2

我正在开发一个创建 PKI 以在 Android 中获取证书请求的项目。

现在我正在使用 Spongycastle,它在 Android 5 及更高版本中运行,但在 4.X 上它向我展示了这个:

Signature SHA256WITHECDSA implementation not found
 java.security.NoSuchAlgorithmException: Signature SHA256WITHECDSA implementation not found
     at org.apache.harmony.security.fortress.Engine.notFound(Engine.java:177)
     at org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:170)
     at java.security.Signature.getSignatureInstance(Signature.java:178)
     at java.security.Signature.getInstance(Signature.java:146)
     at org.spongycastle.jce.PKCS10CertificationRequest.<init>(PKCS10CertificationRequest.java:363)
     at org.spongycastle.jce.PKCS10CertificationRequest.<init>(PKCS10CertificationRequest.java:248)
     at com.unipagos.app.enrollmentprocess.EnrollmentStep5FragmentActivity.createPKI(EnrollmentStep5FragmentActivity.java:199)
     at com.unipagos.app.enrollmentprocess.EnrollmentStep5FragmentActivity.onPostCreate(EnrollmentStep5FragmentActivity.java:145)
     at android.app.Instrumentation.callActivityOnPostCreate(Instrumentation.java:1157)
     at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2075)
     at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2117)
     at android.app.ActivityThread.access$700(ActivityThread.java:134)
     at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1218)
     at android.os.Handler.dispatchMessage(Handler.java:99)
     at android.os.Looper.loop(Looper.java:137)
     at android.app.ActivityThread.main(ActivityThread.java:4867)
     at java.lang.reflect.Method.invokeNative(Native Method)
     at java.lang.reflect.Method.invoke(Method.java:511)
     at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1007)
     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:774)
     at dalvik.system.NativeStart.main(Native Method)

创建证书请求的代码是这样的:

public String createPKI(String mdnString) {
    try {

        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
        //KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDSA", "SC");

        ECGenParameterSpec ecGenSpec = new ECGenParameterSpec("prime256v1");
        keyPairGenerator.initialize(ecGenSpec, new SecureRandom());

        KeyPair kp =  keyPairGenerator.generateKeyPair();

        publicKey = kp.getPublic();
        privateKey = kp.getPrivate();

        PKCS10CertificationRequest kpGen = new PKCS10CertificationRequest("SHA256WITHECDSA", new X509Name(String.format("UID=%s", mdnString)), publicKey, null, privateKey);

        String certRequest = Base64.encodeToString(kpGen.getEncoded(), Base64.DEFAULT);
        certRequest = certRequest.replace("\n", "");

        return certRequest;

    } catch(Exception e) {
        if (Constants.DEBUG) {
            Log.v("Exception", e.getMessage());
        }
        e.printStackTrace();
        return null;
    }
}

我正在使用的 spongycastle 版本是:sc-light-jdk15on-1.47.0.2.jar 和 scprov-jdk15on-1.47.0.2.jar

¿ 对此有什么想法吗?

4

2 回答 2

0

这是默认充气城堡提供程序添加了部分 Android 操作系统的原因。它可以使用下面提到的任何一种方法来解决。

方法一

用 SpongyCastleProvider 替换默认的 OS 级别 Bouncy Castle 提供程序。

//Remove the existing bouncy castle provider initiated part of the Android OS using it's name.
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
//Add bouncy castle provider from library
Security.addProvider(org.spongycastle.jce.provider.BouncyCastleProvider());

方法二

而且还有一个可用的选项。KeyPairGenerator通过添加方法的提供者实例部分来获取实例,getInstance()如下所示。

KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDSA", new org.spongycastle.jce.provider.BouncyCastleProvider());

同样适用于 Bouncy 城堡图书馆。如果您的目标是 Android 3.0(API 级别 11)以上的应用程序,建议使用BouncyCastle库而不是SpongyCastleSpongyCastle库作者建议的,并按照上述任何一种方法使用org.bouncycastle.jce.provider.BouncyCastleProvider(). 在应用程序 gradle 中使用以下依赖项来包含充气城堡库。

// Bouncy castle
implementation "org.bouncycastle:bcprov-jdk15to18:1.68"

请参阅以下链接以获取最新版本的充气城堡提供商。 https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15to18

于 2021-02-18T19:05:27.703 回答
0

您是否添加了 SpongyCastle 提供程序?

静态 { Security.addProvider(new org.spongycastle.jce.provider.BouncyCastleProvider());) }

此外,您将不得不使用此KeyPairGenerator实例:

KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "SC");

确保您选择 SpongyCastle 作为安全提供者。

于 2018-03-03T09:57:09.893 回答