Generating Chrome Packaged App .crx header with Java

问题

I"m trying to build the header in Java with no luck. (here is the spec: https://developer.chrome.com/extensions/crx) Any ideas?

protected void geneateCrxHeader (OutputStream ins,byte[] zipArchive) throws NoSuchAlgorithmException, NoSuchProviderException, IOException, InvalidKeyException, SignatureException{


    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");      
    SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
    keyGen.initialize(1024, random);        

    KeyPair pair = keyGen.generateKeyPair();
    byte[] key = pair.getPublic().getEncoded();     

    Signature instance = Signature.getInstance("SHA1withRSA");
    instance.initSign(pair.getPrivate());
    instance.update(zipArchive);                        
    byte[] hash = instance.sign();              
 byte[] magic = {0x43,0x72,0x32,0x34,0x02,0x00,0x00,0x00,0x00,0x01,0x0E,0x0B,0x00,0x00,0x08,0x00};

    ins.write(magic);
    ins.write(key);
    ins.write(hash);
}

and I get CRX_EXCESSIVELY_LARGE_KEY_OR_SIGNATURE.. I must be using wrong keygen.

in the docs they do say : "..the contents of the author's RSA public key, formatted as an X509 SubjectPublicKeyInfo block. .." i wonder if that is what i'm not doing correctly...

p.s Java crypto is a new frontier for me , so pls don't laugh if I did something totally dumb.

回答1:

Here is some code that I whipped up and didn't test that illustrates producing just the header. I based this solely on reading the spec.

import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Signature;

    public static byte[] generateCrxHeader(byte[] extensionContents) throws Exception {
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");      
        SecureRandom random = new SecureRandom();
        keyGen.initialize(1024, random);        

        KeyPair pair = keyGen.generateKeyPair();

        Signature sigInstance = Signature.getInstance("SHA1withRSA");
        sigInstance.initSign(pair.getPrivate());
        sigInstance.update(extensionContents);
        byte [] signature = sigInstance.sign();
        byte [] subjectPublicKeyInfo = pair.getPublic().getEncoded();
        final int headerLength = 4 + 4 + 4 + 4 + subjectPublicKeyInfo.length + signature.length;
        ByteBuffer headerBuf = ByteBuffer.allocate(headerLength);
        headerBuf.order(ByteOrder.LITTLE_ENDIAN);
        headerBuf.put(new byte[]{0x43,0x72,0x32,0x34}); // Magic number
        headerBuf.putInt(2); // Version
        headerBuf.putInt(subjectPublicKeyInfo.length); // public key length
        headerBuf.putInt(signature.length); // signature length
        headerBuf.put(subjectPublicKeyInfo);
        headerBuf.put(signature);
        final byte [] header = headerBuf.array();
        return header;
    }

来源：https://stackoverflow.com/questions/24661167/generating-chrome-packaged-app-crx-header-with-java