Java 使用KeyFactory解析公钥_Java_Android Studio_Kotlin_Jwt

Java 使用KeyFactory解析公钥

java android-studio kotlin jwt

Java 使用KeyFactory解析公钥,java,android-studio,kotlin,jwt,Java,Android Studio,Kotlin,Jwt,我正在尝试用JWT验证令牌的签名。但是我在KeyFactory.generatePublic上出错了 “分析公钥时出错”。我第一次尝试很好地解码json，因为我收到了错误“非法的base64字符”或“无效的密钥格式” 有谁能帮我理解我做错了什么？多谢各位 fun testSign(token: String) { var kf = KeyFactory.getInstance("RSA") var publicKeyB64 = "{\"kid\&qu

我正在尝试用JWT验证令牌的签名。但是我在KeyFactory.generatePublic上出错了 “分析公钥时出错”。我第一次尝试很好地解码json，因为我收到了错误“非法的base64字符”或“无效的密钥格式” 有谁能帮我理解我做错了什么？多谢各位

fun testSign(token: String)
{
var kf = KeyFactory.getInstance("RSA")
var publicKeyB64 = "{\"kid\":\"1\",\"e\":\"AQAB\",\"kty\":\"RSA\",\"alg\":\"RS256\",\"n\":\"rXYc2Ehtb42R83kLIw56biI/ABOp03lzbYHdXI0caeliqP7KPOvaKQjQsCl84qmA7CIRTve4sBUq1Fp/zwMeyxMV5tvLIX2WIexf0OarA5S1ibU9xCD6LWzkdy1nhXeeDCeaN3fn3/7cdQIijII5YBKt0jTdqj9Sc48dguwObWkDbqFTYHf5DNn1qXDpvTCMON696eXJu+wzu3O+U8JBIR0XJyn2tcnrprkE5V+XCBGcLtG6W86r9m/aJptuCEP3L+nVx7CCPd0y/g9QgbtGTJT2CvgRlAzmVmbg9WgKHA4ZIXprvnGgXdu+gSNUB2JiQ3lqRxJgPkXlUb4M0EGH4Q==\",\"use\":\"sig\"}"
publicKeyB64 = publicKeyB64.replace('-', '+').replace('_', '/')
publicKeyB64 = String(
    Base64.getEncoder()
        .encode(publicKeyB64.toByteArray(StandardCharsets.UTF_8))
)
val decoded = Base64.getDecoder().decode(publicKeyB64)
val spec = X509EncodedKeySpec(decoded)
val publicKey = kf.generatePublic(spec) as RSAPublicKey
print(publicKey)
try {
    var algorithm: Algorithm = Algorithm.RSA256(publicKey, null);
    var verifier: JWTVerifier = com.auth0.jwt.JWT.require(algorithm)
        .withIssuer("auth0")
        .build(); //Reusable verifier instance
    var jwtDecodedJWT = verifier.verify(token);
} catch (exception: JWTVerificationException) {
    //Invalid signature/claims
    print(exception)
}
}

我还尝试使用另一种类型的密钥，但在尝试创建公钥时，总是会出现相同类型的错误

var publicKeyB64 = "MIICXAIBAAKBgQCUibP4fY2PA/sGMKMbU6usuIGcOAqgQjD6c2ylVo05Oz7pgjnE+O0l2MFRUYUGT5KKk/W+0cAXkxaQHE3n8A8X1mHT8eMDmWnzz0PeYjDE8LQmAw8RY2FnVKFAB36BIjdb5FsZmCk5QYKU5+nWLMqH/j/IR5AyX5wR2SMoslUg2QIDAQABAoGAeJ1s7638IhLIZtldyRXjRKi6ToFPV50IKodJxOSIXt3WE0V05ZaA84eUSxUYIOzCgRbuqVmnUz1USAdD18AecC8qc7tXTRALLy7q8fxklPwmGPUOvTFmI7gRMUnvcWrq1gySk3SKpj0YmWnuY9Xmd2+xoWLzUeFD1CROY5OTjIECQQDDlp1+Al7+duR0XyMlkWLIk0nIbkQ5zlTAEipzmaeTSOJi6YG3EMMz3AGuZb7tw6HFxWqeg1hyKJ+TcTM3WTdJAkEAwmrCDKE29n3wFOBKsZZFQbDgVOUXCBs2ubEI+ALe1DJU5BlfnrhJOINRCNgnwSFNbwxDTkDpR6J6Av2ElAvNEQJAV0dVvk5Wj50Ecz2lFHWdLD41taAnB9igDxnMIcvWcK4cf+ENhmCPiwvJIEa8/aLIBNYErvmTtVWVaBkirrc8KQJABr+z+sJB6S6X/fGHRkDkKJKeRvQo54QiUzHdENbwq0cQAVcMJbNZ/1c3oen2/1JLoNY5I+dG8dCnEaGBT65VMQJBAIDqH1Kqs5tb51cpt6h9ot31SUVud5pSML/babwp3pRs1s6poreym4PkAyRug0Dgcj1zVLt25TlOHvrL9r3Swq8="

