sb = new StringBuffer();
String line;
while ((line = br.readLine()) != null) {
sb.append(line);
}
String pk = sb.toString();
String publicKeyPEM = pk.replace("-----BEGIN PUBLIC KEY-----", "");
publicKeyPEM = publicKeyPEM.replace("-----END PUBLIC KEY-----", "");
byte[] decoded = Base64.decode(publicKeyPEM, Base64.DEFAULT);
KeyFactory kf = KeyFactory.getInstance("RSA");
RSAPublicKey pubKey = (RSAPublicKey) kf.generatePublic(new X509EncodedKeySpec(decoded));
mServerPublicKey = pubKey;
我也使用 .der 文件测试了证书加载代码,并得到了相同的结果。