java.io.IOException异常:密钥存储的版本错误。使用SpongyCastle [英] java.io.IOException: Wrong version of key store. using SpongyCastle
本文介绍了java.io.IOException异常:密钥存储的版本错误。使用SpongyCastle的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我使用Spongycastle并希望以编程方式创建一个自签名证书。当我在Android上运行下面的code,我得到 java.io.IOException异常:密钥存储的版本错误
我不知道我在做什么错了,我想通Spongycastle将是正确的版本?
反正这里是code:
进口org.spongycastle.jce.X509Principal;
进口org.spongycastle.jce.provider.BouncyCastleProvider;
进口org.spongycastle.x509.X509V3CertificateGenerator;导入javax.net.ssl中*。
进口java.io. *;
进口java.math.BigInteger的;
导入java.security *。
进口java.security.cert.X509Certificate;
进口java.util.Date;公共类HttpsHello {
私人静态字符串则domainName =localhost的;
静态{Security.addProvider(新BouncyCastleProvider()); } 公共静态无效测试(){ 尝试{
的KeyPairGenerator KeyPairGenerator的= KeyPairGenerator.getInstance(RSA);
keyPairGenerator.initialize(1024);
密钥对KPair = keyPairGenerator.generateKeyPair(); X509V3CertificateGenerator v3CertGen =新X509V3CertificateGenerator(); 。INT跑=新的SecureRandom()nextInt();
如果(RAN℃,)跑=跑* -1; 的BigInteger的serialNumber = BigInteger.valueOf(RAN); v3CertGen.setSerialNumber(的serialNumber);
v3CertGen.setIssuerDN(新X509Principal(CN =+则domainName +,OU =无,O =无L =无,C =无));
v3CertGen.setNotBefore(新的Date(System.currentTimeMillis的() - 1000L * 60 * 60 * 24 * 30));
v3CertGen.setNotAfter(新的Date(System.currentTimeMillis的()+(1000L * 60 * 60 * 24 * 365 * 10)));
v3CertGen.setSubjectDN(新X509Principal(CN =+则domainName +,OU =无,O =无L =无,C =无));
v3CertGen.setPublicKey(KPair.getPublic());
v3CertGen.setSignatureAlgorithm(MD5WithRSAEncryption); x509证书pkcert = v3CertGen.generateX509Certificate(KPair.getPrivate());
// FileOutputStream中FOS =新的FileOutputStream(/路径/要/ testCert.cert);
// fos.write(pkcert.getEn codeD());
// fos.close(); ByteArrayInputStream的证书=新ByteArrayInputStream进行(pkcert.getEn codeD()); 密钥库KS = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(CERT,NULL);
KMF的KeyManagerFactory =
KeyManagerFactory.getInstance(SunX509);
kmf.init(KS,NULL);
的SSLContext SC = SSLContext.getInstance(TLS);
sc.init(kmf.getKeyManagers(),NULL,NULL);
SSF的SSLServerSocketFactory = sc.getServerSocketFactory();
SSLServerSocket小号
=(SSLServerSocket)ssf.createServerSocket(8888);
的System.out.println(服务器开始:);
printServerSocketInfo(多个);
//侦听的端口
SSLSocket的C =(SSLSocket的)s.accept();
printSocketInfo(C);
BufferedWriter将W =新的BufferedWriter(
新OutputStreamWriter(c.getOutputStream()));
BufferedReader中R =新的BufferedReader(
新的InputStreamReader(c.getInputStream()));
串m = r.readLine();
w.write(HTTP / 1.0 200 OK);
w.newLine();
w.write(内容类型:text / html的);
w.newLine();
w.newLine();
w.write(< HTML和GT;<身体GT;世界,你好<!/身体GT;< / HTML>中);
w.newLine();
w.flush();
w.close();
r.close();
c.close();
}赶上(例外五){
e.printStackTrace();
}
}
私有静态无效printSocketInfo(的SSLSocket S){
的System.out.println(Socket类:+ s.getClass());
的System.out.println(远程地址=
+ s.getInetAddress()的toString());
的System.out.println(远程端口=+ s.getPort());
的System.out.println(本地套接字地址=
+ s.getLocalSocketAddress()的toString());
的System.out.println(本地地址=
+ s.getLocalAddress()的toString());
的System.out.println(本地端口=+ s.getLocalPort());
的System.out.println(需要客户端身份验证=
+ s.getNeedClientAuth());
的SSLSession SS = s.getSession();
的System.out.println(密码套件=+ ss.getCipherSuite());
的System.out.println(协议=+ ss.getProtocol());
}
私有静态无效printServerSocketInfo(SSLServerSocket S){
的System.out.println(服务器套接字类:+ s.getClass());
的System.out.println(Socker地址=
+ s.getInetAddress()的toString());
的System.out.println(Socker端口=
+ s.getLocalPort());
的System.out.println(需要客户端身份验证=
+ s.getNeedClientAuth());
的System.out.println(想客户端身份验证=
+ s.getWantClientAuth());
的System.out.println(使用客户端模式=
+ s.getUseClientMode());
}
}
解决方案
我认为这是在下面的一行:
ks.load(CERT,NULL);
加载用来加载一个密钥存储文件。你试图加载证书。这两种格式是完全不同的,这就是为什么你会得到一个错误。
I am using Spongycastle and hoping to create a self signed certificate programmatically. When I run the code below in Android I get java.io.IOException: Wrong version of key store.
