Java Cryptography - Storing keys

最新推荐文章于 2024-08-18 19:01:36 发布
转载 最新推荐文章于 2024-08-18 19:01:36 发布 · 130 阅读 · 0 ·
CC 4.0 BY-SA版权
原文链接:https://www.tutorialspoint.com/java_cryptography/java_cryptography_storing_keys.htm

本文详细介绍了如何使用Java安全包中的KeyStore类来管理密钥库,包括创建、加载密钥库对象,生成和存储秘钥,以及将秘钥条目设置到密钥库中。通过具体步骤和示例代码,帮助读者理解密钥库的使用方法。

The Keys and certificates used/generated are stored in a data base called as keystore. By default this database is stored in a file named .keystore.You can access the contents of this database using the KeyStore class of the java.security package. This manages three different entries namely, PrivateKeyEntry, SecretKeyEntry, TrustedCertificateEntry.PrivateKeyEntrySecretKeyEntryTrustedCertificateEntryStoring a Key in keystoreIn this section, we will learn how to store a key in a keystore. To store a key in the keystore, follow the steps given below.Step 1: Create a KeyStore objectThe getInstance() method of the KeyStore class of the java.security package accepts a string value representing the type of the keystore and returns a KeyStore object.Create an object of the KeyStore class using the getInstance() method as shown below.//Creating the KeyStore object
KeyStore keyStore = KeyStore.getInstance(“JCEKS”);
Step 2: Load the KeyStore objectThe load() method of the KeyStore class accepts a FileInputStream object representing the keystore file and a String parameter specifying the password of the KeyStore.In general, the KeyStore is stored in the file named cacerts, in the location C:/Program Files/Java/jre1.8.0_101/lib/security/ and its default password is changeit, load it using the load() method as shown below.//Loading the KeyStore object
char[] password = “changeit”.toCharArray();
String path = “C:/Program Files/Java/jre1.8.0_101/lib/security/cacerts”;
java.io.FileInputStream fis = new FileInputStream(path);
keyStore.load(fis, password);
Step 3: Create the KeyStore.ProtectionParameter objectInstantiate the KeyStore.ProtectionParameter as shown below.//Creating the KeyStore.ProtectionParameter object
KeyStore.ProtectionParameter protectionParam = new KeyStore.PasswordProtection(password);
Step 4: Create a SecretKey objectCreate the SecretKey (interface) object by instantiating its Sub class SecretKeySpec. While instantiating you need to pass password and algorithm as parameters to its constructor as shown below.//Creating SecretKey object
SecretKey mySecretKey = new SecretKeySpec(new String(keyPassword).getBytes(), “DSA”);
Step 5: Create a SecretKeyEntry objectCreate an object of the SecretKeyEntry class by passing the SecretKey object created in the above step as shown below.//Creating SecretKeyEntry object
KeyStore.SecretKeyEntry secretKeyEntry = new KeyStore.SecretKeyEntry(mySecretKey);
Step 6: Set an entry to the KeyStoreThe setEntry() method of the KeyStore class accepts a String parameter representing the keystore entry alias, a SecretKeyEntry object, a ProtectionParameter object and, stores the entry under the given alias.Set the entry to the keystore using the setEntry() method as shown below.//Set the entry to the keystore
keyStore.setEntry(“secretKeyAlias”, secretKeyEntry, protectionParam);
ExampleThe following example stores keys into the keystore existing in the “cacerts” file (windows 10 operating system).import java.io.FileInputStream;
import java.security.KeyStore;

import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

public class StoringIntoKeyStore{
public static void main(String args[]) throws Exception {
//Creating the KeyStore object
KeyStore keyStore = KeyStore.getInstance(“JCEKS”);

  //Loading the KeyStore object
  char[] password = "changeit".toCharArray();
  String path = "C:/Program Files/Java/jre1.8.0_101/lib/security/cacerts";
  java.io.FileInputStream fis = new FileInputStream(path);
  keyStore.load(fis, password);
  
