只有在 Android 上生成的 RSA 在 Android(5.0+ 设备)下正常工作
Only RSA, generated on Android is working properly under Android (5.0+ devices)
我尝试过使用 RSA。我想检查一下,如果一切正确,所以我使用了加密和解密(仅用于测试)。
看来,只有在android下生成的私钥才能正常工作。
我收到以下关于通过 openssl 生成的 RSA 密钥的错误:
java.security.spec.InvalidKeySpecException: java.lang.RuntimeException:
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
对于 public 密钥,所有这些都适用于 androidgenerated 和 opensslgenerated 密钥。
final String RSA_ENCODED_PRIVATE_KEY_ANDROID_GENERATED = "" +
"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD8z7AfzAPlOrKUEOH0fewwLHUq" +
"F+kEhETFTYr+5p0IanXKBZPI+hbvk5zKaZkX6FhyiIdwCmyELsQk2L43xkW6YXzg9bL4xSx06VcA" +
"iWDk4onU3K9pVC51Tq1Z+ygg3zvSSoRaUxW3aNHDygx8oIIJpuOQ7x+2TF8sFq1GIy2YdH/Eih02" +
"s2/w3ExykxBn+5rWgj0ZpoWO34umRfQooYeThbJx94v2ap7lOOPPZFiKvH7mUDbOJfb3xcGPynJE" +
"45oDNaew/yOeAjCS/ISHJcZjF8ip7/YKsMRQXCQxzCyUSSEH9ifj90K46H2vx46E7JHBMQk0IuyL" +
"jqL8V3dYhmibAgMBAAECggEAJ9wjG9BR6OmJUHkc9yyHecz4qCte7Pxhz237dVcs+S+35KNeerib" +
"tyhh9zQRFEjo8R3/pLWwCGNLP7gAvdCAG/PU+a8jib+k08YalpYSdeQV8T7eVVAVhx9hi6di21P3" +
"HZ/sIEWrTeCz+he4QkoYVqc+iBJ7wIVoGA53QXC4dqnPZmPcQgaNOAgfz+FTB6ybPduZhL21Qgtq" +
"1IlJ+N5j8mykILj5J1FqCDq5PJA4BwL7f/QK7xRZ8BJGE/6LCmNjXym6C/Dc+uTpIkFiDE2LfgDG" +
"EWVoSnr5kRdt0ucCGPLyCjQ+SrAFtypE6MzL2rC4kfBR1KdXuZB37P+Mlabr0QKBgQD+3yn+Nx4Q" +
"Op8VafH1ntL0vWrQhHoXicisJdWL3dbXELRmEPzOrrlsfhzU5SVLlXBD/eW+aOM745vbQZ9eeBhE" +
"us/QE0ofHPaqy68YFI8IgXSWPGWWimWwNVxZnllAV/8KMU4wRWpcxs7TIbKpRL4EMBk6L610Zq83" +
"1XxqOzqJCQKBgQD97jBdFls+5TQ5u+ws0m8DCtM1kuN+AYFI5UuN6+UBTo1zY/MvolrF5aqTxrUp" +
"xAt6+kPl/0FExIgXJ61kl8o5ZbRGUaZtVUUytDAoJpbYjOzZ7WrRRUwkh5aMmwJraBctR+udkF8N" +
"8+JqiOLbzKRNVWmrw2U7eO3zB/MRi09BgwKBgBpQE9fI/POT+cSOMYq4IPNfct2gL7KqaOtM5KUR" +
"/BIsCVPYQSFdbItE4dkg5x7MiNCcL9HepkcSko6qUbfBElBWMQo8U5SuutCbQrJrvPCV3OF9zsch" +
"9qmgeK5P6Mr5yrzUpkvZfsehRs0JV5aeIDfyd0hIj9HKoCBVjAizoLFxAoGBANLNV+0PUDSIhrCf" +
"J1OWZn46EFjbVmwWx8NCR1TMTlKlaZwvj4Ut3PmIzfDb9y1zCKzQ8mkPXJnAJdJDKBjoQgMgQWZX" +
