牛轧糖上的安全修复程序“加密”不适用于Pie [英] Fix for Security “Crypto” on Nougat does not work for Pie

问题描述

一个用户在Android Pie中运行我的应用程序，他死机了。它修复了Android N（来自varotariya vajsi的修复程序）：

A user run my application in Android Pie, he got the crash.There was fix for Android N (fix from varotariya vajsi):

SecureRandom sr = SecureRandom.getInstance("SHA1PRNG", new CryptoProvider());
...

公共最终类CryptoProvider扩展Provider {
/ **
*创建Provider并放置参数
* /
public CryptoProvider（）{
super（ Crypto，1.0， HARMONY（SHA1摘要； SecureRandom； SHA1withDSA签名））；
put（ SecureRandom.SHA1PRNG，
org.apache.harmony.security.provider.crypto.SHA1PRNG_SecureRandomImpl）;
put（ SecureRandom.SHA1PRNG ImplementedIn， Software）;
}

public final class CryptoProvider extends Provider { /** * Creates a Provider and puts parameters */ public CryptoProvider() { super("Crypto", 1.0, "HARMONY (SHA1 digest; SecureRandom; SHA1withDSA signature)"); put("SecureRandom.SHA1PRNG", "org.apache.harmony.security.provider.crypto.SHA1PRNG_SecureRandomImpl"); put("SecureRandom.SHA1PRNG ImplementedIn", "Software"); }

但这给Android Pie带来了错误：
java.security.NoSuchAlgorithmException ：找不到为SecureRandom（提供程序：Crypto）配置的类。

推荐答案

我也遇到了这个问题实际过程中出现问题。

I also encountered this problem in the actual process.

对此问题的Google解释

如果您通过名称或实例（例如Cipher）指定提供商.getInstance（ AES / CBC / PKCS7PADDING， BC）或Cipher.getInstance（ AES / CBC / PKCS7PADDING，Security.getProvider（ BC））-您在Android P中获得的行为将取决于哪个API调整您的应用目标。对于在P之前将API级别定位为目标的应用，调用将返回BC实现，并在应用日志中记录警告。对于面向Android P或更高版本的应用，调用将引发NoSuchAlgorithmException。

If you specify the provider by name or by instance—for example, Cipher.getInstance("AES/CBC/PKCS7PADDING", "BC") or Cipher.getInstance("AES/CBC/PKCS7PADDING", Security.getProvider("BC"))—the behavior you get in Android P will depend on what API level your application targets. For apps targeting an API level before P, the call will return the BC implementation and log a warning in the application log. For apps targeting Android P or later, the call will throw NoSuchAlgorithmException.

要解决此问题，您应停止指定提供程序并使用默认实现。

To resolve this, you should stop specifying a provider and use the default implementation.

之前

public static byte[] getAESKey(){
    String seed = UUID.randomUUID().toString();
    try{
        KeyGenerator kgen = KeyGenerator.getInstance("AES");
        String SHA1PRNG = "SHA1PRNG";
        SecureRandom sr;
        CryptoProvider provider = new CryptoProvider();
        sr = SecureRandom.getInstance(SHA1PRNG, provider);
        sr.setSeed(seed.getBytes());
        int keyLength = 128;
        kgen.init(keyLength,sr);
        SecretKey sKey = kgen.generateKey();
        byte[] aesKey = sKey.getEncoded();
        return aesKey;
    }catch(Exception e){
        e.printStackTrace();
    }
    return null;
}

之后

public static byte[] getAESKey(){
    String seed = UUID.randomUUID().toString();
    try{
        KeyGenerator kGen = KeyGenerator.getInstance("AES");
        SecureRandom sr;
        sr = new SecureRandom();
        sr.setSeed(seed.getBytes());
        int keyLength = 128;
        kGen.init(keyLength,sr);
        SecretKey sKey = kGen.generateKey();
        return sKey.getEncoded();
    }catch(Exception e){
        e.printStackTrace();
    }
    return null;
}

它对我有用

这篇关于牛轧糖上的安全修复程序“加密”不适用于Pie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！