InvalidKeyException:Android 设备上的 RSA 解密密钥库操作失败
InvalidKeyException: Keystore operation failed on RSA decrypt on Android device
我正在尝试对 AndroidKeyStore 中的密钥执行 RSA 加密和解密。加密成功完成,但当我尝试解密时,它抛出一个 InvalidKeyException:Keystore operation failed on Cipher.init().
这是我的密钥生成代码:
KeyPairGenerator kpGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
AlgorithmParameterSpec spec = null;
spec = new KeyGenParameterSpec.Builder(mAlias,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA512)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
.build();
kpGenerator.initialize(spec);
KeyPair kp = kpGenerator.generateKeyPair();
这是我的加密代码:
KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(mAlias, null);
Cipher cip = null;
RSAPublicKey pubKey = (RSAPublicKey) entry.getCertificate().getPublicKey();
cip = Cipher.getInstance("RSA/ECB/NoPadding");
cip.init(Cipher.ENCRYPT_MODE, pubKey);
byte[] encryptBytes = cip.doFinal(challenge.getBytes());
String encryptedStr64 = Base64.encodeToString(encryptBytes, Base64.DEFAULT);
这是我的解密代码:
KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(mAlias, null);
Cipher cip = null;
cip = Cipher.getInstance("RSA/ECB/NoPadding");
cip.init(Cipher.DECRYPT_MODE, entry.getPrivateKey());
byte[] decryptedBytes = cip.doFinal(Base64.decode(encrypted64, Base64.DEFAULT));
String plainText = new String(decryptedBytes);
我知道密钥生成代码中的填充与我的 encrypt/decrypt 代码不同。但是,当我将密钥生成代码的填充更改为 KeyProperties.ENCRYPTION_PADDING_NONE 时,我在 kpGenerator.initialize(spec) 上得到了一个 InvalidAlgorithmParameterException。
在解密 "RSA/ECB/PKCS1Padding" 的情况下,它可以工作。不管加密中的填充如何,它总是有效的。
是的,我也知道不使用填充的安全隐患,但对于我的应用程序,我需要确定性密文。
这是带有 InvalidKeyException 的堆栈跟踪:
03-06 09:10:32.710 5058 5058 W System.err: java.security.InvalidKeyException: Keystore operation failed
03-06 09:10:32.713 5058 5058 W System.err: at android.security.KeyStore.getInvalidKeyException(KeyStore.java:692)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.KeyStore.getInvalidKeyException(KeyStore.java:712)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.keystore.KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(KeyStoreCryptoOperationUtils.java:54)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.keystore.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:89)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:263)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:108)
03-06 09:10:32.713 5058 5058 W System.err: at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:612)
03-06 09:10:32.713 5058 5058 W System.err: at javax.crypto.Cipher.tryCombinations(Cipher.java:532)
03-06 09:10:32.714 5058 5058 W System.err: at javax.crypto.Cipher.getSpi(Cipher.java:437)
03-06 09:10:32.714 5058 5058 W System.err: at javax.crypto.Cipher.init(Cipher.java:815)
03-06 09:10:32.714 5058 5058 W System.err: at javax.crypto.Cipher.init(Cipher.java:774)
03-06 09:10:32.714 5058 5058 W System.err: at dfpidentifiers.my.test.app.MainActivity.decrypt(MainActivity.java:950)
03-06 09:10:32.714 5058 5058 W System.err: at dfpidentifiers.my.test.app.MainActivity.onCreate(MainActivity.java:117)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.Activity.performCreate(Activity.java:6251)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1107)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2369)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2476)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread.-wrap11(ActivityThread.java)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1344)
03-06 09:10:32.714 5058 5058 W System.err: at android.os.Handler.dispatchMessage(Handler.java:102)
03-06 09:10:32.714 5058 5058 W System.err: at android.os.Looper.loop(Looper.java:148)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread.main(ActivityThread.java:5417)
03-06 09:10:32.714 5058 5058 W System.err: at java.lang.reflect.Method.invoke(Native Method)
03-06 09:10:32.714 5058 5058 W System.err: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
03-06 09:10:32.714 5058 5058 W System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
03-06 09:10:32.714 5058 5058 W System.err: Caused by: android.security.KeyStoreException: Incompatible padding mode
03-06 09:10:32.714 5058 5058 W System.err: at android.security.KeyStore.getKeyStoreException(KeyStore.java:632)
03-06 09:10:32.714 5058 5058 W System.err: ... 24 more
从stacktrace来看,似乎是不兼容的padding模式,但是如何生成不支持padding的keypair呢?
InvalidKeyException 确实是由密钥生成和解密期间的填充差异引起的。不确定为什么加密没有抛出相同的异常。
我最初也无法在密钥生成期间使用 NoPadding,因为需要 IND-CPA。我必须设置 setRandomizedEncryptionRequired(true) 来覆盖它。
我正在尝试对 AndroidKeyStore 中的密钥执行 RSA 加密和解密。加密成功完成,但当我尝试解密时,它抛出一个 InvalidKeyException:Keystore operation failed on Cipher.init().
