使用 Keystore 存储密钥
我正在使用密钥库来保护文件中的私钥(带有该文件的密码)。我不明白这段代码
// save my secret key
javax.crypto.SecretKey mySecretKey;
KeyStore.SecretKeyEntry skEntry =
new KeyStore.SecretKeyEntry(mySecretKey);
ks.setEntry("secretKeyAlias", skEntry,
new KeyStore.PasswordProtection(password));
// store away the keystore
java.io.FileOutputStream fos = null;
try {
fos = new java.io.FileOutputStream("newKeyStoreName");
ks.store(fos, password);
} finally {
if (fos != null) {
fos.close();
}
}
setEntry 在做什么? 我们是否通过 fileoutputstream 保存私钥?如果是的话,文件的密码在哪里??? 文件的扩展名是多少?是.jks吗??
I am using keystore to protect private key in a file(with a password for that file).I did not understand this code
// save my secret key
javax.crypto.SecretKey mySecretKey;
KeyStore.SecretKeyEntry skEntry =
new KeyStore.SecretKeyEntry(mySecretKey);
ks.setEntry("secretKeyAlias", skEntry,
new KeyStore.PasswordProtection(password));
// store away the keystore
java.io.FileOutputStream fos = null;
try {
fos = new java.io.FileOutputStream("newKeyStoreName");
ks.store(fos, password);
} finally {
if (fos != null) {
fos.close();
}
}
What is setEntry doing??
Are we saving private key through fileoutputstream ??If it is true where is the password for the file???
What is the extention of the file??Is it .jks??
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
Java 密钥库是加密对象的容器。它可以包含对称密钥、私钥和证书。
setEntry()方法向密钥库添加另一个条目。在您的情况下,它会向密钥存储添加一个由“secretKeyAlias”标识并受密码保护的对称密钥。如果您想保存私钥,则应该创建一个KeyStore.PrivateKeyEntry。在内存中创建密钥库后,可以将其存储在磁盘上。密钥库有一个
store()-方法,它将密钥库写入Stream。在本例中是一个FileOutputStream。 MAC 也会添加到密钥库中,并受密码保护。在您的情况下,密码与上面使用的密码相同,但这不是必需的。Java 密钥库的通常扩展名是 .jks,但您的代码只是将其存储在名为“newKeyStoreName”的文件中。
A Java keystore is a container for cryptographic objects. It can contain symmetric keys, private keys and certificates. The
setEntry()method adds another entry to the keystore. In your case it adds a symmetric key identified by "secretKeyAlias" with protected by a password to the key store. If you wanted to save a private key, you should have created aKeyStore.PrivateKeyEntryinstead.After you have created a keystore in memory, you can store it on the disk. The keystore has a
store()-method, which writes the keystore to aStream. In this case aFileOutputStream. A MAC is also added to the keystore, protected by a password. In your case the password is the same as the one used above, but that is not necessary.The usual extension for a Java keystore is .jks, but your code just stores it in a file named "newKeyStoreName".