Jig*_*ekh 7 android android-keystore
我们已经生成了AndroidKeystore,并且运行良好,但是随机遇到以下问题。
应用程序重新安装后,其工作正常。
java.security.KeyStoreException: Failed to store private key
以下是我们面临问题的代码
public boolean generateKeyStore() {
try {
Calendar startCal = Calendar.getInstance(TimeZone.getTimeZone("GMT+05:30"));
Calendar endCal = Calendar.getInstance(TimeZone.getTimeZone("GMT+05:30"));
endCal.add(Calendar.MINUTE, 15 * 24 * 60); // 15 days
Date notBefore = startCal.getTime();
Date notAfter = endCal.getTime();
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
generator.initialize(2048);
KeyPair keyPair = generator.generateKeyPair();
X500Name issuerName = new X500Name("CN=test, OU=test, O=test, L=test, ST=test, C=test, E=test@test.com");
X500Name subjectName = new X500Name("CN=test, OU=test, O=test, L=test, ST=test, C=test, E=test@test.com");
BigInteger serial = BigInteger.valueOf(Calendar.getInstance().getTimeInMillis());
X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, notBefore, notAfter,
subjectName, keyPair.getPublic());
ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSAEncryption")
.setProvider(BouncyCastleProvider.PROVIDER_NAME).build(keyPair.getPrivate());
X509Certificate cert = new JcaX509CertificateConverter().setProvider(
BouncyCastleProvider.PROVIDER_NAME).getCertificate(builder.build(signer));
Certificate[] chain = new Certificate[1];
chain[0] = cert;
KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
keyStore.setKeyEntry("Test", keyPair.getPrivate(), null, chain); // --> This line raise exception
return true;
} catch (Exception e) {
Log.e("Error", "generateKeyStore", e);
return false;
}
}
尝试将值转换为关键对象
keyStore.setKeyEntry("Test", (Key) keyPair.getPrivate(), null, chain);
您也可以使用这种没有密码参数的方法
keyStore.setKeyEntry("Test", (Key) keyPair.getPrivate(), chain);
也尝试为密码添加一个值而不是null
String pwd = "password";
keyStore.setKeyEntry("Test", (Key) keyPair.getPrivate(), pwd, chain);
如果这两个尝试使用编码密钥作为参数仍然失败
keyPair.getPrivate().getEncoded()