I'm not sure what I'm doing wrong, I figured Spongycastle would be the right version?
Anyways here is the code:
import org.spongycastle.jce.X509Principal;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.x509.X509V3CertificateGenerator;
import javax.net.ssl.*;
import java.io.*;
import java.math.BigInteger;
import java.security.*;
import java.security.cert.X509Certificate;
import java.util.Date;
public class HttpsHello {
private static String domainName = "localhost";
static { Security.addProvider(new BouncyCastleProvider()); }
public static void test() {
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair KPair = keyPairGenerator.generateKeyPair();
X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
int ran = new SecureRandom().nextInt();
if (ran < 0) ran = ran *-1;
BigInteger serialNumber = BigInteger.valueOf(ran);
v3CertGen.setSerialNumber(serialNumber);
v3CertGen.setIssuerDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365*10)));
v3CertGen.setSubjectDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
v3CertGen.setPublicKey(KPair.getPublic());
v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption");
X509Certificate pkcert = v3CertGen.generateX509Certificate(KPair.getPrivate());
// FileOutputStream fos = new FileOutputStream("/path/to/testCert.cert");
// fos.write(pkcert.getEncoded());
// fos.close();
ByteArrayInputStream cert = new ByteArrayInputStream(pkcert.getEncoded());
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(cert,null);
KeyManagerFactory kmf =
KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, null);
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), null, null);
SSLServerSocketFactory ssf = sc.getServerSocketFactory();
SSLServerSocket s
= (SSLServerSocket) ssf.createServerSocket(8888);
System.out.println("Server started:");
printServerSocketInfo(s);
// Listening to the port
SSLSocket c = (SSLSocket) s.accept();
printSocketInfo(c);
BufferedWriter w = new BufferedWriter(
new OutputStreamWriter(c.getOutputStream()));
BufferedReader r = new BufferedReader(
new InputStreamReader(c.getInputStream()));
String m = r.readLine();
w.write("HTTP/1.0 200 OK");
w.newLine();
w.write("Content-Type: text/html");
w.newLine();
w.newLine();
w.write("<html><body>Hello world!</body></html>");
w.newLine();
w.flush();
w.close();
r.close();
c.close();
} catch (Exception e) {
e.printStackTrace();
}
}
private static void printSocketInfo(SSLSocket s) {
System.out.println("Socket class: "+s.getClass());
System.out.println(" Remote address = "
+s.getInetAddress().toString());
System.out.println(" Remote port = "+s.getPort());
System.out.println(" Local socket address = "
+s.getLocalSocketAddress().toString());
System.out.println(" Local address = "
+s.getLocalAddress().toString());
System.out.println(" Local port = "+s.getLocalPort());
System.out.println(" Need client authentication = "
+s.getNeedClientAuth());
SSLSession ss = s.getSession();
System.out.println(" Cipher suite = "+ss.getCipherSuite());
System.out.println(" Protocol = "+ss.getProtocol());
}
private static void printServerSocketInfo(SSLServerSocket s) {
System.out.println("Server socket class: "+s.getClass());
System.out.println(" Socker address = "
+s.getInetAddress().toString());
System.out.println(" Socker port = "
+s.getLocalPort());
System.out.println(" Need client authentication = "
+s.getNeedClientAuth());
System.out.println(" Want client authentication = "
+s.getWantClientAuth());
System.out.println(" Use client mode = "
+s.getUseClientMode());
}
}
解决方案
i think it's in the line below:
ks.load(cert,null);
'load' is used to load a KeyStore file. You're trying to load a certificate. The formats of these two are absolutely different and that's why you're getting an error.
这篇关于java.io.IOException异常:密钥存储的版本错误。使用SpongyCastle的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
