Using Android 4.1 Keychain

孤人 提交于 2020-01-12 03:52:09

问题


I am using the Android 4.1 Keychain and the following code worked fine under 4.0 but now gives me a Nullpointer exception (Cipher can't read some internal attribute)

privateKey = KeyChain.getPrivateKey(context,mAlias);
byte[] data = // some biary data
Cipher rsasinger = javax.crypto.Cipher.getInstance("RSA/ECB/PKCS1PADDING");
rsasinger.init(Cipher.ENCRYPT_MODE, privkey);

byte[] signed_bytes = rsasinger.doFinal(data);

I am handling the private key from the KeyChain as opaque and simply use it with the java security Api. Do need I need to use the KeyChain API in a different way?


回答1:


After further debugging and by contacted by a Google engenier (Thanks!) it turned out that Android registers differents JAVA Crypto providers and only the OpenSSL Provider is able to use the PrivateKeys from the Keystore.

But with some hacks and using /system/lib/ssl/engines/libkeystore.so it should be possible to work around this problem.

See http://code.google.com/p/ics-openvpn/source/browse/jni/jbcrypto.cpp and proccessSignJellyBean in http://code.google.com/p/ics-openvpn/source/browse/src/de/blinkt/openvpn/OpenVpnManagementThread.java#446 for my solution.



来源:https://stackoverflow.com/questions/11261774/using-android-4-1-keychain

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!