"Bjihn06Wc5wBXRzs8PuBszmDs9Bnlz2muX187jCzEhC994tXudEDToF2A7gHfjAPiAy1OaSWJt2b" +
"rvINAoGBAP6FnMeqrLEmU14vfPOWBSsPeEPI3kCOUhvMo29SnLx5gdE/gocq5AMEydNt0zIWwLAu" +
"qiO74DIJmK+b10czQg4+sJhk4iQ1cK/k0QQ4wrpu3JDgpgKPFeiyTgPyUHh1O57RCXS2feZAAU2o" +
"napBWm7pfLOyAgoB2Im88GMFTnMY";
final String RSA_ENCODED_PRIVATE_KEY_OPENSSL_GENERATED = "" +
"MIIEpQIBAAKCAQEA+cNkMcWTXY5ZXxwwg0AkrZ5jVyoTTBbYqHWRghrOnpddES48" +
"COot9/oeKElu17Q+AfWTTsWTlR8pQdnVsT1fBQJrZSY/YCsNbKv4BfKnurxOQyck" +
"Tz5ysIitWqJCpiPvRB957jWMIMMPcB/VmI0q6wZ+f7BaTl89QKSR8nWQDgkOdQc7" +
"D/aSUdWckak6ILvZAcjhzR0OL6O6TaeKgHT1g7slexO3haMKbaW8dc1Vgq/D7cAi" +
"EBTGxNQLhEL8LPUnSYeQqzdKqj5xP7AUnT/0EAEX5Oz3zNzZozNDNhcbZXx+xike" +
"s60y+6MPW2ihKBt1G/BwUBj3VpAjdlq1y/2lKQIDAQABAoIBAQDkWGQpMPaLCVLi" +
"JrafuKwP44f1L+2WmiiY02wl4/ZVfhNDWt7eU6OVXKHnuUNSiGJMjkWQNgi4xFWG" +
"8+5v7akKvmyLfI1ikdnjKdJHNdNtYS24LXf/zxsyFLNQ8po2pRHiWVizlVc4uL1L" +
"iH9SynWbjENo4EWf82jfydX5MsxyVrz1qmh5JeQC4VgxFdpz8Q912gfAc+h9QK8e" +
"x6MVP/LoIeDBuQf4+1kmTN3Szyc+y0i1Bfem8NrswlTobBXwV4CcnvX+kArDlOTG" +
"H6+j5murcZe2A/un/mUSC/3hCC84wEkr8uJsZ0JkNRqBga55Rema7AcFIZ04AZvl" +
"gEroQboBAoGBAP6svxtfmBArLNZe+Opm8ena7RG5b9WHFMnrND7in/2GTHQlfteq" +
"csFAKxnuq9BiBlY3Qm65o8etm7GdSRlUwiBy2r8P1RfV6LGRFK/Jzgk9gDh+yJpg" +
"rEEQ6c0n0FJtOloNehP7sYIOSSPqztyFH7QGkTMxqUT+GOfQsal+RnlBAoGBAPsQ" +
"GiinmsSlZ1xaA2knGKIiez7ms1/Dv5BIpjme9JkR7uIg+5WPcFBqufMdQ98OmFlT" +
"u1aPHW3/+eis/R1Y24h30TBH4DvhXz7D+OIUDOTfBEQ83bGSNP4AInhNlCfzDV1Y" +
"SjdMKoGyMxd7tWPxtDkoC3VBbz8dpEMZF3z4FgnpAoGBANC2J6Q6UneluogwqxQG" +
"q+j4FuM4spMusfXMwTNsLKvr/QoOlIYQVR1VBj2pYLtVKlZL0TDHCJcjCv6jpP2S" +
"fclz9xsv0XZIQvwKpwZtf2IJOeSS2rnR0jk8sC8Gmu6CP5j/hHWOBupL5Nr/muoU" +
"W2gBHcvzvgIhr62DVaZPK1hBAoGBAOqsq3by66UCYvIdJXEF3W24Q3GRXXuXUpmA" +
"fvf/T+1AqQVwBRpQoJBaooPQCCAY2Wkt7j/DuKOYkLXf9RyYcWRHcx7pIH14dXoK" +
"3rocOc05dRh/uE4CN0xxPccr5N/OveBR5dV4eYcP1dgOh4frZyXB+6vXxS+++krJ" +
"yn3Cu375AoGASxHCB0gdfYRyWQEl0WoL1eyohdAJf08kVBZtAQ2jLeqY0ZEdUpzG" +
