如何生成JCEKS密钥存储在机器人 [英] how to generates JCEKS keystore in android
问题描述
我用
密钥库存储= KeyStore.getInstance(JCEKS);
不过是让KeyStoreException
java.security.KeyStoreException:密钥库JCEKS实现未找到
原因是默认的安全提供者BouncyCastle的Android中。 因此,我用
密钥库存储= KeyStore.getInstance(JCEKS,了SunJCE);
不过是让NoSearchProviderException
java.security.NoSearchProviderException:了SunJCE
Android不包含了SunJCE安全提供者,因此JCEKS是不支持的密钥库类型(无论是老JKS格式)。
要创建密钥库时,可以选择BouncyCastle的密钥库
密钥库KS = KeyStore.getInstance(BKS);
或者,从安卓4.3,新的 AndroidKeyStore
基于OpenSSL的decdicated存储应用程序,私有密钥(更多详细信息的这里)
密钥库KS = KeyStore.getInstance(AndroidKeyStore);
如果你有一个JCEKS密钥库,你将不得不将其转换为BKS格式密钥工具:
密钥工具-importkeystore -srcstoretype JCEKS -srckeystore my.keystore -srckeypass MY_PASSWORD -destprovidername BC -deststoretype BKS -destkeypass my_new_password -destkeystore my.bks
I use
KeyStore store = KeyStore.getInstance("JCEKS");
But is make KeyStoreException
java.security.KeyStoreException: KeyStore JCEKS implementation not found
Reason is default security provider is bouncycastle in Android. Therefore I use
KeyStore store = KeyStore.getInstance("JCEKS", "SunJCE");
But is make NoSearchProviderException
java.security.NoSearchProviderException: SunJCE
Android does not include the SunJCE security provider and therefore JCEKS is not a supported Keystore type (neither is the older JKS format).
To create a KeyStore you can either choose the BouncyCastle Keystore
KeyStore ks = KeyStore.getInstance("BKS");
or, from Android 4.3, the new AndroidKeyStore
based on OpenSSL decdicated to store app-private keys (more details here)
KeyStore ks = KeyStore.getInstance("AndroidKeyStore");
And if you have a JCEKS Keystore you will have to convert it to BKS format with keytool:
keytool -importkeystore -srcstoretype JCEKS -srckeystore my.keystore -srckeypass my_password -destprovidername BC -deststoretype BKS -destkeypass my_new_password -destkeystore my.bks
这篇关于如何生成JCEKS密钥存储在机器人的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!