  //Creating the KeyStore.ProtectionParameter object
  KeyStore.ProtectionParameter protectionParam = new KeyStore.PasswordProtection(password);

  //Creating SecretKey object
  SecretKey mySecretKey = new SecretKeySpec("myPassword".getBytes(), "DSA");
  
  //Creating SecretKeyEntry object
  KeyStore.SecretKeyEntry secretKeyEntry = new KeyStore.SecretKeyEntry(mySecretKey);
  keyStore.setEntry("secretKeyAlias", secretKeyEntry, protectionParam);

  //Storing the KeyStore object
  java.io.FileOutputStream fos = null;
  fos = new java.io.FileOutputStream("newKeyStoreName");
  keyStore.store(fos, password);
  System.out.println("data stored");

}
}OutputThe above program generates the following output −System.out.println(“data stored”);

michaelforgood
关注
无涯教程-Java加密 - 存储密钥
无涯教程
12-28 941
使用/生成的密钥和证书存储在称为密钥库的数据库中。默认情况下,此数据库存储在名为.keystore的文件中。您可以使用 java.security 包的 KeyStore 类访问此数据库的内容。
2. PKI - 语法[ASN.1]、规范[PKCS、X.509]、编码[DER、PEM]
ttyy1112的专栏
07-02 1933
PKI - RSA密钥文件的数据结构及编码ASN.1 - Abstract Syntax Notation One密钥数据结构(文件格式)PKCSPKCS#1X.509密钥编码ASN.1相关编码PEM编码密钥文件后缀参考 上节我们介绍了RSA的诞生和密钥对的生成,其中生成的密钥均是以PEM编码展示和存储的,那么这些密钥文件究竟都包含了哪些内容、都是以什么格式进行存储的呢。本节将介绍ASN.1,PKCS, X.509, DER, PEM等概念以及他们之间的关系。然后对密钥文件或证书文件的后缀做一些简单的介绍。
Cryptography:实现各种类型的加密和解密密码的Java程序
05-15
密码学 实现各种类型的加密和解密密码的Java程序
cryptography:Java加密仿真器(密码库实现)
05-25
密码学 Java加密仿真器(密码库实现) 请阅读以下内容以获取文档: :
Java Cryptography pdf
12-08
OReilly - Java Cryptography.pdf
Java Cryptography
来啊 快活啊
03-12 1008
Arch JCA:Java Cryptography Architecture,Java加密体系结构 JCE:Java Cryptography Extendsion,Java加密扩展包 JSSE:Java Secure Sockets Extendsion,Java安全套接字扩展包 JAAS:Java Authentication And Authentication Service,Ja...
04-10 13:16:58.398 13302 13302 V BaseInputConnection: Cryptographic techniques include encryption (converting data into an unreadable format), decryption (converting encrypted data back to its original form), digital signatures (verifying the authenticity of data), and key management (securely storing and distributing keys). : 4e83fff java.lang.Object (317-590) fl=#33 04-10 13:16:58.398 13302 13302 V BaseInputConnection: Cryptography is the practice of securing information and communications through the use of codes, ensuring only authorized parties can understand the data.
最新发布
04-19
`I/KeyManager: Rotating keys (last rotation: 2024-04-10)` 2. **密钥存储异常检测** - 高风险日志模式: ```logcat W/KeyStore: Using software-backed key for sensitive operation # 应使用硬件支持密钥...
HMAC算法
zhu4674548的专栏
10-03 1410
