KeyStore 不保存到文件
KeyStore not saving to file
我正在尝试使用 Java KeyStore 库将多个私钥存储在 JKS 文件中。我创建了一个写入和读取 JKS 文件的方法,但私钥未保存在文件中。
当我将某些内容存储到 KeyStore 中时,我可以获得密钥库中的所有别名并且新密钥就在那里。一旦关闭该方法并尝试拉出相同的密钥,它就找不到密钥。
Main.java
public static void main(String[] args) throws Exception {
//Create keys
main m = new main();
m.getOrSetPrivateKey("123", "123", privateKey, false);
PrivateKey p = m.getOrSetPrivateKey("123", "123", null, true);
if (p.equals(c.getPriv_key()))
System.err.println("Equal");
else
System.err.println("Not equal !!!!!!!!");
}
private synchronized PrivateKey getOrSetPrivateKey(String alias, String id, PrivateKey c, boolean read ) throws InterruptedException, IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, InvalidKeySpecException, NotSupportedException, UnrecoverableKeyException {
PrivateKey key = null;
InputStream inpusStream = new FileInputStream(getFile2(Constants.JKS_PRIVATE_FILE_NAME));
KeyStore keyStore = null;
try {
keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(inpusStream, Constants.JKS_PRIVATE_FILE_PASSWORD);
} finally {
if (inpusStream != null)
inpusStream.close();
}
Enumeration<String> s = keyStore.aliases();
while (s.hasMoreElements())
System.err.println("[ " + s.nextElement() + " ]");
//Generate password for this private key
char [] pass = getKeyPassword(c, alias, id);
if (read == true) { //If reading/getting private key from file store
boolean isKeyEntry = keyStore.isKeyEntry(alias);//Check if there is a key with the alias deviceSerialnumber
if (!isKeyEntry) {//No key with this alias exists
throw new KeyStoreException("No key with alias " + alias + " exists!");
}
key = (PrivateKey) keyStore.getKey(alias, pass);
} else { //Writing/ saving key to the file store
keyStore.setKeyEntry(alias, c , pass, new Certificate[] { createCertificate() });
FileOutputStream out = new FileOutputStream(new File(Constants.JKS_PRIVATE_FILE_NAME), true);
try {
keyStore.store(out, pass);
System.out.println("Alias exists = " + keyStore.containsAlias(alias));
} finally {
if (out != null)
out.close();
}
}
s = keyStore.aliases();
while (s.hasMoreElements())
System.err.println("( " + s.nextElement() + " )");
return key;
}
输出:
[ mykey ]
( 123 )
( mykey )
Alias exists = true
[ mykey ]
Exception in thread "main" java.security.KeyStoreException: No key with alias 123 exists!
为什么密钥没有保存到 JKS 文件中?
您正在附加到现有密钥库而不是替换它,因为您正在将 "true" 传递给 FileOutputStream 构造函数。
FileOutputStream out = new FileOutputStream(new File(Constants.JKS_PRIVATE_FILE_NAME), true);
用以下内容替换上面的行:
FileOutputStream out = new FileOutputStream(new File(Constants.JKS_PRIVATE_FILE_NAME));
问题出在 FileOutputStream 指向了错误的文件。
FileOutputStream out = new FileOutputStream(new File(Constants.JKS_PRIVATE_FILE_NAME), true);
应该像这样使用 getFile2 方法:
FileOutputStream out = new FileOutputStream(getFile2(Constants.JKS_PRIVATE_FILE_NAME));
正如 Palamino 指出的那样,不需要在 FileOutputStream 构造函数中包含 true。
此外,密钥库应该一直使用 JKS 文件密码,而不是 getKeyPassword() 生成的密码。
更改为:
keyStore.store(out, pass);
要使用JKS文件密码,像这样:
keyStore.store(out, Constants.JKS_PRIVATE_FILE_PASSWORD);
我正在尝试使用 Java KeyStore 库将多个私钥存储在 JKS 文件中。我创建了一个写入和读取 JKS 文件的方法,但私钥未保存在文件中。
当我将某些内容存储到 KeyStore 中时,我可以获得密钥库中的所有别名并且新密钥就在那里。一旦关闭该方法并尝试拉出相同的密钥,它就找不到密钥。
Main.java
public static void main(String[] args) throws Exception {
//Create keys
main m = new main();
m.getOrSetPrivateKey("123", "123", privateKey, false);
PrivateKey p = m.getOrSetPrivateKey("123", "123", null, true);
if (p.equals(c.getPriv_key()))
System.err.println("Equal");
else
System.err.println("Not equal !!!!!!!!");
}
private synchronized PrivateKey getOrSetPrivateKey(String alias, String id, PrivateKey c, boolean read ) throws InterruptedException, IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, InvalidKeySpecException, NotSupportedException, UnrecoverableKeyException {
PrivateKey key = null;
InputStream inpusStream = new FileInputStream(getFile2(Constants.JKS_PRIVATE_FILE_NAME));
KeyStore keyStore = null;
try {
keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(inpusStream, Constants.JKS_PRIVATE_FILE_PASSWORD);
} finally {
if (inpusStream != null)
inpusStream.close();
}
Enumeration<String> s = keyStore.aliases();
while (s.hasMoreElements())
System.err.println("[ " + s.nextElement() + " ]");
//Generate password for this private key
char [] pass = getKeyPassword(c, alias, id);
if (read == true) { //If reading/getting private key from file store
boolean isKeyEntry = keyStore.isKeyEntry(alias);//Check if there is a key with the alias deviceSerialnumber
if (!isKeyEntry) {//No key with this alias exists
throw new KeyStoreException("No key with alias " + alias + " exists!");
}
key = (PrivateKey) keyStore.getKey(alias, pass);
} else { //Writing/ saving key to the file store
keyStore.setKeyEntry(alias, c , pass, new Certificate[] { createCertificate() });
FileOutputStream out = new FileOutputStream(new File(Constants.JKS_PRIVATE_FILE_NAME), true);
try {
keyStore.store(out, pass);
System.out.println("Alias exists = " + keyStore.containsAlias(alias));
} finally {
if (out != null)
out.close();
}
}
s = keyStore.aliases();
while (s.hasMoreElements())
System.err.println("( " + s.nextElement() + " )");
return key;
}
输出:
[ mykey ]
( 123 )
( mykey )
Alias exists = true
[ mykey ]
Exception in thread "main" java.security.KeyStoreException: No key with alias 123 exists!
为什么密钥没有保存到 JKS 文件中?
您正在附加到现有密钥库而不是替换它,因为您正在将 "true" 传递给 FileOutputStream 构造函数。
FileOutputStream out = new FileOutputStream(new File(Constants.JKS_PRIVATE_FILE_NAME), true);
用以下内容替换上面的行:
FileOutputStream out = new FileOutputStream(new File(Constants.JKS_PRIVATE_FILE_NAME));
问题出在 FileOutputStream 指向了错误的文件。
FileOutputStream out = new FileOutputStream(new File(Constants.JKS_PRIVATE_FILE_NAME), true);
应该像这样使用 getFile2 方法:
FileOutputStream out = new FileOutputStream(getFile2(Constants.JKS_PRIVATE_FILE_NAME));
正如 Palamino 指出的那样,不需要在 FileOutputStream 构造函数中包含 true。
此外,密钥库应该一直使用 JKS 文件密码,而不是 getKeyPassword() 生成的密码。
更改为:
keyStore.store(out, pass);
要使用JKS文件密码,像这样:
keyStore.store(out, Constants.JKS_PRIVATE_FILE_PASSWORD);