Java 无法从J2EE容器中的p12加载和存储密钥库
我试图从p12文件加载密钥库,其行为非常不一致,其中keystore.aliases().nextElement()只提供一次正确的别名,而在其他情况下显示CN。在后一种情况下,我无法存储密钥库(使用keystore.store),输出流为空 下面是代码片段。如果我忽略了什么,请告诉我Java 无法从J2EE容器中的p12加载和存储密钥库,java,jakarta-ee,keystore,Java,Jakarta Ee,Keystore,我试图从p12文件加载密钥库,其行为非常不一致,其中keystore.aliases().nextElement()只提供一次正确的别名,而在其他情况下显示CN。在后一种情况下,我无法存储密钥库(使用keystore.store),输出流为空 下面是代码片段。如果我忽略了什么,请告诉我 // the main code where i am facing issue private byte[] generateKeyStoreData(String appName, Map<Strin
// the main code where i am facing issue
private byte[] generateKeyStoreData(String appName, Map<String, String> credentials)
throws ApplicationException {
try {
if (!credentials.containsKey(KEYSTORE)) {
throw new NullPointerException("No keystore provided");
}
if (!credentials.containsKey(KEYSTORE_PASSWORD)) {
throw new NullPointerException("No keystore password provided");
}
String keystoreStr = credentials.get(KEYSTORE);
char[] keystorePass = credentials.get(KEYSTORE_PASSWORD).toCharArray();
// I have printed the base64 string here and tried loading inside a standalone code
and it is working. The method is below
InputStream keystoreIs = base64stringToInputStream(keystoreStr);
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(keystoreIs, keystorePass);
// I printed the keyStore.aliases().nextElement() which returns correct alias "omss"
// but returns CN in cases where it fails.
ByteArrayOutputStream keyStoreOut = new ByteArrayOutputStream();
keyStore.store(keyStoreOut, keystorePass);
// I printed the keystoreOut.toByteArray() and it is empty in failing cases
return keyStoreOut.toByteArray();
} catch (Exception e) {
// exception
}
}
// the conversion code from base64string to bytearrayinputstream
private InputStream base64stringToInputStream(String str) {
byte[] ba = DatatypeConverter.parseBase64Binary(str);
return new ByteArrayInputStream(ba);
}
//--------------------------------------------------------------------
// Below is api which calls the generateKeystore
//-------------------------------------------------------------------
// We get the inputstream from the uploaded p12 file and the below api is called
public void createKeystore(InputStream certFile,
char[] password) {
Util.nullCheck(certFile,
"Certificate File cannot be null or empty");
Util.nullCheck(password, "Password Cannot be null");
try {
// the method is below
byte[] raw = toByteArray(certFile);
// converting to base64 string
String base64encodedString = DatatypeConverter
.printBase64Binary(raw);
//....... we create a map of keystore string and password
// and the call is made to generateKeystore method above
}
catch(Exception e){
}
// the inputstream is converted to bytearray inputstream
private static byte[] toByteArray(InputStream is) throws IOException {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
int reads = is.read();
while (reads != -1) {
baos.write(reads);
reads = is.read();
}
return baos.toByteArray();
}
//我面临问题的主要代码
专用字节[]generateKeyStoreData(字符串appName、映射凭据)
抛出应用程序异常{
试一试{
如果(!credentials.containsKey(密钥库)){
抛出新的NullPointerException(“未提供密钥库”);
}
如果(!credentials.containsKey(密钥库\密码)){
抛出新的NullPointerException(“未提供密钥库密码”);
}
字符串keystorest=credentials.get(KEYSTORE);
char[]keystorePass=credentials.get(KEYSTORE\u PASSWORD).toCharArray();
//我在这里打印了base64字符串,并尝试在独立代码中加载
它正在工作。方法如下
InputStream keystoreIs=base64stringToInputStream(keystRest);
KeyStore KeyStore=KeyStore.getInstance(“PKCS12”);
加载(keystoreIs,keystorePass);
//我打印了keyStore.aliases().nextElement(),它返回正确的别名“omss”
//但在失败的情况下返回CN。
ByteArrayOutputStream keystreOut=新建ByteArrayOutputStream();
keyStore.store(keyStoreOut,keystorePass);
//我打印了keysteOut.toByteArray(),在失败的情况下它是空的
返回keystreOut.toByteArray();
}捕获(例外e){
//例外情况
}
}
//从base64string到bytearrayinputstream的转换代码
私有InputStream base64stringToInputStream(字符串str){
字节[]ba=DatatypeConverter.parseBase64Binary(str);
返回新的ByteArrayInputStream(ba);
}
//--------------------------------------------------------------------
//下面是调用generateKeystore的api
//-------------------------------------------------------------------
//我们从上传的p12文件中获取inputstream,并调用下面的api
public void createKeystore(InputStream证书文件,
字符[]密码){
Util.nullCheck(certFile,
“证书文件不能为null或空”);
Util.nullCheck(密码,“密码不能为空”);
试一试{
//方法如下
字节[]原始=toByteArray(certFile);
//转换为base64字符串
String base64encodedString=DatatypeConverter
.PrintBase64二进制(原始);
//……我们创建密钥库字符串和密码的映射
//并调用上面的generateKeystore方法
}
捕获(例外e){
}
//inputstream被转换为bytearray inputstream
私有静态字节[]toByteArray(InputStream is)引发IOException{
ByteArrayOutputStream bas=新的ByteArrayOutputStream();
int reads=is.read();
while(读取!=-1){
写(读);
reads=is.read();
}
返回baos.toByteArray();
}
看起来keystore.load()并没有在我的j2ee环境中使用“SunJSSE”作为默认的密钥库提供程序,而是使用了oraclepki提供程序。现在我正在加载keystore.load(即“SunJSSE”),它能够正确加载