这是我的密钥生成代码:
KeyPairGenerator kpGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
AlgorithmParameterSpec spec = null;
spec = new KeyGenParameterSpec.Builder(mAlias,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA512)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
.build();
kpGenerator.initialize(spec);
KeyPair kp = kpGenerator.generateKeyPair();
这是我的加密代码:
KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(mAlias, null);
Cipher cip = null;
RSAPublicKey pubKey = (RSAPublicKey) entry.getCertificate().getPublicKey();
cip = Cipher.getInstance("RSA/ECB/NoPadding");
cip.init(Cipher.ENCRYPT_MODE, pubKey);
byte[] encryptBytes = cip.doFinal(challenge.getBytes());
String encryptedStr64 = Base64.encodeToString(encryptBytes, Base64.DEFAULT);
这是我的解密代码:
KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(mAlias, null);
Cipher cip = null;
cip = Cipher.getInstance("RSA/ECB/NoPadding");
cip.init(Cipher.DECRYPT_MODE, entry.getPrivateKey());
byte[] decryptedBytes = cip.doFinal(Base64.decode(encrypted64, Base64.DEFAULT));
String plainText = new String(decryptedBytes);
我知道密钥生成代码中的填充与我的 encrypt/decrypt 代码不同。但是,当我将密钥生成代码的填充更改为 KeyProperties.ENCRYPTION_PADDING_NONE 时,我在 kpGenerator.initialize(spec) 上得到了一个 InvalidAlgorithmParameterException。 在解密 "RSA/ECB/PKCS1Padding" 的情况下,它可以工作。不管加密中的填充如何,它总是有效的。
是的,我也知道不使用填充的安全隐患,但对于我的应用程序,我需要确定性密文。
这是带有 InvalidKeyException 的堆栈跟踪:
03-06 09:10:32.710 5058 5058 W System.err: java.security.InvalidKeyException: Keystore operation failed
03-06 09:10:32.713 5058 5058 W System.err: at android.security.KeyStore.getInvalidKeyException(KeyStore.java:692)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.KeyStore.getInvalidKeyException(KeyStore.java:712)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.keystore.KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(KeyStoreCryptoOperationUtils.java:54)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.keystore.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:89)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:263)
03-06 09:10:32.713 5058 5058 W System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:108)
03-06 09:10:32.713 5058 5058 W System.err: at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:612)
03-06 09:10:32.713 5058 5058 W System.err: at javax.crypto.Cipher.tryCombinations(Cipher.java:532)
03-06 09:10:32.714 5058 5058 W System.err: at javax.crypto.Cipher.getSpi(Cipher.java:437)
03-06 09:10:32.714 5058 5058 W System.err: at javax.crypto.Cipher.init(Cipher.java:815)
03-06 09:10:32.714 5058 5058 W System.err: at javax.crypto.Cipher.init(Cipher.java:774)
03-06 09:10:32.714 5058 5058 W System.err: at dfpidentifiers.my.test.app.MainActivity.decrypt(MainActivity.java:950)
03-06 09:10:32.714 5058 5058 W System.err: at dfpidentifiers.my.test.app.MainActivity.onCreate(MainActivity.java:117)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.Activity.performCreate(Activity.java:6251)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1107)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2369)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2476)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread.-wrap11(ActivityThread.java)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1344)
03-06 09:10:32.714 5058 5058 W System.err: at android.os.Handler.dispatchMessage(Handler.java:102)
03-06 09:10:32.714 5058 5058 W System.err: at android.os.Looper.loop(Looper.java:148)
03-06 09:10:32.714 5058 5058 W System.err: at android.app.ActivityThread.main(ActivityThread.java:5417)
03-06 09:10:32.714 5058 5058 W System.err: at java.lang.reflect.Method.invoke(Native Method)
03-06 09:10:32.714 5058 5058 W System.err: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
03-06 09:10:32.714 5058 5058 W System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
03-06 09:10:32.714 5058 5058 W System.err: Caused by: android.security.KeyStoreException: Incompatible padding mode
03-06 09:10:32.714 5058 5058 W System.err: at android.security.KeyStore.getKeyStoreException(KeyStore.java:632)
03-06 09:10:32.714 5058 5058 W System.err: ... 24 more
从stacktrace来看,似乎是不兼容的padding模式,但是如何生成不支持padding的keypair呢?
InvalidKeyException 确实是由密钥生成和解密期间的填充差异引起的。不确定为什么加密没有抛出相同的异常。
我最初也无法在密钥生成期间使用 NoPadding,因为需要 IND-CPA。我必须设置 setRandomizedEncryptionRequired(true) 来覆盖它。