我这里有个错误

 val publicKey = kf.generatePublic(spec) as RSAPublicKey

java.security.spec.InvalidKeySpecException:com.android.org.conscrypt.OpenSSLX509CertificateFactory$ParsingException:解析公钥时出错

var publicKeyB64 = "MIICXAIBAAKBgQCUibP4fY2PA/sGMKMbU6usuIGcOAqgQjD6c2ylVo05Oz7pgjnE+O0l2MFRUYUGT5KKk/W+0cAXkxaQHE3n8A8X1mHT8eMDmWnzz0PeYjDE8LQmAw8RY2FnVKFAB36BIjdb5FsZmCk5QYKU5+nWLMqH/j/IR5AyX5wR2SMoslUg2QIDAQABAoGAeJ1s7638IhLIZtldyRXjRKi6ToFPV50IKodJxOSIXt3WE0V05ZaA84eUSxUYIOzCgRbuqVmnUz1USAdD18AecC8qc7tXTRALLy7q8fxklPwmGPUOvTFmI7gRMUnvcWrq1gySk3SKpj0YmWnuY9Xmd2+xoWLzUeFD1CROY5OTjIECQQDDlp1+Al7+duR0XyMlkWLIk0nIbkQ5zlTAEipzmaeTSOJi6YG3EMMz3AGuZb7tw6HFxWqeg1hyKJ+TcTM3WTdJAkEAwmrCDKE29n3wFOBKsZZFQbDgVOUXCBs2ubEI+ALe1DJU5BlfnrhJOINRCNgnwSFNbwxDTkDpR6J6Av2ElAvNEQJAV0dVvk5Wj50Ecz2lFHWdLD41taAnB9igDxnMIcvWcK4cf+ENhmCPiwvJIEa8/aLIBNYErvmTtVWVaBkirrc8KQJABr+z+sJB6S6X/fGHRkDkKJKeRvQo54QiUzHdENbwq0cQAVcMJbNZ/1c3oen2/1JLoNY5I+dG8dCnEaGBT65VMQJBAIDqH1Kqs5tb51cpt6h9ot31SUVud5pSML/babwp3pRs1s6poreym4PkAyRug0Dgcj1zVLt25TlOHvrL9r3Swq8="

我做错了什么？我看到我在网上看到很多脚本做同样的事情

谢谢你的第二把钥匙好像不正确

如果需要，可以根据第一个示例中的

和

值创建

RSAPublicKey

。您需要从您提供的json中提取这些值，并按如下方式执行：

var e = "AQAB";
var n = "rXYc2Ehtb42R83kLIw56biI/ABOp03lzbYHdXI0caeliqP7KPOvaKQjQsCl84qmA7CIRTve4sBUq1Fp/zwMeyxMV5tvLIX2WIexf0OarA5S1ibU9xCD6LWzkdy1nhXeeDCeaN3fn3/7cdQIijII5YBKt0jTdqj9Sc48dguwObWkDbqFTYHf5DNn1qXDpvTCMON696eXJu+wzu3O+U8JBIR0XJyn2tcnrprkE5V+XCBGcLtG6W86r9m/aJptuCEP3L+nVx7CCPd0y/g9QgbtGTJT2CvgRlAzmVmbg9WgKHA4ZIXprvnGgXdu+gSNUB2JiQ3lqRxJgPkXlUb4M0EGH4Q==";
var eInt = BigInteger(1, Base64.getDecoder().decode(e))
var nInt = BigInteger(1, Base64.getDecoder().decode(n))

var spec = RSAPublicKeySpec(nInt, eInt)
val publicKey = kf.generatePublic(spec) as RSAPublicKey
print(publicKey)

它将打印您的公钥。

第二个密钥是私钥，而不是公钥，尽管它是ASN.1，但它是特定于算法的格式，而不是Java用于私钥的格式。它也是1024位，对于RSA来说不再被认为是安全的。@michalk谢谢，我设法得到了一个公钥，但当我去验证时，我得到了异常