android.security.KeyStoreException:少数设备上发生未知错误 [英] android.security.KeyStoreException: Unknown error On a rare number of devices
问题描述
我遇到 android.security.KeyStoreException:未知错误
在极少数具有不同Android版本(6-8)的设备上
I'm getting android.security.KeyStoreException: Unknown error
On a rare number of devices with different Android Versions (6 - 8)
这是我的密钥生成代码:
This is my key generation code:
final KeyPairGenerator keyGenerator = KeyPairGenerator
.getInstance(KeyProperties.KEY_ALGORITHM_RSA,
ANDROID_KEY_STORE);
keyGenerator.initialize(new KeyGenParameterSpec.Builder(ALIAS,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setKeySize(2048)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
.build());
return keyGenerator.generateKeyPair();
这是我加载密钥对的方式:
This is how I load the keyPair:
if (keyStore.containsAlias(ALIAS))
{
KeyStore.Entry entry = keyStore.getEntry(ALIAS, null);
if (entry != null)
{
if (entry instanceof KeyStore.PrivateKeyEntry)
{
Log.i(TAG, "KeyPair found.");
KeyStore.PrivateKeyEntry pke = (KeyStore.PrivateKeyEntry) entry;
Certificate cert = pke.getCertificate();
if (cert != null)
{
return new KeyPair(cert.getPublicKey(), pke.getPrivateKey());
}
Log.w(TAG, "Cert / Public Key is null");
}
}
}
这是我的解密代码:
Cipher RSACipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
RSACipher.init(Cipher.DECRYPT_MODE, privateKey);
return new String(RSACipher.doFinal(base64.decode(textToDecrypt)), "UTF-8");
以下是解密过程失败的示例跟踪:
Here is a sample stracktrace of a failing decryption process:
Caused by javax.crypto.IllegalBlockSizeException
at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:519)
at javax.crypto.Cipher.doFinal(Cipher.java:1736)
at com.examplecompany.security.EncryptionController.decryptAsymmetric(EncryptionController.java:297)
at com.example.crypto.android2.services.CryptoClass.decryptMessage(CryptoClass.java:684)
at com.example.crypto.android2.services.CryptoClass.handleDecryption(CryptoClass.java:619)
at com.example.crypto.android2.services.CryptoClass.doInBackgroundInternal(CryptoClass.java:450)
at com.example.crypto.android2.services.CryptoClass.doInBackground(CryptoClass.java:165)
at com.example.crypto.android2.services.CryptoClass.doInBackground(CryptoClass.java:84)
at android.os.AsyncTask$2.call(AsyncTask.java:333)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
at java.lang.Thread.run(Thread.java:764)
Caused by android.security.KeyStoreException: Unknown error
at android.security.KeyStore.getKeyStoreException(KeyStore.java:1137)
at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
at javax.crypto.Cipher.doFinal(Cipher.java:1736)
at com.examplecompany.security.EncryptionController.decryptAsymmetric(EncryptionController.java:297)
at com.example.crypto.android2.services.CryptoClass.decryptMessage(CryptoClass.java:684)
at com.example.crypto.android2.services.CryptoClass.handleDecryption(CryptoClass.java:619)
at com.example.crypto.android2.services.CryptoClass.doInBackgroundInternal(CryptoClass.java:450)
at com.example.crypto.android2.services.CryptoClass.doInBackground(CryptoClass.java:165)
at com.example.crypto.android2.services.CryptoClass.doInBackground(CryptoClass.java:84)
at android.os.AsyncTask$2.call(AsyncTask.java:333)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
at java.lang.Thread.run(Thread.java:764)
在要在数千个设备上加密的所有邮件中,99.999%的加密效果很好,但有时会失败。您能帮我吗?
It works well in 99.999% of all messages to be encrypted on thousands of devices, but sometimes it fails. Can you help me?
推荐答案
刚刚在 SO中的其他问题
我在 Android问题跟踪器,据我
理解,不受限制的PublicKey
,用于在
附近工作已知问题与当前的
密码
不兼容。解决方法是在初始化Cipher
时指定
OAEPParameterSpec
:
I found my answer on the Android Issue Tracker, from what I understand, the unrestricted
PublicKey
, created to work around another known issue, becomes incompatible with the currentCipher
. The work around for this is to specify anOAEPParameterSpec
when theCipher
is initialized:
您需要以下内容作为 Cipher
初始代码的第三个参数
You need the following as a third argument to your Cipher
init code
OAEPParameterSpec spec = new OAEPParameterSpec(
"SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
RSACipher.init(Cipher.DECRYPT_MODE, privateKey, spec); // I added the same to the init in Cipher.ENCRYPT_MODE too
这篇关于android.security.KeyStoreException:少数设备上发生未知错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!