java - Android KeyStore 加密和解密数据

标签 java android encryption kotlin android-keystore

我的问题是:我试图在将某些用户的敏感数据保存到我的数据库之前对其进行加密。加密不是问题,问题出在解密部分。

我明白了:

07-22 16:25:38.941 18035-18035/io.nourish.strongerasfukk E/AndroidRuntime: FATAL EXCEPTION: main
Process: io.nourish.strongerasfukk, PID: 18035
java.lang.RuntimeException: Unable to start activity ComponentInfo{io.nourish.strongerasfukk/io.nourish.strongerasfukk.Register}: java.security.InvalidKeyException: Keystore operation failed
    at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2450)
    at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2520)
    at android.app.ActivityThread.-wrap11(ActivityThread.java)
    at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1363)
    at android.os.Handler.dispatchMessage(Handler.java:102)
    at android.os.Looper.loop(Looper.java:148)
    at android.app.ActivityThread.main(ActivityThread.java:5466)
    at java.lang.reflect.Method.invoke(Native Method)
    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
 Caused by: java.security.InvalidKeyException: Keystore operation failed
    at android.security.KeyStore.getInvalidKeyException(KeyStore.java:692)
    at android.security.KeyStore.getInvalidKeyException(KeyStore.java:712)
    at android.security.keystore.KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(KeyStoreCryptoOperationUtils.java:54)
    at android.security.keystore.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:89)
    at android.security.keystore.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:263)
    at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:108)
    at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:612)
    at javax.crypto.Cipher.tryCombinations(Cipher.java:532)
    at javax.crypto.Cipher.getSpi(Cipher.java:437)
    at javax.crypto.Cipher.init(Cipher.java:815)
    at javax.crypto.Cipher.init(Cipher.java:774)
    at **io.nourish.strongerasfukk.utilities.Encryption.decrypt(Encryption.kt:28)
    at io.nourish.strongerasfukk.Register.onCreate(Register.kt:54)**
    at android.app.Activity.performCreate(Activity.java:6251)
    at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1108)
    at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2403)
    at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2520) 
    at android.app.ActivityThread.-wrap11(ActivityThread.java) 
    at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1363) 
    at android.os.Handler.dispatchMessage(Handler.java:102) 
    at android.os.Looper.loop(Looper.java:148) 
    at android.app.ActivityThread.main(ActivityThread.java:5466) 
    at java.lang.reflect.Method.invoke(Native Method) 
    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726) 
    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616) 
 Caused by: android.security.KeyStoreException: Incompatible padding mode
    at android.security.KeyStore.getKeyStoreException(KeyStore.java:632)
    at android.security.KeyStore.getInvalidKeyException(KeyStore.java:712) 
    at android.security.keystore.KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(KeyStoreCryptoOperationUtils.java:54) 
    at android.security.keystore.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:89) 
    at android.security.keystore.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:263) 
    at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:108) 
    at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:612) 
    at javax.crypto.Cipher.tryCombinations(Cipher.java:532) 
    at javax.crypto.Cipher.getSpi(Cipher.java:437) 
    at javax.crypto.Cipher.init(Cipher.java:815) 
    at javax.crypto.Cipher.init(Cipher.java:774) 
    at io.nourish.strongerasfukk.utilities.Encryption.decrypt(Encryption.kt:28) 
    at io.nourish.strongerasfukk.Register.onCreate(Register.kt:54) 
    at android.app.Activity.performCreate(Activity.java:6251) 
    at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1108) 
    at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2403) 
    at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2520) 
    at android.app.ActivityThread.-wrap11(ActivityThread.java) 
    at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1363) 
    at android.os.Handler.dispatchMessage(Handler.java:102) 
    at android.os.Looper.loop(Looper.java:148) 
    at android.app.ActivityThread.main(ActivityThread.java:5466) 
    at java.lang.reflect.Method.invoke(Native Method) 
    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726) 
    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616) 

可以看到,问题引用了这两行代码,分别是:

加密.kt(第 28 行)

cipher.init(Cipher.DECRYPT_MODE, key)

&

Register.kt(第 54 行)

var decryptedData = encryption.decrypt(encryptedData,masterKey?.private)

我尝试在 Cipher.init 中加入提供者或不加入提供者,但都出现了同样的错误;我在网上或在这里寻找一些解决方案,但一无所获。我错过了什么或做错了什么?此外,我尝试了此处的示例 ( Link),但也没有任何结果。

我从这个链接 (link) 获得了代码示例,但不得不根据我自己的目的修改一些东西。

这是我的代码,以便更好地理解。

KeyStoreAdapter.kt

class KeyStoreAdapter {

private val kS = createAndroidKeyStore()

fun checkIfKeyExists(key: String) {
    val keyStore = KeyStore.getInstance("AndroidKeyStore").apply { load(null) }
    val alias = keyStore.aliases().toList()

    if(!alias.contains(key)) {
        val kpg: KeyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore")
        val parameterSpec: KeyGenParameterSpec = KeyGenParameterSpec.Builder("MasterKeys", KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT)
                .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
                .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
                .build()
        kpg.initialize(parameterSpec)
        kpg.generateKeyPair()
    }
}

fun getKeys(alias: String): KeyPair? {
    val privateKey = kS.getKey(alias, null) as PrivateKey?
    val publicKey = kS.getCertificate(alias)?.publicKey

    return if(privateKey != null && publicKey != null) {
        KeyPair(publicKey, privateKey)
    } else {
        null
    }
}

private fun createAndroidKeyStore(): KeyStore {
    val keyStore = KeyStore.getInstance("AndroidKeyStore")
    keyStore.load(null)
    return keyStore
}

加密.kt 类加密{

val cipher = Cipher.getInstance(Config.TRANSFORMATION)

fun encrypt(data: String, key: Key?): String {
    cipher.init(Cipher.ENCRYPT_MODE, key)
    val bytes = cipher.doFinal(data.toByteArray())
    return Base64.encodeToString(bytes, Base64.DEFAULT)
}

fun decrypt(data: String, key: Key?): String {
    cipher.init(Cipher.DECRYPT_MODE, key)
    val encryptedData = Base64.decode(data, Base64.DEFAULT)
    val decodedData = cipher.doFinal(encryptedData)
    return String(decodedData)
}


const val TRANSFORMATION = "RSA/ECB/PKCS1Padding"

提前感谢大家!

最佳答案

尝试使用填充作为“OAEPwithSHA-1andMGF1Padding”。 SDK 10+ 支持它。 代码:

const val TRANSFORMATION = "RSA/ECB/OAEPwithSHA-1andMGF1Padding"

生成 key 

val keyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore")
keyPairGenerator.initialize(KeyGenParameterSpec.Builder(KEY_ALIAS, KeyProperties.PURPOSE_ENCRYPT
                    or KeyProperties.PURPOSE_DECRYPT)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_OAEP)
.setDigests(KeyProperties.DIGEST_SHA1) 
.build())

关于java - Android KeyStore 加密和解密数据,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51469481/

上一篇:android - 拖放组件在 android studio 的预览中不可见

下一篇:java - 适用于多种数据类型的 RecyclerView.Adapter

相关文章:

Java:创建实现接口(interface)的类实例的简写形式

android - 模拟器不打开主屏幕

javascript - 检测何时由 Android 浏览器的屏幕键盘触发调整大小事件

java - 如何使用 PBE 算法解密字符串

database - 我需要在 CodeIgniter 中手动激活 session 变量的加密吗?

java - 如何处理从xml到Activity的点击

java - 通过JAVA读取CSV

java - 无法完成架构更新 : org. h2.jdbc.JdbcSQLException:未找到表 "PG_CLASS"; SQL语句

java - Android服务没有及时更新变量

java - Java 8 更新后的 RC4 相关问题

©2024 IT工具网  联系我们