Skip to content

Commit b9c52ba

Browse files
619dev619dev
committed
fix
1 parent 1553f3a commit b9c52ba

File tree

1 file changed

+63
-29
lines changed

1 file changed

+63
-29
lines changed

android/app/src/main/kotlin/com/wxcrypt/app/PGPEncryptionHelper.kt

Lines changed: 63 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,8 @@ object PGPEncryptionHelper {
2020
if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
2121
Security.addProvider(BouncyCastleProvider())
2222
}
23+
// 记录可用的提供者
24+
android.util.Log.d("PGPEncryptionHelper", "Available providers: ${Security.getProviders().joinToString(", ") { it.name }}")
2325
}
2426

2527
/**
@@ -510,51 +512,83 @@ object PGPEncryptionHelper {
510512
android.util.Log.d("PGPEncryptionHelper", "Extracting private key, has password: ${password != null && password.isNotEmpty()}")
511513
val passwordChars = password?.toCharArray() ?: "".toCharArray()
512514
val privateKey = try {
513-
// 不指定提供者,让系统自动选择(Android P+兼容)
514-
// 系统会自动使用可用的提供者,避免BC提供者的限制
515+
// 尝试使用BC提供者(虽然Android P+有限制,但某些操作可能仍可用)
515516
secretKey.extractPrivateKey(
516517
org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder()
517-
.setProvider("AndroidOpenSSL")
518+
.setProvider("BC")
518519
.build(passwordChars)
519520
).also {
520-
android.util.Log.d("PGPEncryptionHelper", "Successfully extracted private key using AndroidOpenSSL")
521+
android.util.Log.d("PGPEncryptionHelper", "Successfully extracted private key using BC provider")
521522
}
522523
} catch (e: Exception) {
523-
android.util.Log.w("PGPEncryptionHelper", "Failed with AndroidOpenSSL: ${e.message}, trying system default")
524+
android.util.Log.w("PGPEncryptionHelper", "Failed with BC: ${e.message}, trying AndroidOpenSSL")
524525
try {
525-
// 尝试不指定提供者,使用系统默认
526+
// 尝试AndroidOpenSSL
526527
secretKey.extractPrivateKey(
527528
org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder()
528-
// 不设置提供者,让系统自动选择
529+
.setProvider("AndroidOpenSSL")
529530
.build(passwordChars)
530531
).also {
531-
android.util.Log.d("PGPEncryptionHelper", "Successfully extracted private key using system default provider")
532+
android.util.Log.d("PGPEncryptionHelper", "Successfully extracted private key using AndroidOpenSSL")
532533
}
533534
} catch (e2: Exception) {
534-
android.util.Log.e("PGPEncryptionHelper", "Failed to extract private key: ${e2.message}", e2)
535-
// 如果密码错误,尝试空密码(向后兼容)
536-
if (password != null && password.isNotEmpty()) {
537-
android.util.Log.d("PGPEncryptionHelper", "Trying with empty password")
538-
try {
539-
secretKey.extractPrivateKey(
540-
org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder()
541-
.setProvider("AndroidOpenSSL")
542-
.build("".toCharArray())
543-
).also {
544-
android.util.Log.d("PGPEncryptionHelper", "Extracted with empty password using AndroidOpenSSL")
535+
android.util.Log.w("PGPEncryptionHelper", "Failed with AndroidOpenSSL: ${e2.message}, trying system default")
536+
try {
537+
// 尝试不指定提供者,使用系统默认
538+
secretKey.extractPrivateKey(
539+
org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder()
540+
// 不设置提供者,让系统自动选择
541+
.build(passwordChars)
542+
).also {
543+
android.util.Log.d("PGPEncryptionHelper", "Successfully extracted private key using system default provider")
544+
}
545+
} catch (e3: Exception) {
546+
android.util.Log.e("PGPEncryptionHelper", "Failed to extract private key with password: ${e3.message}", e3)
547+
// 检查是否是密码错误(checksum mismatch 通常表示密码错误)
548+
val isPasswordError = e3.message?.contains("checksum") == true ||
549+
e3.message?.contains("mismatch") == true ||
550+
e3.message?.contains("wrong") == true
551+
552+
// 如果密码错误,尝试空密码(向后兼容)
553+
if (password != null && password.isNotEmpty() && isPasswordError) {
554+
android.util.Log.d("PGPEncryptionHelper", "Checksum mismatch detected, trying with empty password (password may be incorrect)")
555+
try {
556+
secretKey.extractPrivateKey(
557+
org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder()
558+
.setProvider("BC")
559+
.build("".toCharArray())
560+
).also {
561+
android.util.Log.d("PGPEncryptionHelper", "Extracted with empty password using BC")
562+
}
563+
} catch (e4: Exception) {
564+
android.util.Log.w("PGPEncryptionHelper", "Failed with empty password and BC: ${e4.message}, trying AndroidOpenSSL")
565+
try {
566+
secretKey.extractPrivateKey(
567+
org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder()
568+
.setProvider("AndroidOpenSSL")
569+
.build("".toCharArray())
570+
).also {
571+
android.util.Log.d("PGPEncryptionHelper", "Extracted with empty password using AndroidOpenSSL")
572+
}
573+
} catch (e5: Exception) {
574+
android.util.Log.w("PGPEncryptionHelper", "Failed with empty password and AndroidOpenSSL: ${e5.message}, trying system default")
575+
secretKey.extractPrivateKey(
576+
org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder()
577+
// 不设置提供者
578+
.build("".toCharArray())
579+
).also {
580+
android.util.Log.d("PGPEncryptionHelper", "Extracted with empty password using system default")
581+
}
582+
}
545583
}
546-
} catch (e3: Exception) {
547-
android.util.Log.w("PGPEncryptionHelper", "Failed with empty password and AndroidOpenSSL: ${e3.message}, trying system default")
548-
secretKey.extractPrivateKey(
549-
org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder()
550-
// 不设置提供者
551-
.build("".toCharArray())
552-
).also {
553-
android.util.Log.d("PGPEncryptionHelper", "Extracted with empty password using system default")
584+
} else {
585+
// 如果是密码错误,提供更明确的错误信息
586+
if (isPasswordError) {
587+
throw Exception("私钥密码错误,请检查输入的密码是否正确")
588+
} else {
589+
throw Exception("私钥密码错误或私钥未加密。错误信息: ${e3.message}")
554590
}
555591
}
556-
} else {
557-
throw Exception("私钥密码错误或私钥未加密: ${e2.message}")
558592
}
559593
}
560594
}

0 commit comments

Comments
 (0)