"+99qyw2IysGMwmjCxribLwbUm2cg74lZnX0NQH4HfQ5Pp4c0RUyJARrVzPhyQ1lu" +
"vgPZpCebTX9/118crlHQlTiGD4M258ghR8msm/+p4Efl8NvEcQ35y04=";
byte[] keyBytes = Base64.decode(RSA_ENCODED_PRIVATE_KEY_ANDROID_GENERATED, Base64.DEFAULT);
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey key = keyFactory.generatePrivate(spec);//working
byte[] keyBytesOpenSSL = Base64.decode(RSA_ENCODED_PRIVATE_KEY_OPENSSL_GENERATED, Base64.DEFAULT);
PKCS8EncodedKeySpec specOpenSSL = new PKCS8EncodedKeySpec(keyBytesOpenSSL);
KeyFactory keyFactoryOpenSSL = KeyFactory.getInstance("RSA");
PrivateKey keyOpenSSL = keyFactoryOpenSSL.generatePrivate(specOpenSSLenter code here);//java.security.spec.InvalidKeySpecException
OPENSSL 版本的结构与 ANDROID 不同。
在在线 ASN.1 解码器中查看两种数据结构:
RSA_ENCODED_PRIVATE_KEY_ANDROID_GENERATED
RSA_ENCODED_PRIVATE_KEY_OPENSSL_GENERATED
因此我假设 OPENSSL 版本不是有效的 PKCS#8 structure,只是一个包含 PrivateKey 结构的子集。
可能是您使用 OpenSSL 执行了错误的命令,如果我阅读正确的文档,它会默认创建一个 PKCS#1 结构。如果你想要 PKCS#8 结构,你必须稍后使用 openssl pkcs8 .. 命令转换它。
我尝试过使用 RSA。我想检查一下,如果一切正确,所以我使用了加密和解密(仅用于测试)。
看来,只有在android下生成的私钥才能正常工作。
我收到以下关于通过 openssl 生成的 RSA 密钥的错误:
java.security.spec.InvalidKeySpecException: java.lang.RuntimeException:
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
对于 public 密钥,所有这些都适用于 androidgenerated 和 opensslgenerated 密钥。
final String RSA_ENCODED_PRIVATE_KEY_ANDROID_GENERATED = "" +
"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD8z7AfzAPlOrKUEOH0fewwLHUq" +
"F+kEhETFTYr+5p0IanXKBZPI+hbvk5zKaZkX6FhyiIdwCmyELsQk2L43xkW6YXzg9bL4xSx06VcA" +
"iWDk4onU3K9pVC51Tq1Z+ygg3zvSSoRaUxW3aNHDygx8oIIJpuOQ7x+2TF8sFq1GIy2YdH/Eih02" +
"s2/w3ExykxBn+5rWgj0ZpoWO34umRfQooYeThbJx94v2ap7lOOPPZFiKvH7mUDbOJfb3xcGPynJE" +
"45oDNaew/yOeAjCS/ISHJcZjF8ip7/YKsMRQXCQxzCyUSSEH9ifj90K46H2vx46E7JHBMQk0IuyL" +
"jqL8V3dYhmibAgMBAAECggEAJ9wjG9BR6OmJUHkc9yyHecz4qCte7Pxhz237dVcs+S+35KNeerib" +
"tyhh9zQRFEjo8R3/pLWwCGNLP7gAvdCAG/PU+a8jib+k08YalpYSdeQV8T7eVVAVhx9hi6di21P3" +