RFC 2104 - HMAC: Keyed-Hashing for Message Authentication 前言: 【1】“message authentication codes” (MAC) 【2】“hash-based message authentication codes” (HMAC) HMAC: Keyed-Hashing for Message Authentication...
golang将pkcs1格式的公钥转换为pkcs8格式的公钥
csdn闻声即知人的博客
12-23 2199
前言 在工作中遇到golang编写的sdk作为客户端,java语言编写程序作为服务器端的情况,需要使用go生成一个RSA公钥发送给服务器端,此公钥用于加密某些消息,使用的是RSAOAEP的相关算法,该具体算法包含了两次哈希函数,建议都采用sha256作为哈希的函数。具体互通方法我会在后续博客中更新。此文主要介绍将pkcs1格式的公钥转成pkcs8格式公钥的方法。 密钥格式 下表为常见的密码学术语: Term Definition PKI Public Key Cryptography. Pu
Cryptography:Java中的一些加密功能
05-05
密码学 Java中的SHA-1实现(已通过此测试向量进行了测试) ECDSA在Java中的实现(已通过此测试向量进行了测试)
Art of Cryptography in Java
silverend的专栏
04-19 146
Art of Cryptography in Java Agenda: JCA, JCE, JSSE Java Key engine classes JDK APIs SSL HandShake Functional access between Portal & Clients
javaJava Cryptography Extension (JCE)
u011144881的博客
08-18 764
【代码】【javaJava Cryptography Extension (JCE)
Java Cryptography - 快速指南
qq_44905426的博客
05-08 609
打破密文的艺术和科学被称为密码分析。密码分析是密码学的姐妹分支,它们共存。加密过程产生用于传输或存储的密文。它涉及密码机制的研究,旨在打破它们。在设计新的加密技术时也使用密码分析来测试它们的安全性。您可以使用digest()方法生成消息摘要,MessageDigest 类此方法计算当前对象的散列函数,并以字节数组的形式返回消息摘要。使用摘要方法生成消息摘要。
poj2109 Power of Cryptography(java)
萝卜@兔子的专栏
08-19 336
package test;import java.util.Scanner;/**问题请参考http://poj.org/problem?id=2109 * @author rayli * @date:2014-7-22 下午2:04:08 * 题意 :求一个整数k,使得k满足k^n=p * */public class PowerCryptography {    boolean Binarys
java cryptography_Java密码体系结构简介:Java Cryptography Architecture (JCA) Reference Guide...
weixin_35644506的博客
02-13 590
来自Java官方的文档,作备忘使用。简介:Java平台非常强调安全性,包括语言安全,密码学,公钥基础设施,认证,安全通信和访问控制。JCA是平台的一个主要部分,包含一个“提供者”体系结构和一组用于数字签名,消息摘要(哈希),证书和证书验证,加密(对称/非对称块/流密码),密钥生成管理和安全随机数生成等等。这些API允许开发人员将安全性轻松集成到应用程序代码中。这个架构是围绕以下原则设计的:实现独立...
Cryptography
人生的意義在於修煉!修煉之路~
06-27 138
    A signature provides two security services, authentication and integrity. A signature gives you assurance that a message has not been tampered with and that it originated from a certain pe...
HTTPS之密钥知识与密钥工具Keytool和Keystore-Explorer
词语大杂烩
04-27 737
1 简介 之前文章《Springboot整合https原来这么简单》讲解过一些基础的密码学知识和Springboot整合HTTPS。本文将更深入讲解密钥知识和密钥工具。 2 密钥知识-非对称加密 这部分知识非常重要,理解了关键的密钥知识,才能更好地在工作中去使用。需要注意的是,讲的主要是非对称加密的知识,对称加密比较好理解,就不讲述了。 (1)对于非对称加密,密钥分为私钥(private key)...
java JCE 不限密钥长度解决办法
12-10 5726
(翻墙)转自http://opensourceforgeeks.blogspot.com/2014/09/how-to-install-java-cryptography.html 另外,在StackOverflow上也有相关讨论,并提供了反射实现代码 https://stackoverflow.com/questions/25959948/local-policy-jar-and-us-ex...
探索Cryptography-master的密码学技术
根据给定的文件信息,您提供的文件似乎是一个名为"Cryptography-master.zip"的压缩包。然而,标题和描述提供的信息相同,且标签和压缩包文件名称列表的名称也相同。在这种情况下,我们可以推断该压缩包可能包含了...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值