英文:
getKey(alias, keyPassword) returns null value for secret key when calling from separate method
问题
我正试图在Java密钥库中检索一个已存储的密钥。我已经编写了以下代码:
public class clientEncryptionUtility
{
public static void generateKeyAndStoreOnKeyStore(String _keyStorePassword, String _keyStorePath, String _keyPassword, String keyAlias) throws Exception
{
KeyStore keyStore = KeyStore.getInstance("JCEKS");
char[] keyStorePassword = _keyStorePassword.toCharArray();
String path = _keyStorePath;
FileInputStream fis = new FileInputStream(path);
//load keystore
keyStore.load(fis, keyStorePassword);
//Loading the KeyStore object
KeyStore.ProtectionParameter protectionParam = new KeyStore.PasswordProtection(keyStorePassword);
//Generate the symmetric key for encryption
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
SecureRandom secureRandom = new SecureRandom();
int keyBitSize = 128;
keyGenerator.init(keyBitSize, secureRandom);
SecretKey secretKey = keyGenerator.generateKey(); //Secret encryption key is generated
//setting the password for the key stored in keystore
System.out.println("Algorithm used to generate key : " + secretKey.getAlgorithm());
char[] keyPassword = _keyPassword.toCharArray();
KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(keyPassword);
KeyStore.SecretKeyEntry secretKeyEntry = new KeyStore.SecretKeyEntry(secretKey);
keyStore.setEntry(keyAlias, secretKeyEntry, entryPassword);
SecretKey newSecretKey = (SecretKey) keyStore.getKey(keyAlias, keyPassword);
String stringKey = newSecretKey.toString();
System.out.println("The encryption key at the alias is: " + stringKey);
}
public static void getKeyFromKeyStore(String _keyStorePassword, String _keyStorePath, String keyAlias, String _keyPassword) throws Exception
{
KeyStore keyStore = KeyStore.getInstance("JCEKS");
char[] keyStorePassword = _keyStorePassword.toCharArray();
String path = _keyStorePath;
FileInputStream fis = new FileInputStream(path);
//load keystore
keyStore.load(fis, keyStorePassword);
char[] keyPassword = _keyPassword.toCharArray();
SecretKey secretKey = (SecretKey) keyStore.getKey(keyAlias, keyPassword);
// Key key = keyStore.getKey(keyAlias, keyPassword);
String stringKey = secretKey.toString();
System.out.println("The encryption key at the alias is: " + stringKey);
}
}
-
如果我调用
generateKeyAndStoreOnKeyStore()方法,并在同一个函数中存储密钥并检索密钥,则可以成功检索密钥。 -
但是,如果我在另一个名为
getKeyFromKeyStore()的方法中尝试相同的操作,在该方法中,我仅尝试从密钥库中检索别名处的密钥,我会收到nullPointerException(空指针异常)。 -
我在哪里出错了?
英文:
I am trying to retrieve a stored key in java key store. I have written the following code.
public class clientEncryptionUtility
{
public static void generateKeyAndStoreOnKeyStore(String _keyStorePassword, String _keyStorePath, String _keyPassword, String keyAlias) throws Exception // take the keystore path, alias, password
{
KeyStore keyStore = KeyStore.getInstance("JCEKS");
char[] keyStorePassword = _keyStorePassword.toCharArray();
String path = _keyStorePath;
FileInputStream fis = new FileInputStream(path);
//load keystore
keyStore.load(fis, keyStorePassword);
//Loading the KeyStore object
KeyStore.ProtectionParameter protectionParam = new KeyStore.PasswordProtection(keyStorePassword);
//Generate the symmetric key for encryption
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
SecureRandom secureRandom = new SecureRandom();
int keyBitSize = 128;
keyGenerator.init(keyBitSize, secureRandom);
SecretKey secretKey = keyGenerator.generateKey(); //Secret encryption key is genereated
//setting the password for the key stored in keystore
System.out.println("Algorithm used to generate key : "+secretKey.getAlgorithm());
char[] keyPassword = _keyPassword.toCharArray();
KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(keyPassword);
KeyStore.SecretKeyEntry secretKeyEntry = new KeyStore.SecretKeyEntry(secretKey);
keyStore.setEntry(keyAlias, secretKeyEntry, entryPassword);
SecretKey newSecretKey = (SecretKey) keyStore.getKey(keyAlias, keyPassword);
String stringKey = newSecretKey.toString();
System.out.println("The encryption key at the alias is: " + stringKey);
}
public static void getKeyFromKeyStore(String _keyStorePassword, String _keyStorePath, String keyAlias, String _keyPassword) throws Exception
{
KeyStore keyStore = KeyStore.getInstance("JCEKS");
char[] keyStorePassword = _keyStorePassword.toCharArray();
String path = _keyStorePath;
FileInputStream fis = new FileInputStream(path);
//load keystore
keyStore.load(fis, keyStorePassword);
char[] keyPassword = _keyPassword.toCharArray();
SecretKey secretKey = (SecretKey) keyStore.getKey(keyAlias, keyPassword);
// Key key = keyStore.getKey(keyAlias, keyPassword);
String stringKey = secretKey.toString();
System.out.println("The encryption key at the alias is: " + stringKey);
}
}
-If I call the generateKeyAndStoreOnKeyStore() method, and store the key and retrieve the key in the same function, the key is retrieved.
-However if I do the same from another method getKeyFromKeyStore() wherein I am just trying to retrieve the key at the alias from the keystone, I get a nullPointerException.
-Where am I going wrong?
答案1
得分: 2
很不幸,从Java文档中并不清楚你必须调用 KeyStore.store(...) 方法来持久化对密钥库的更改。一旦 generateKeyAndStoreOnKeyStore() 方法执行完毕,其中创建的 KeyStore 实例就会超出作用域,对密钥库所做的任何未保存更改都会消失。
在进行更改后调用 KeyStore.store(...) 方法。
英文:
Unfortunately it's not clear from the javadocs that you must call the KeyStore.store(...) method to persist changes to the keystore. Once generateKeyAndStoreOnKeyStore() exits, the KeyStore instance created there goes out of scope and any unsaved changes made to the keystore disappear.
Call the KeyStore.store(...) method after making changes.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论