storing SecretKey in keystore

Discussion in 'Java' started by jimgardener, Jun 19, 2008.

  1. jimgardener

    jimgardener Guest

    hi
    i created a keystore as below

    public static void makeKeyStore(){
    try{
    KeyStore ks=KeyStore.getInstance(KeyStore.getDefaultType());

    ks.load(null,"".toCharArray());
    FileOutputStream ksout=new FileOutputStream("myks.keystore");
    char[] password = new char[] {'m','y','n','a','m','e'};
    ks.store(ksout, password);
    Arrays. fill(password, '\u0000' ) ;

    }
    catch(Exception e){
    e.printStackTrace();
    }

    }

    then i tried to store a generated key using an alias

    public static void putEntriestoKS(){
    try{
    KeyStore ks=KeyStore.getInstance(KeyStore.getDefaultType());;
    FileInputStream fin=new FileInputStream("myks.keystore");
    char[] password = new char[] {'m','y','n','a','m','e'};
    ks.load(fin,password);
    FileOutputStream fout=new FileOutputStream("myks.keystore");
    KeyGenerator kg=KeyGenerator.getInstance("AES");
    SecretKey skey=kg.generateKey();
    ks.setKeyEntry("mysecretkey", skey, password,null);
    ks.store(fout,password);
    Arrays.fill(password,'\u0000');

    }
    catch(Exception e){
    e.printStackTrace();
    }
    }



    when i run this i am getting a java.security.KeyStoreException: Cannot
    store non-PrivateKeys
    How then can i store SecretKey ?Do i have to use another provider?can
    someone explain?
    thanks
    Jim
     
    jimgardener, Jun 19, 2008
    #1
    1. Advertising

  2. jimgardener

    Roedy Green Guest

    On Thu, 19 Jun 2008 07:08:12 -0700 (PDT), jimgardener
    <> wrote, quoted or indirectly quoted someone who
    said :

    >when i run this i am getting a java.security.KeyStoreException: Cannot
    >store non-PrivateKeys
    >How then can i store SecretKey ?Do i have to use another provider?can
    >someone explain?
    >thanks


    You can extract the raw key bytes and store that. However it is then
    totally unprotected. When you store things in a keystore, they have an
    additional layer of encryption.

    Just guessing here, but perhaps the problem surrounds providing a
    password for the keystore file.

    You might experiment creating the keystore with keytool and adding
    your key to it rather than trying to create a keystore out of thin
    air.

    see http://mindprod.com/jgloss/keytool.html
    --

    Roedy Green Canadian Mind Products
    The Java Glossary
    http://mindprod.com
     
    Roedy Green, Jun 20, 2008
    #2
    1. Advertising

  3. jimgardener

    Guest

    On Jun 20, 9:03 pm, Roedy Green <>
    wrote:
    > On Thu, 19 Jun 2008 07:08:12 -0700 (PDT), jimgardener
    > <> wrote, quoted or indirectly quoted someone who
    > said :
    >
    > >when i run this i am getting a java.security.KeyStoreException: Cannot
    > >store non-PrivateKeys
    > >How then can  i store SecretKey ?Do i have to use another provider?can
    > >someone explain?
    > >thanks

    >
    > You can extract the raw key bytes and store that.  However it is then
    > totally unprotected. When you store things in a keystore, they have an
    > additional layer of encryption.
    >
    > Just guessing here, but perhaps the problem surrounds providing a
    > password for the keystore file.
    >
    > You might experiment creating the keystore with keytool and adding
    > your key to it rather than trying to create a keystore out of thin
    > air.
    >
    > seehttp://mindprod.com/jgloss/keytool.html
    > --
    >
    > Roedy Green Canadian Mind Products
    > The Java Glossaryhttp://mindprod.com


    This error normally comes up when you have not specified the keystore
    type as JCEKS. The default value is JKS but Secret Keys require JCEKS
    so you have to explicitly specify that.

    -- SD
     
    , Jun 25, 2008
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John Salvo
    Replies:
    3
    Views:
    4,854
    John Salvo
    Sep 9, 2003
  2. Andrew Thompson
    Replies:
    5
    Views:
    9,358
    Andrew Thompson
    Dec 12, 2003
  3. Rogue Chameleon

    KeyStore and PublicKey

    Rogue Chameleon, Sep 27, 2004, in forum: Java
    Replies:
    3
    Views:
    417
    Sudsy
    Sep 27, 2004
  4. Fritz Bayer

    Hardcode keystore into java program

    Fritz Bayer, Oct 24, 2004, in forum: Java
    Replies:
    1
    Views:
    1,289
    Rogan Dawes
    Oct 25, 2004
  5. David Segall

    How and where to store a SecretKey

    David Segall, Jan 26, 2008, in forum: Java
    Replies:
    3
    Views:
    468
    Roedy Green
    Jan 27, 2008
Loading...

Share This Page