我正在做一个项目,该项目创建一个PKI来获取Android中的证书请求。
现在我正在使用Spongycastle,它可以在Android 5及更高版本中工作,但在4.X上它向我展示了以下内容:
Signature SHA256WITHECDSA implementation not found
java.security.NoSuchAlgorithmException: Signature SHA256WITHECDSA implementation not found
at org.apache.harmony.security.fortress.Engine.notFound(Engine.java:177)
at org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:170)
at java.security.Signature.getSignatureInstance(Signature.java:178)
at java.security.Signature.getInstance(Signature.java:146)
at org.spongycastle.jce.PKCS10CertificationRequest.<init>(PKCS10CertificationRequest.java:363)
at org.spongycastle.jce.PKCS10CertificationRequest.<init>(PKCS10CertificationRequest.java:248)
at com.unipagos.app.enrollmentprocess.EnrollmentStep5FragmentActivity.createPKI(EnrollmentStep5FragmentActivity.java:199)
at com.unipagos.app.enrollmentprocess.EnrollmentStep5FragmentActivity.onPostCreate(EnrollmentStep5FragmentActivity.java:145)
at android.app.Instrumentation.callActivityOnPostCreate(Instrumentation.java:1157)
at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2075)
at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2117)
at android.app.ActivityThread.access$700(ActivityThread.java:134)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1218)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:137)
at android.app.ActivityThread.main(ActivityThread.java:4867)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:511)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1007)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:774)
at dalvik.system.NativeStart.main(Native Method)
创建证书请求的代码如下:
public String createPKI(String mdnString) {
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
//KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDSA", "SC");
ECGenParameterSpec ecGenSpec = new ECGenParameterSpec("prime256v1");
keyPairGenerator.initialize(ecGenSpec, new SecureRandom());
KeyPair kp = keyPairGenerator.generateKeyPair();
publicKey = kp.getPublic();
privateKey = kp.getPrivate();
PKCS10CertificationRequest kpGen = new PKCS10CertificationRequest("SHA256WITHECDSA", new X509Name(String.format("UID=%s", mdnString)), publicKey, null, privateKey);
String certRequest = Base64.encodeToString(kpGen.getEncoded(), Base64.DEFAULT);
certRequest = certRequest.replace("n", "");
return certRequest;
} catch(Exception e) {
if (Constants.DEBUG) {
Log.v("Exception", e.getMessage());
}
e.printStackTrace();
return null;
}
}
我正在使用的海绵城堡版本是这样的:sc-light-jdk15on-1.47.0.2.jar 和scprov-jdk15on-1.47.0.2.jar
¿对此有什么想法吗?
您是否添加了 SpongyCastle 提供程序?
静态 { Security.addProvider(new org.spongycastle.jce.provider.BouncyCastleProvider(((;) }
此外,您还必须使用此KeyPairGenerator实例:
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "SC"(;
确保您选择SpongyCastle作为安全提供商。
这是默认充气城堡提供商添加部分Android操作系统的原因。可以使用以下任何一种方法来解决。
方法1
将默认的操作系统级别充气城堡提供程序替换为 SpongyCastleProvider。
//Remove the existing bouncy castle provider initiated part of the Android OS using it's name.
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
//Add bouncy castle provider from library
Security.addProvider(org.spongycastle.jce.provider.BouncyCastleProvider());
方法2
还有一个选项可用。通过添加getInstance() menthod 的提供程序实例部分来获取KeyPairGenerator实例,如下所示。
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDSA", new org.spongycastle.jce.provider.BouncyCastleProvider());
充气城堡图书馆也是如此。如果您的目标是 Android 3.0(API 级别 11(以上的应用,建议使用 SpongyCastle 库作者建议BouncyCastle库而不是SpongyCastle,并遵循上述任何一种方法进行org.bouncycastle.jce.provider.BouncyCastleProvider()。在应用程序 gradle 中使用以下依赖项来包含充气城堡库。
// Bouncy castle
implementation "org.bouncycastle:bcprov-jdk15to18:1.68"
请参阅以下链接以获取最新版本的充气城堡提供商。https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15to18