0
我创建了一个KeyStore来保存Web服务器中的一组私钥。创建KeyStore.jks文件后,我成功添加私钥并从密钥存储中检索它。但是,当我尝试添加新密钥时,我在KeyStore.load(...)中获得了EOFException。在setPrivateKey(...)发生在keyStore.load(...)上,该方法被调用额外的私钥添加到密钥存储的第二次获取条目后KeyStore EOFException
public void setPrivateKey(String deviceSerialNumber, PrivateKey priv) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, InvalidKeySpecException, NotSupportedException {
File privateKeyFile = getFile(Constants.JKS_PRIVATE_FILE_NAME);//Get the KeyStore.jks file
synchronized (privateKeyFile) {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(privateKeyFile), Constants.JKS_PRIVATE_FILE_PASSWORD); //This is where the error happens
FileOutputStream file = null;
try {
file = new FileOutputStream(privateKeyFile);//Get the JKS file with the private keys
//Write the private key to the file
KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(Constants.JKS_PRIVATE_FILE_PASSWORD);
KeyStore.PrivateKeyEntry pke = new KeyStore.PrivateKeyEntry(priv, new Certificate[] { createCertificate() });
keyStore.setEntry(deviceSerialNumber, pke, protParam);
//Save changes to key store file
keyStore.store(file, Constants.JKS_PRIVATE_FILE_PASSWORD);
} finally {
file.close();//Close the private key file output stream
}
}
}
public PrivateKey getPrivateKey(String deviceSerialNumber) throws NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, KeyStoreException, InvalidKeySpecException, NotSupportedException, UnrecoverableEntryException {
PrivateKey key = null;
File privateKeyFile = getFile(Constants.JKS_PRIVATE_FILE_NAME);//Get the keyStore.jks file
synchronized (privateKeyFile) {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(privateKeyFile), Constants.JKS_PRIVATE_FILE_PASSWORD);
FileOutputStream file = null;
try {
file = new FileOutputStream(privateKeyFile);//Get the JKS file with the private keys
//Write the private key to the jks file
boolean isKeyEntry = keyStore.isKeyEntry(deviceSerialNumber);//Check if there is a key with the alias deviceSerialnumber
if (isKeyEntry) {//If the key does exist
System.err.println("Key does exist!!!!1");
KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(Constants.JKS_PRIVATE_FILE_PASSWORD);
KeyStore.PrivateKeyEntry pke = (PrivateKeyEntry) keyStore.getEntry(deviceSerialNumber, protParam);
key = pke.getPrivateKey();
} else {//If the key does not exist
System.err.println("No key!!!!!!!!");
//HANDLE THIS
return null;
}
} finally {
file.close();//Close the private key file output stream
}
}
return key;
}
private Certificate createCertificate() throws CertificateException, IOException {
FileInputStream fis = new FileInputStream(getFile(Constants.CERTIFICATE_FILE));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> c = cf.generateCertificates(fis);
Iterator<? extends Certificate> i = c.iterator();
if (i.hasNext())
return (Certificate) i.next();
else
return null;
}
错误。
我产生KeyStore.jks文件和文件server.cer使用密钥工具
keytool -genkey -alias keyAlias -keyalg RSA -keystore KeyStore.jks -keypass password -storepass password
keytool -export -alias keyAlias -file server.cer -keystore KeyStore.jks -storepass password
难道我做错了什么在我店,并从密钥库中检索私有密钥的方式吗?如何阻止EOFException发生?
尝试删除此行getPrivateKey的:'文件=新的FileOutputStream中(privateKeyFile);'并关闭'FileInputStream'你之前创建的,而不是输出流 – pedrofb
这并工作。谢谢 – develop1