Reputation: 21
KeyFactory.generatePublic from hardcoded X.509 certificate
I need to divide my app to app and extension. So i took an example for Google Play Downloader Library (android-sdk\extras\google\play_apk_expansion\downloader_sample). Project builds fine, but it crashes at
byte[] decodedKey = Base64.decode(encodedPublicKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM); // "RSA"
return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey));<code>
, on the string keyFactory.generatePublic. it's from src\com\google\android\vending\licensing\LicenseChecker.java (android-sdk\extras\google\play_licensing\library\src) Error:
E/AndroidRuntime(523): java.lang.IllegalArgumentException: java.security.spec.InvalidKeySpecException: java.lang.IllegalArgumentException: Bad sequence size: 3
Key looks like:
private static final String BASE64_PUBLIC_KEY =
"MIIB5TCCAU6gAwIBAgIET45f9zANBgkqhkiG9w0BAQUFADA3MQswCQYDVQQGEwJVUzEQMA4GA1UE" +
"ChMHQW5kcm9pZDEWMBQGA1UEAxMNQW5kcm9pZCBEZWJ1ZzAeFw0xMjA0MTgwNjMyMjNaFw00MjA0" +
"MTEwNjMyMjNaMDcxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdBbmRyb2lkMRYwFAYDVQQDEw1BbmRy" +
"b2lkIERlYnVnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh2IN5HhCp1X+gLaga06VXr/MZ" +
"JpkzhxMdg5yWyOkj50ZDCPywAh8LcNEih9XjYswAXwRHxZpUy9VFqgGcku33AAdHxyK7KK4ge7u5" +
"a7KY11CJhxMUbOGezGldMUTwBA0ZSuObfW402I4Y4ciAsMrOnhZqSTI/tTdAWv6cPTiJQQIDAQAB" +
"MA0GCSqGSIb3DQEBBQUAA4GBAAZ89R7OMtkQnGpE6s/crqUMysAXOaHktrr6mV/4VknoLHWJUsRg" +
"iv34rAFpd1SDg0HS8HklIymcwFkrewwx9MzryYtZEdBjvo2EeTz5u8nxQNz9sqChaya0oSXB/VI8" +
"nZBnoJ+n5Zbj7QfIgG7thrT4+n4pIDO83+E6zVW6RnIh";
If i change key to random string I get:
E/AndroidRuntime(478): java.lang.IllegalArgumentException: java.security.spec.InvalidKeySpecException: java.lang.ClassCastException: com.android.org.bouncycastle.asn1.DERApplicationSpecific cannot be cast to com.android.org.bouncycastle.asn1.ASN1Sequence
I tried to generate key spec and it doesn't cause an error, but that's not what I need :
RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger("12345678", 16), new BigInteger("11", 16));
KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM);
return keyFactory.generatePublic(pubKeySpec);
I rechecked generation and export of the certificate. Looks like it's correct. Key pair generation:
keytool.exe -genkey -keyalg "RSA" -keysize 2048 -v -keystore key2.store -storepass <storepwd> -keypass <keypwd>
, export
keytool.exe -export -rfc -storepass <storepwd> -keystore key2.store -file key222.cer
It's debug code. I'll use public key from Google Play in release. What is the correct way to hardcode x.509 certificate and use it in app?
Upvotes: 2
Views: 4765
Answers (1)
Reputation: 52936
That's not a valid encoded public key, it appears to be an Android debug certificate. Note that public key != certificate, although a certificate does include a public key. Also note that any two random BigInteger's do not constitute a valid key pair (they have to be prime, at least). To parse an actual certificate you would need something like this:
FileInputStream fis = new FileInputStream(filename);
BufferedInputStream bis = new BufferedInputStream(fis);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(bis);
What exactly are you trying to do?
Upvotes: 3
Related Questions
- Java: Invalid keystore format, when generated through code
- NPE when trying to generate a certificate
- Issue with Generating self-signed Certificate(X509), Private and Public key in Java Programatically
- install X509 certificate programmatically in my case
- Java generate secure certificate
- How to generate Java keystore from X.509 Certificate
- Android - converting pkcs12 certificate string to x509 certificate object for bks keystore
- CertificateException when generateCertificate()
- Storing an X.509 certificate into a keystore using java code
- Error while creating x.509 certificate