"HZ/sIEWrTeCz+he4QkoYVqc+iBJ7wIVoGA53QXC4dqnPZmPcQgaNOAgfz+FTB6ybPduZhL21Qgtq" +
"1IlJ+N5j8mykILj5J1FqCDq5PJA4BwL7f/QK7xRZ8BJGE/6LCmNjXym6C/Dc+uTpIkFiDE2LfgDG" +
"EWVoSnr5kRdt0ucCGPLyCjQ+SrAFtypE6MzL2rC4kfBR1KdXuZB37P+Mlabr0QKBgQD+3yn+Nx4Q" +
"Op8VafH1ntL0vWrQhHoXicisJdWL3dbXELRmEPzOrrlsfhzU5SVLlXBD/eW+aOM745vbQZ9eeBhE" +
"us/QE0ofHPaqy68YFI8IgXSWPGWWimWwNVxZnllAV/8KMU4wRWpcxs7TIbKpRL4EMBk6L610Zq83" +
"1XxqOzqJCQKBgQD97jBdFls+5TQ5u+ws0m8DCtM1kuN+AYFI5UuN6+UBTo1zY/MvolrF5aqTxrUp" +
"xAt6+kPl/0FExIgXJ61kl8o5ZbRGUaZtVUUytDAoJpbYjOzZ7WrRRUwkh5aMmwJraBctR+udkF8N" +
"8+JqiOLbzKRNVWmrw2U7eO3zB/MRi09BgwKBgBpQE9fI/POT+cSOMYq4IPNfct2gL7KqaOtM5KUR" +
"/BIsCVPYQSFdbItE4dkg5x7MiNCcL9HepkcSko6qUbfBElBWMQo8U5SuutCbQrJrvPCV3OF9zsch" +
"9qmgeK5P6Mr5yrzUpkvZfsehRs0JV5aeIDfyd0hIj9HKoCBVjAizoLFxAoGBANLNV+0PUDSIhrCf" +
"J1OWZn46EFjbVmwWx8NCR1TMTlKlaZwvj4Ut3PmIzfDb9y1zCKzQ8mkPXJnAJdJDKBjoQgMgQWZX" +
"Bjihn06Wc5wBXRzs8PuBszmDs9Bnlz2muX187jCzEhC994tXudEDToF2A7gHfjAPiAy1OaSWJt2b" +
"rvINAoGBAP6FnMeqrLEmU14vfPOWBSsPeEPI3kCOUhvMo29SnLx5gdE/gocq5AMEydNt0zIWwLAu" +
"qiO74DIJmK+b10czQg4+sJhk4iQ1cK/k0QQ4wrpu3JDgpgKPFeiyTgPyUHh1O57RCXS2feZAAU2o" +
"napBWm7pfLOyAgoB2Im88GMFTnMY";
final String RSA_ENCODED_PRIVATE_KEY_OPENSSL_GENERATED = "" +
"MIIEpQIBAAKCAQEA+cNkMcWTXY5ZXxwwg0AkrZ5jVyoTTBbYqHWRghrOnpddES48" +
"COot9/oeKElu17Q+AfWTTsWTlR8pQdnVsT1fBQJrZSY/YCsNbKv4BfKnurxOQyck" +
"Tz5ysIitWqJCpiPvRB957jWMIMMPcB/VmI0q6wZ+f7BaTl89QKSR8nWQDgkOdQc7" +
"D/aSUdWckak6ILvZAcjhzR0OL6O6TaeKgHT1g7slexO3haMKbaW8dc1Vgq/D7cAi" +
"EBTGxNQLhEL8LPUnSYeQqzdKqj5xP7AUnT/0EAEX5Oz3zNzZozNDNhcbZXx+xike" +
"s60y+6MPW2ihKBt1G/BwUBj3VpAjdlq1y/2lKQIDAQABAoIBAQDkWGQpMPaLCVLi" +
"JrafuKwP44f1L+2WmiiY02wl4/ZVfhNDWt7eU6OVXKHnuUNSiGJMjkWQNgi4xFWG" +
"8+5v7akKvmyLfI1ikdnjKdJHNdNtYS24LXf/zxsyFLNQ8po2pRHiWVizlVc4uL1L" +
"iH9SynWbjENo4EWf82jfydX5MsxyVrz1qmh5JeQC4VgxFdpz8Q912gfAc+h9QK8e" +
"x6MVP/LoIeDBuQf4+1kmTN3Szyc+y0i1Bfem8NrswlTobBXwV4CcnvX+kArDlOTG" +
