1

我正在尝试在我的应用程序中使用带有网络推送协议的网络推送通知。为了将 Push API 与 VAPID 一起使用,我需要一个applicationServerKey.

PushManagersubscribe方法将 VAPID 密钥(仅公钥)作为参数,并将提供订阅端点和推送消息的密钥。

为了生成 VAPID 密钥,我一直在使用 node.js(谷歌web-push包),openssl直到现在。但在我的用例中,VAPID 密钥应该在 Java 中生成并传递给 JavaScript 以从浏览器订阅。

我正在尝试使用 Java 中的以下代码生成 VAPID 密钥。我能够成功创建密钥,但是当我传递生成的公钥(base64 编码的字符串)时,该subscribe方法返回一条错误消息:

无法注册服务工作者。DOMException:无法在“PushManager”上执行“订阅”:提供的 applicationServerKey 无效..

请帮我解决这个问题。下面是我的Java代码:

ECNamedCurveParameterSpec parameterSpec = 
ECNamedCurveTable.getParameterSpec("prime256v1");
KeyPairGenerator keyPairGenerator = 
KeyPairGenerator.getInstance("ECDH", "BC");
keyPairGenerator.initialize(parameterSpec);
KeyPair serverKey = keyPairGenerator.generateKeyPair();

PrivateKey priv = serverKey.getPrivate();
PublicKey pub = serverKey.getPublic();`
System.out.println(Base64.toBase64String(pub.getEncoded()));
4

4 回答 4

4

请参阅以下链接以获取 MartijnDwars 的答案。 https://github.com/web-push-libs/webpush-java/issues/30

您可以使用 Utils.savePublicKey 将 Java 生成的 PublicKey 转换为 byte[]。然后将此 byte[] 传递给 PushManager.subscribe 方法。

在 Java 中对 byte[] 进行 base64 编码并在 JavaScript 中对字符串进行 base64 解码可能更方便。例如,在 Java 中生成密钥对后:

KeyPair keyPair = generateKeyPair();
byte[] publicKey = Utils.savePublicKey((ECPublicKey) keyPair.getPublic());
String publicKeyBase64 = BaseEncoding.base64Url().encode(publicKey);
System.out.println("PublicKey = " + publicKeyBase64);
// PublicKey = BPf36QAqZNNvvnl9kkpTDerXUOt6Nm6P4x9GEvmFVFKgVyCVWy24KUTs6wLQtbV2Ug81utbNnx86_vZzXDyrl88=

然后在 JavaScript 中:

function subscribe() {
    const publicKey = base64UrlToUint8Array('BPf36QAqZNNvvnl9kkpTDerXUOt6Nm6P4x9GEvmFVFKgVyCVWy24KUTs6wLQtbV2Ug81utbNnx86_vZzXDyrl88=');

    navigator.serviceWorker.ready.then(function (serviceWorkerRegistration) {
        serviceWorkerRegistration.pushManager.subscribe({
            userVisibleOnly: true,
            applicationServerKey: publicKey
        })
        .then(function (subscription) {
            return sendSubscriptionToServer(subscription);
        })
        .catch(function (e) {
            if (Notification.permission === 'denied') {
                console.warn('Permission for Notifications was denied');
            } else {
                console.error('Unable to subscribe to push.', e);
            }
        });
    });
}

function base64UrlToUint8Array(base64UrlData) {
    const padding = '='.repeat((4 - base64UrlData.length % 4) % 4);
    const base64 = (base64UrlData + padding)
        .replace(/\-/g, '+')
        .replace(/_/g, '/');

    const rawData = atob(base64);
    const buffer = new Uint8Array(rawData.length);

    for (let i = 0; i < rawData.length; ++i) {
        buffer[i] = rawData.charCodeAt(i);
    }

    return buffer;
}
于 2017-11-06T05:03:12.460 回答
1

使用 bountycastle,您可以使用以下代码生成 vapid 密钥:

    ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec("prime256v1");
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDH", "BC");
    keyPairGenerator.initialize(parameterSpec);
    KeyPair keyPair = keyPairGenerator.generateKeyPair();
    ECPublicKey publicKey = (ECPublicKey) keyPair.getPublic();
    ECPrivateKey privateKey = (ECPrivateKey) keyPair.getPrivate();
    String publicKeyString = Base64.getUrlEncoder().withoutPadding().encodeToString(publicKey.getQ().getEncoded(false));
    System.out.println(publicKeyString);
    String privateKeyString = Base64.getUrlEncoder().withoutPadding().encodeToString(privateKey.getD().toByteArray());
    System.out.println(privateKeyString);
于 2020-06-16T19:11:40.947 回答
1

花了几个小时在这方面,我想我会分享我从几个网站收集到的解决方案,避免使用会产生许多其他问题的 Bouncy Castle。试试下面的:

KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec spec = new ECGenParameterSpec("secp256r1");
keyPairGenerator.initialize(spec, new SecureRandom()); 
KeyPair keyPair = keyPairGenerator.generateKeyPair();

ECPublicKey publicKey = (ECPublicKey)   keyPair.getPublic();
ECPoint ecp = publicKey.getW();

byte[] x = ecp.getAffineX().toByteArray();
byte[] y = ecp.getAffineY().toByteArray();
// Convert 04 to bytes
String s= "04";
int len = s.length();
byte[] firstBit = new byte[len / 2];
for (int i = 0; i < len; i += 2) 
{
    firstBit[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + 
Character.digit(s.charAt(i+1), 16));
}

ByteArrayOutputStream outputStream = new ByteArrayOutputStream( );
outputStream.write(firstBit);
outputStream.write(x);
outputStream.write(y);


publicKeyBytes = outputStream.toByteArray( );

Base64 encoder = new Base64(-1,null,true);
byte[] encodedBytes = encoder.encode(publicKeyBytes);
String publicKeyBase64 = new String(encodedBytes, StandardCharsets.UTF_8);
于 2020-01-16T12:22:49.370 回答
0

这是处理 BigIntegers 随机长度的较差 Java 8 的解决方案。

    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance( "EC" );
    keyPairGenerator.initialize( new ECGenParameterSpec( "secp256r1" ), new SecureRandom() );
    KeyPair keyPair = keyPairGenerator.generateKeyPair();

    ECPublicKey publicKey = (ECPublicKey)keyPair.getPublic();
    ECPoint ecp = publicKey.getW();

    byte[] applicationServerKey = new byte[65];
    applicationServerKey[0] = 4;

    // copy getAffineX() to the target
    byte[] affine = ecp.getAffineX().toByteArray(); // typical 31 to 33 bytes
    int pos = 1;
    int off, length;
    off = affine.length - 32;
    if( off >=  0 ) {
        // there are leading zero values which we cut
        length = 32;
    } else {
        pos -= off;
        length = 32 + off;
        off = 0;
    }
    System.arraycopy( affine, off, applicationServerKey, pos, length );

    // copy getAffineY() to the target
    affine = ecp.getAffineY().toByteArray(); // typical 31 to 33 bytes
    pos = 33;
    off = affine.length - 32;
    if( off >=  0 ) {
        // there are leading zero values which we cut
        length = 32;
    } else {
        pos -= off;
        length = 32 + off;
        off = 0;
    }
    System.arraycopy( affine, off, applicationServerKey, pos, length );

    return Base64.getEncoder().encodeToString( applicationServerKey );

或更简单的 Java 内置编码:

    ECPublicKey publicKey = ...
    byte[] keyBytes = publicKey.getEncoded();
    // 26 -> X509 overhead, length ever 91, results in 65 bytes
    keyBytes = Arrays.copyOfRange( keyBytes, 26, 91 ); 

    return this.applicationServerKey = Base64.getEncoder().encodeToString( keyBytes );
于 2022-02-16T11:21:06.450 回答