使用Java生成Chrome Packaged App .crx标头 [英] Generating Chrome Packaged App .crx header with Java

问题描述

我试图在没有运气的情况下在Java中构建标题。
（这里是规范： https://developer.chrome.com/extensions/crx ）
任何想法？

  protected void geneateCrxHeader（OutputStream ins，byte [] zipArchive）throws NoSuchAlgorithmException，NoSuchProviderException，IOException，InvalidKeyException，SignatureException {
 
 
 KeyPairGenerator keyGen = KeyPairGenerator.getInstance RSA）; 
 SecureRandom random = SecureRandom.getInstance（SHA1PRNG，SUN）; 
 keyGen.initialize（1024，random）; 
 
 KeyPair pair = keyGen .generateKeyPair（）; 
 byte [] key = pair.getPublic（）。getEncoded（）; 
 
签名实例= Signature.getInstance（SHA1withRSA）; 
实例。 initSign（pair.getPrivate（））; 
 instance.update（zipArchive）; 
 byte [] hash = inst ance.sign（）; 
 byte [] magic = {0x43,0x72,0x32,0x34,0x02,0x00,0x00,0x00,0x00,0x01,0x0E，0x0B，0x00,0x00,0x08,0x00}; 
 
 ins.write（magic）; 
 ins.write（key）; 
 ins.write（hash）; 
} 
  

并且我得到CRX_EXCESSIVELY_LARGE_KEY_OR_SIGNATURE ..
我必须使用错误的keygen 。

在他们说的文档中：
..作者的RSA公共密钥的内容，格式为X509 SubjectPublicKeyInfo块。
i不知道这是我做得不对的......

ps Java加密对我来说是一个新前沿，所以请如果我做了一些完全愚蠢的事情，请不要笑。

解决方案

以下是一些我鞭and过的代码，说明只生产标题。我只根据阅读规范来建立它。

  import java.nio.ByteBuffer; 
 import java.nio.ByteOrder; 
 import java.security.KeyPair; 
 import java.security.KeyPairGenerator; 
 import java.security.SecureRandom; 
 import java.security.Signature; 
 
 public static byte [] generateCrxHeader（byte [] extensionContents）throws Exception {
 KeyPairGenerator keyGen = KeyPairGenerator.getInstance（RSA）; 
 SecureRandom random = new SecureRandom（）; 
 keyGen.initialize（1024，random）; 
 
 KeyPair pair = keyGen.generateKeyPair（）; 
 
签名sigInstance = Signature.getInstance（SHA1withRSA）; 
 sigInstance.initSign（pair.getPrivate（））; 
 sigInstance.update（extensionContents）; 
 byte [] signature = sigInstance.sign（）; 
 byte [] subjectPublicKeyInfo = pair.getPublic（）。getEncoded（）; 
 final int headerLength = 4 + 4 + 4 + 4 + subjectPublicKeyInfo.length + signature.length; 
 ByteBuffer headerBuf = ByteBuffer.allocate（headerLength）; 
 headerBuf.order（ByteOrder.LITTLE_ENDIAN）; 
 headerBuf.put（new byte [] {0x43,0x72,0x32,0x34}）; //幻数
 headerBuf.putInt（2）; // Version 
 headerBuf.putInt（subjectPublicKeyInfo.length）; //公钥长度
 headerBuf.putInt（signature.length）; //签名长度
 headerBuf.put（subjectPublicKeyInfo）; 
 headerBuf.put（签名）; 
 final byte [] header = headerBuf.array（）; 
返回标题; 
} 
  

I"m trying to build the header in Java with no luck. (here is the spec: https://developer.chrome.com/extensions/crx) Any ideas?

protected void geneateCrxHeader (OutputStream ins,byte[] zipArchive) throws NoSuchAlgorithmException, NoSuchProviderException, IOException, InvalidKeyException, SignatureException{


    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");      
    SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
    keyGen.initialize(1024, random);        

    KeyPair pair = keyGen.generateKeyPair();
    byte[] key = pair.getPublic().getEncoded();     

    Signature instance = Signature.getInstance("SHA1withRSA");
    instance.initSign(pair.getPrivate());
    instance.update(zipArchive);                        
    byte[] hash = instance.sign();              
 byte[] magic = {0x43,0x72,0x32,0x34,0x02,0x00,0x00,0x00,0x00,0x01,0x0E,0x0B,0x00,0x00,0x08,0x00};

    ins.write(magic);
    ins.write(key);
    ins.write(hash);
}

and I get CRX_EXCESSIVELY_LARGE_KEY_OR_SIGNATURE.. I must be using wrong keygen.

in the docs they do say : "..the contents of the author's RSA public key, formatted as an X509 SubjectPublicKeyInfo block. .." i wonder if that is what i'm not doing correctly...

p.s Java crypto is a new frontier for me , so pls don't laugh if I did something totally dumb.

解决方案

Here is some code that I whipped up and didn't test that illustrates producing just the header. I based this solely on reading the spec.

import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Signature;

    public static byte[] generateCrxHeader(byte[] extensionContents) throws Exception {
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");      
        SecureRandom random = new SecureRandom();
        keyGen.initialize(1024, random);        

        KeyPair pair = keyGen.generateKeyPair();

        Signature sigInstance = Signature.getInstance("SHA1withRSA");
        sigInstance.initSign(pair.getPrivate());
        sigInstance.update(extensionContents);
        byte [] signature = sigInstance.sign();
        byte [] subjectPublicKeyInfo = pair.getPublic().getEncoded();
        final int headerLength = 4 + 4 + 4 + 4 + subjectPublicKeyInfo.length + signature.length;
        ByteBuffer headerBuf = ByteBuffer.allocate(headerLength);
        headerBuf.order(ByteOrder.LITTLE_ENDIAN);
        headerBuf.put(new byte[]{0x43,0x72,0x32,0x34}); // Magic number
        headerBuf.putInt(2); // Version
        headerBuf.putInt(subjectPublicKeyInfo.length); // public key length
        headerBuf.putInt(signature.length); // signature length
        headerBuf.put(subjectPublicKeyInfo);
        headerBuf.put(signature);
        final byte [] header = headerBuf.array();
        return header;
    }

这篇关于使用Java生成Chrome Packaged App .crx标头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！