"H6+j5murcZe2A/un/mUSC/3hCC84wEkr8uJsZ0JkNRqBga55Rema7AcFIZ04AZvl" +
"gEroQboBAoGBAP6svxtfmBArLNZe+Opm8ena7RG5b9WHFMnrND7in/2GTHQlfteq" +
"csFAKxnuq9BiBlY3Qm65o8etm7GdSRlUwiBy2r8P1RfV6LGRFK/Jzgk9gDh+yJpg" +
"rEEQ6c0n0FJtOloNehP7sYIOSSPqztyFH7QGkTMxqUT+GOfQsal+RnlBAoGBAPsQ" +
"GiinmsSlZ1xaA2knGKIiez7ms1/Dv5BIpjme9JkR7uIg+5WPcFBqufMdQ98OmFlT" +
"u1aPHW3/+eis/R1Y24h30TBH4DvhXz7D+OIUDOTfBEQ83bGSNP4AInhNlCfzDV1Y" +
"SjdMKoGyMxd7tWPxtDkoC3VBbz8dpEMZF3z4FgnpAoGBANC2J6Q6UneluogwqxQG" +
"q+j4FuM4spMusfXMwTNsLKvr/QoOlIYQVR1VBj2pYLtVKlZL0TDHCJcjCv6jpP2S" +
"fclz9xsv0XZIQvwKpwZtf2IJOeSS2rnR0jk8sC8Gmu6CP5j/hHWOBupL5Nr/muoU" +
"W2gBHcvzvgIhr62DVaZPK1hBAoGBAOqsq3by66UCYvIdJXEF3W24Q3GRXXuXUpmA" +
"fvf/T+1AqQVwBRpQoJBaooPQCCAY2Wkt7j/DuKOYkLXf9RyYcWRHcx7pIH14dXoK" +
"3rocOc05dRh/uE4CN0xxPccr5N/OveBR5dV4eYcP1dgOh4frZyXB+6vXxS+++krJ" +
"yn3Cu375AoGASxHCB0gdfYRyWQEl0WoL1eyohdAJf08kVBZtAQ2jLeqY0ZEdUpzG" +
"+99qyw2IysGMwmjCxribLwbUm2cg74lZnX0NQH4HfQ5Pp4c0RUyJARrVzPhyQ1lu" +
"vgPZpCebTX9/118crlHQlTiGD4M258ghR8msm/+p4Efl8NvEcQ35y04=";
byte[] keyBytes = Base64.decode(RSA_ENCODED_PRIVATE_KEY_ANDROID_GENERATED, Base64.DEFAULT);
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey key = keyFactory.generatePrivate(spec);//working
byte[] keyBytesOpenSSL = Base64.decode(RSA_ENCODED_PRIVATE_KEY_OPENSSL_GENERATED, Base64.DEFAULT);
PKCS8EncodedKeySpec specOpenSSL = new PKCS8EncodedKeySpec(keyBytesOpenSSL);
KeyFactory keyFactoryOpenSSL = KeyFactory.getInstance("RSA");
PrivateKey keyOpenSSL = keyFactoryOpenSSL.generatePrivate(specOpenSSLenter code here);//java.security.spec.InvalidKeySpecException
OPENSSL 版本的结构与 ANDROID 不同。
在在线 ASN.1 解码器中查看两种数据结构:
RSA_ENCODED_PRIVATE_KEY_ANDROID_GENERATED
RSA_ENCODED_PRIVATE_KEY_OPENSSL_GENERATED
因此我假设 OPENSSL 版本不是有效的 PKCS#8 structure,只是一个包含 PrivateKey 结构的子集。
可能是您使用 OpenSSL 执行了错误的命令,如果我阅读正确的文档,它会默认创建一个 PKCS#1 结构。如果你想要 PKCS#8 结构,你必须稍后使用 openssl pkcs8 .. 命令转换它。