原文:https://www.pixelstech.net/article/1420439432-Different-types-of-keystore-in-Java----JCEKS
轉載:https://www.cnblogs.com/yangchongxing/p/13836850.html
機器翻譯
Different types of keystore in Java -- JCEKS
Java密鑰庫的不同類型 -- JCEKS
JCEKS stands for Java Cryptography Extension KeyStore and it is an alternative keystore format for the Java platform. Storing keys in a KeyStore can be a measure to prevent your encryption keys from being exposed. Java KeyStores securely contain individual certificates and keys that can be referenced by an alias for use in a Java program.
JCEKS(Java Cryptography Extension KeyStore)是Java平台的另一種密鑰庫格式。在密鑰庫中存儲密鑰是防止加密密鑰暴露的一種措施。Java密鑰庫安全地包含單個證書和密鑰,別名可以引用這些證書和密鑰,以便在Java程序中使用。
The process of storing and loading different entries in JCEKS is similar to what JKS does. So please refer to the article Different types of keystore in Java -- JKS. Change the keystore type from JKS to JCEKS accordingly when calling KeyStore.getInstance().
在JCEKS中存儲和加載不同條目的過程與JKS類似。因此請參閱文章《Java密鑰庫的不同類型 -- JKS》。調用KeyStore.getInstance()時相應地將密鑰庫類型從JKS更改為JCEK。
In this post, we will only cover the process of storing secret keys in JCEKS keystore. The secret key entry will be sealed and stored in the keystore to protect the key data. Please provide a strong password when storing the entry into the keystore.
在本文中,我們將只討論在JCEKS密鑰庫中存儲密鑰的過程。密鑰項將被密封並存儲在密鑰庫中,以保護密鑰數據。請在將條目存儲到密鑰庫中時提供一個強密碼。
Store secret key
存儲密鑰
The secret key can be stored in JCEKS keystore with below code.
密鑰可以用下面的代碼存儲在JCEKS密鑰庫中。
try{ KeyStore keyStore = KeyStore.getInstance("JCEKS"); keyStore.load(null, null); KeyGenerator keyGen = KeyGenerator.getInstance("DES"); keyGen.init(56);; Key key = keyGen.generateKey(); keyStore.setKeyEntry("secret", key, "password".toCharArray(), null); keyStore.store(new FileOutputStream("output.jceks"), "password".toCharArray()); } catch (Exception ex) { ex.printStackTrace(); }
Load secret key
加載密鑰
The stored secret key can be extracted from JCEKS keystore in Java. The extracted key can be used to encrypt/decrypt data as normal.
存儲的密鑰可以從Java的JCEKS密鑰庫中提取。提取的密鑰可用於加密/解密數據。
try{ KeyStore keyStore = KeyStore.getInstance("JCEKS"); keyStore.load(new FileInputStream("output.jceks"), "password".toCharArray()); Key key = keyStore.getKey("secret", "password".toCharArray()); System.out.println(key.toString()); } catch (Exception ex) { ex.printStackTrace(); }