从文件实例化JavaKeyStore时遇到问题
我正在尝试使用从文件实例化JavaKeyStore时遇到问题,java,security,cryptography,keystore,jks,Java,Security,Cryptography,Keystore,Jks,我正在尝试使用org.apache.ws.security.components.crypto.Merlin方法获取org.apache.ws.security.components.crypto.CryptoFactory的实例,特别是CryptoFactory.getInstance(properties)方法 这将始终如一地抛出 java.lang.RuntimeException:org.apache.ws.security.components.crypto.Merlin无法创建实例
org.apache.ws.security.components.crypto.Merlin
方法获取org.apache.ws.security.components.crypto.CryptoFactory
的实例,特别是CryptoFactory.getInstance(properties)
方法
这将始终如一地抛出
java.lang.RuntimeException:org.apache.ws.security.components.crypto.Merlin无法创建实例
这实际上是由
java.security.UnrecoverableKeyException:密码验证失败
密钥库文件上的密码已通过命令行上的keytool进行检查,并且是正确的
密钥库通过以下过程生成:
它位于eclipse项目的根目录中
试验应用如下:
public class App {
public static void main(String[] args) throws CredentialException,
IOException {
System.out.println("Starting");
Properties p = new Properties();
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
"password");
p.setProperty("org.apache.ws.security.crypto.provider",
"org.apache.ws.security.components.crypto.Merlin");
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.type",
"jks");
p.setProperty("org.apache.ws.security.crypto.merlin.file", "./testkeystore.jks");
Crypto crypto = CryptoFactory.getInstance(p);
System.out.println(" Complete ");
}
}
并生成以下异常:
Exception in thread "main" java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin cannot create instance
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:225)
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:180)
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:73)
at com.restart.test.cryptotest2.App.main(App.java:22)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:211)
... 3 more
Caused by: org.apache.ws.security.components.crypto.CredentialException: Failed to load credentials.
at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:174)
at org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractCrypto.java:135)
at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:71)
... 8 more
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
at java.security.KeyStore.load(KeyStore.java:1214)
at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:168)
... 10 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
... 13 more
我认为你的问题与图书馆有关,因为stacktrace说 “org.apache.ws.security.components.crypto.Merlin无法创建实例”
这意味着您没有(o版本不正确)WSS4J库。在阅读了用户的评论后,我根据不同版本的JDK/JRE构建了它,并且成功了,在下载rt.java的源代码并逐步执行之后,我发现CryptoBase类实例化了两个JavaKeyStore,第一个是(是my.jks文件)实例化得很好,但第二个是
jre\lib\security>
中的cacerts
密钥库,它没有导致故障的默认密码changeit
我现在已经更改了jre密钥库上的密码,我在原始jre/jdk中工作得很好。只需使用Oracle jdk 1.6重复您的步骤,它就可以正常工作。可能您的密码不正确,或者您试图打开不同的密钥库?请尝试重新创建它并将绝对路径设置为密钥库。
<dependency>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
<version>1.5.8</version>
<scope>provided</scope>
</dependency>