0
我創建了一個KeyStore來保存Web服務器中的一組私鑰。創建KeyStore.jks文件後,我成功添加私鑰並從密鑰存儲中檢索它。但是,當我嘗試添加新密鑰時,我在KeyStore.load(...)中獲得了EOFException。在setPrivateKey(...)發生在keyStore.load(...)上,該方法被調用額外的私鑰添加到密鑰存儲的第二次獲取條目後KeyStore EOFException
public void setPrivateKey(String deviceSerialNumber, PrivateKey priv) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, InvalidKeySpecException, NotSupportedException {
File privateKeyFile = getFile(Constants.JKS_PRIVATE_FILE_NAME);//Get the KeyStore.jks file
synchronized (privateKeyFile) {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(privateKeyFile), Constants.JKS_PRIVATE_FILE_PASSWORD); //This is where the error happens
FileOutputStream file = null;
try {
file = new FileOutputStream(privateKeyFile);//Get the JKS file with the private keys
//Write the private key to the file
KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(Constants.JKS_PRIVATE_FILE_PASSWORD);
KeyStore.PrivateKeyEntry pke = new KeyStore.PrivateKeyEntry(priv, new Certificate[] { createCertificate() });
keyStore.setEntry(deviceSerialNumber, pke, protParam);
//Save changes to key store file
keyStore.store(file, Constants.JKS_PRIVATE_FILE_PASSWORD);
} finally {
file.close();//Close the private key file output stream
}
}
}
public PrivateKey getPrivateKey(String deviceSerialNumber) throws NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, KeyStoreException, InvalidKeySpecException, NotSupportedException, UnrecoverableEntryException {
PrivateKey key = null;
File privateKeyFile = getFile(Constants.JKS_PRIVATE_FILE_NAME);//Get the keyStore.jks file
synchronized (privateKeyFile) {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(privateKeyFile), Constants.JKS_PRIVATE_FILE_PASSWORD);
FileOutputStream file = null;
try {
file = new FileOutputStream(privateKeyFile);//Get the JKS file with the private keys
//Write the private key to the jks file
boolean isKeyEntry = keyStore.isKeyEntry(deviceSerialNumber);//Check if there is a key with the alias deviceSerialnumber
if (isKeyEntry) {//If the key does exist
System.err.println("Key does exist!!!!1");
KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(Constants.JKS_PRIVATE_FILE_PASSWORD);
KeyStore.PrivateKeyEntry pke = (PrivateKeyEntry) keyStore.getEntry(deviceSerialNumber, protParam);
key = pke.getPrivateKey();
} else {//If the key does not exist
System.err.println("No key!!!!!!!!");
//HANDLE THIS
return null;
}
} finally {
file.close();//Close the private key file output stream
}
}
return key;
}
private Certificate createCertificate() throws CertificateException, IOException {
FileInputStream fis = new FileInputStream(getFile(Constants.CERTIFICATE_FILE));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> c = cf.generateCertificates(fis);
Iterator<? extends Certificate> i = c.iterator();
if (i.hasNext())
return (Certificate) i.next();
else
return null;
}
錯誤。
我產生KeyStore.jks文件和文件server.cer使用密鑰工具
keytool -genkey -alias keyAlias -keyalg RSA -keystore KeyStore.jks -keypass password -storepass password
keytool -export -alias keyAlias -file server.cer -keystore KeyStore.jks -storepass password
難道我做錯了什麼在我店,並從密鑰庫中檢索私有密鑰的方式嗎?如何阻止EOFException發生?
嘗試刪除此行getPrivateKey的:'文件=新的FileOutputStream中(privateKeyFile);'並關閉'FileInputStream'你之前創建的,而不是輸出流 – pedrofb
這並工作。謝謝 – develop1