具有Android Key Store中密钥的ECDH [英] ECDH with key in Android Key Store
问题描述
我正在开发一个可生成EC非对称密钥的Android应用.当我的应用连接到设备时,他们会交换其公共密钥.然后,他们使用ECDH来建立共享机密.然后,可以使用此共享机密导出AES会话密钥.所有这一切都很好.
I'm developping an Android App that generates an EC Asymetric key. When my app gets connected to a device, they exchange their public key. They then use ECDH to establish a shared secret. This shared secret is then used to derive an AES session key. All this is working fine.
我现在正在研究非对称密钥的存储.我想将其放在Android KeyStore中,但是我不知道如何执行ECDH操作.密钥存储区中的密钥可用于签名,解密或加密,但是我看不到执行ECDH操作的可能性.有可能吗?
I'm now working on the storage of the asymetric key. I wanted to put it in the Android KeyStore but I don't see how I can then do the ECDH operation. The key in the key store can be used to sign, decrypt or encrypt but I don't see the possibility to do ECDH operation. Is it possible?
在浏览时,我看到了此讨论,其中说这是不可能的.如果是这种情况,我该如何保护"我的非对称密钥?
While browsing SO, I have seen this discussion which says that it is not possible. If that's the case, how can I "secure" my asymetric key?
谢谢
推荐答案
AndroidKeyStore当前不支持ECDH,因为您可以在此处看到 https://developer.android.com/training/articles/keystore
ECDH is not currently supported by AndroidKeyStore as you can see here https://developer.android.com/training/articles/keystore
将密钥对安全存储到设备中的另一种方法是使用由AndroidKeyStore管理的加密密钥对EC私钥进行加密.
The alternative to store securely the key pair into the device is to use an encryption key managed by AndroidKeyStore to encrypt the EC private key.
您可以根据目标版本使用RSA或AES密钥.请参见如何在Android中安全存储加密密钥?
You can use a RSA or AES key depending on your target version. See how to securely store encryption keys in android?
这篇关于具有Android Key Store中密钥的ECDH的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!