使用Java生成Chrome Packaged App .crx标头 [英] Generating Chrome Packaged App .crx header with Java
问题描述
我试图在没有运气的情况下在Java中构建标题。
(这里是规范: https://developer.chrome.com/extensions/crx )
任何想法?
protected void geneateCrxHeader(OutputStream ins,byte [] zipArchive)throws NoSuchAlgorithmException,NoSuchProviderException,IOException,InvalidKeyException,SignatureException {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance RSA);
SecureRandom random = SecureRandom.getInstance(SHA1PRNG,SUN);
keyGen.initialize(1024,random);
KeyPair pair = keyGen .generateKeyPair();
byte [] key = pair.getPublic()。getEncoded();
签名实例= Signature.getInstance(SHA1withRSA);
实例。 initSign(pair.getPrivate());
instance.update(zipArchive);
byte [] hash = inst ance.sign();
byte [] magic = {0x43,0x72,0x32,0x34,0x02,0x00,0x00,0x00,0x00,0x01,0x0E,0x0B,0x00,0x00,0x08,0x00};
ins.write(magic);
ins.write(key);
ins.write(hash);
}
并且我得到CRX_EXCESSIVELY_LARGE_KEY_OR_SIGNATURE ..
我必须使用错误的keygen 。
在他们说的文档中:
..作者的RSA公共密钥的内容,格式为X509 SubjectPublicKeyInfo块。
i不知道这是我做得不对的......
ps Java加密对我来说是一个新前沿,所以请如果我做了一些完全愚蠢的事情,请不要笑。
以下是一些我鞭and过的代码,说明只生产标题。我只根据阅读规范来建立它。
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Signature;
public static byte [] generateCrxHeader(byte [] extensionContents)throws Exception {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance(RSA);
SecureRandom random = new SecureRandom();
keyGen.initialize(1024,random);
KeyPair pair = keyGen.generateKeyPair();
签名sigInstance = Signature.getInstance(SHA1withRSA);
sigInstance.initSign(pair.getPrivate());
sigInstance.update(extensionContents);
byte [] signature = sigInstance.sign();
byte [] subjectPublicKeyInfo = pair.getPublic()。getEncoded();
final int headerLength = 4 + 4 + 4 + 4 + subjectPublicKeyInfo.length + signature.length;
ByteBuffer headerBuf = ByteBuffer.allocate(headerLength);
headerBuf.order(ByteOrder.LITTLE_ENDIAN);
headerBuf.put(new byte [] {0x43,0x72,0x32,0x34}); //幻数
headerBuf.putInt(2); // Version
headerBuf.putInt(subjectPublicKeyInfo.length); //公钥长度
headerBuf.putInt(signature.length); //签名长度
headerBuf.put(subjectPublicKeyInfo);
headerBuf.put(签名);
final byte [] header = headerBuf.array();
返回标题;
}
I"m trying to build the header in Java with no luck. (here is the spec: https://developer.chrome.com/extensions/crx) Any ideas?
protected void geneateCrxHeader (OutputStream ins,byte[] zipArchive) throws NoSuchAlgorithmException, NoSuchProviderException, IOException, InvalidKeyException, SignatureException{
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
keyGen.initialize(1024, random);
KeyPair pair = keyGen.generateKeyPair();
byte[] key = pair.getPublic().getEncoded();
Signature instance = Signature.getInstance("SHA1withRSA");
instance.initSign(pair.getPrivate());
instance.update(zipArchive);
byte[] hash = instance.sign();
byte[] magic = {0x43,0x72,0x32,0x34,0x02,0x00,0x00,0x00,0x00,0x01,0x0E,0x0B,0x00,0x00,0x08,0x00};
ins.write(magic);
ins.write(key);
ins.write(hash);
}
and I get CRX_EXCESSIVELY_LARGE_KEY_OR_SIGNATURE.. I must be using wrong keygen.
in the docs they do say : "..the contents of the author's RSA public key, formatted as an X509 SubjectPublicKeyInfo block. .." i wonder if that is what i'm not doing correctly...
p.s Java crypto is a new frontier for me , so pls don't laugh if I did something totally dumb.
Here is some code that I whipped up and didn't test that illustrates producing just the header. I based this solely on reading the spec.
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Signature;
public static byte[] generateCrxHeader(byte[] extensionContents) throws Exception {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
SecureRandom random = new SecureRandom();
keyGen.initialize(1024, random);
KeyPair pair = keyGen.generateKeyPair();
Signature sigInstance = Signature.getInstance("SHA1withRSA");
sigInstance.initSign(pair.getPrivate());
sigInstance.update(extensionContents);
byte [] signature = sigInstance.sign();
byte [] subjectPublicKeyInfo = pair.getPublic().getEncoded();
final int headerLength = 4 + 4 + 4 + 4 + subjectPublicKeyInfo.length + signature.length;
ByteBuffer headerBuf = ByteBuffer.allocate(headerLength);
headerBuf.order(ByteOrder.LITTLE_ENDIAN);
headerBuf.put(new byte[]{0x43,0x72,0x32,0x34}); // Magic number
headerBuf.putInt(2); // Version
headerBuf.putInt(subjectPublicKeyInfo.length); // public key length
headerBuf.putInt(signature.length); // signature length
headerBuf.put(subjectPublicKeyInfo);
headerBuf.put(signature);
final byte [] header = headerBuf.array();
return header;
}
这篇关于使用Java生成Chrome Packaged App .crx标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!