问题
I use bouncycastle to read the PKCS#1 format RSA public key, this key is begin with:
-----BEGIN RSA PUBLIC KEY----
The code works well, but it will depends on a heavy bouncycastle jar. It will cause the code can't be compiled on Android because of the java function's number is more than 65535.
I have changed the bouncycastle to spongycastle and decouple the prov.jar & pkix.jar. Also only use one class to reduce the code reference:
org.spongycastle.asn1.pkcs.RSAPublicKey rsaPublicKey = org.spongycastle.asn1.pkcs.RSAPublicKey.getInstance(keyBytes);
But the classes.dex will still be 2MB larger.
So I'm looking up is there light weight api to do it? Or the algorithm to read PKCS#1 RSA public key will be easy to write?
P.S. Using Proguard won't resolve the problem at all , it will disable the debugger in IDE.
回答1:
Here is some code I whipped out that shows how easy this is. You are definitely better off using a tried and tested library but this particular ASN.1 object is relatively simple:
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.file.Files;
import java.nio.file.Paths;
public class ParseRSAPublicKey {
private static final int SEQUENCE = 0x30;
private static final int INTEGER = 0x02;
private final ByteBuffer derBuf;
public ParseRSAPublicKey(byte[] der) {
derBuf = ByteBuffer.wrap(der);
}
public byte get() {
return derBuf.get();
}
/**
* @return the next byte of the buffer as an int
*/
public int getAsInt() {
return get() & 0xff;
}
public byte[] getArray(int len) {
byte [] arr = new byte[len];
derBuf.get(arr);
return arr;
}
public int parseId() {
// Only the low-tag form is legal.
int idOctect = getAsInt();
if (idOctect >= 0x31) {
throw new RuntimeException("Invalid identifier octets");
}
return idOctect;
}
public long parseLength() {
int octet1 = getAsInt();
if (octet1 < 128) {
// short form of length
return octet1;
} else {
// long form of length
int lengthOfLength = octet1 & 0x7f;
BigInteger bigLen = new BigInteger(1, getArray(lengthOfLength));
if (bigLen.compareTo(BigInteger.valueOf(Long.MAX_VALUE)) > 0){
throw new RuntimeException("Length is too long");
}
return bigLen.longValue();
}
}
public BigInteger parseInteger() {
if (parseId() != INTEGER) {
throw new RuntimeException("expected SEQUENCE tag");
}
long length = parseLength();
if (length > Integer.MAX_VALUE){
throw new RuntimeException("Length is too long");
}
return new BigInteger(1, getArray((int) length));
}
public BigInteger[] parse() {
// Parse SEQUENCE header
if (parseId() != SEQUENCE) {
throw new RuntimeException("expected SEQUENCE tag");
}
@SuppressWarnings("unused")
long seqLength = parseLength(); // We ignore this
// Parse INTEGER modulus
BigInteger n = parseInteger();
BigInteger e = parseInteger();
return new BigInteger[] {n, e};
}
public static void main(String [] args) throws Exception {
byte [] der = Files.readAllBytes(Paths.get("rsapub.p1"));
ParseRSAPublicKey parser = new ParseRSAPublicKey(der);
BigInteger [] results = parser.parse();
System.out.printf("%d%n", results[0]);
System.out.printf("%d%n", results[1]);
}
}
来源:https://stackoverflow.com/questions/27643551/light-weight-api-to-read-pkcs1-rsa-public-key-in-java