android读取keystore证书文件
16lz
2021-01-23
需要把关键信息存在keystore证书文件中,但是java本身支持的keystore是jks的,而android不支持jks,只支持bks的,那么就需要将jks类型的证书转换成bks类型的,然后使用android支持的方式去读取证书内容。
android不支持jks如下说明,见stack说明:
http://stackoverflow.com/questions/9312193/does-android-support-jks-keystore-type
例如如下说明:
问题:
I am trying to connect to server using keystore which is provided by server team.While sending service call to server first i created KeyStore Instance by using following apiKeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());It’s returning the keystore type as “BKS”.The Keystore what server team sent is of type “.jks”(somename.jks) So, I am getting exception “Wrong version of key store”.I tried by passing “JKS” to getInstance() of KeyStore by following wayKeyStore keystore = KeyStore.getInstance("JKS"); But here I am getting exception “KeyStore JKS implementation not found”.Here is the piece of code:KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());InputStream instream = mContext.getAssets().open("somename.jks");try { trustStore.load(instream, "password".toCharArray());} finally { try { instream.close(); } catch(Exception ignore) { }}Please guide me to solve this problem
回答见下:
I think Android support 'only' BouncyCastle KeyStores (known as BKS)... You still can use PortecleTo convert it from JKS to BKS, should work like a charm (at least it worked for me when trying to store my .CRT into a BKS format ! ;)'only' meaning, easily here :p, else you'll have to manipulate stuffs
需要转换的工具是Portecle
下载地址为
http://download.csdn.net/download/buxin_2008/4203250
使用方式见下:
http://ssl.chinassl.com/post/1cbcfb77_3b8d5cd
使用其实就是打开已有的keystore文件,然后修改jks为bks,然后重新保存证书就可以了,
最后使用的android读取证书的方式如下:
try { String password = "xxxa"; AssetManager asset = this.getResources().getAssets(); InputStream ceris = asset.open("zlex.keystore");// FileInputStream is = new FileInputStream(keyStorePath); //KeyStore.getInstance(KeyStore.getDefaultType()); KeyStore ks = KeyStore.getInstance("BKS"); ks.load(ceris, password.toCharArray()); ceris.close(); String alias = "xxxb"; RSAPrivateKey privateKey = (RSAPrivateKey) ks.getKey(alias, password.toCharArray()); System.out.println("私钥="+Base64.encode(privateKey.getEncoded())); //----------------------------------------------------------- CertificateFactory certificateFactory = CertificateFactory .getInstance("X509"); InputStream keyis = asset.open("zlex.cer");// FileInputStream in = new FileInputStream(certificatePath); Certificate certificate = certificateFactory.generateCertificate(keyis); keyis.close(); RSAPublicKey publicKey = (RSAPublicKey)certificate.getPublicKey(); System.out.println("公钥="+Base64.encode(publicKey.getEncoded()));} catch (KeyStoreException e1) {// TODO Auto-generated catch blocke1.printStackTrace();} catch (IOException e) {// TODO Auto-generated catch blocke.printStackTrace();} catch (NoSuchAlgorithmException e) {// TODO Auto-generated catch blocke.printStackTrace();} catch (CertificateException e) {// TODO Auto-generated catch blocke.printStackTrace();} catch (UnrecoverableEntryException e) {// TODO Auto-generated catch blocke.printStackTrace();}
其中xxxa为证书密码,xxxb为证书别名
这里需要将keystore文件,cer文件保存在assets中,如果保存在其他地方,请修改为相应目录,修改相应读取方式。
更多相关文章
- Android NFS文件系统挂载遇到的问题解决方法
- android v7兼容包RecyclerView的使用(四)——点击事件的不同方式处
- Android定时任务实现方式归纳总结
- android小功能实现之xml文件解析(Pull)
- android中下载文件到sdcard和进度条小结
- 初学者---Android Fragment之间数据传递的三种方式