[英]Can not serialize AndroidKeyStore to OutputStream
I'm trying to save an Android KeyStore
object into a file in order to use the generated private key later.我正在尝试将 Android KeyStore
对象保存到文件中,以便稍后使用生成的私钥。 I need to do this because once the app is exited, the private key is erased.我需要这样做,因为一旦退出应用程序,私钥就会被删除。 To do this, I'm writing a KeyStore
object into an output stream as per this and this example.要做到这一点,我正在写一个KeyStore
对象到输出流中按这个和这个例子。 However, when I attempt to do so, I get the following error:但是,当我尝试这样做时,出现以下错误:
java.lang.UnsupportedOperationException: Can not serialize AndroidKeyStore to OutputStream java.lang.UnsupportedOperationException:无法将 AndroidKeyStore 序列化为 OutputStream
It occurs at mKeyStore.store(keyStoreOutputStream, keyStorePassword);
它发生在mKeyStore.store(keyStoreOutputStream, keyStorePassword);
mKeyStore = KeyStore.getInstance("AndroidKeyStore");
mSignature = Signature.getInstance("SHA256withECDSA");
mKeyStore.load(null);
// Generate private key
PrivateKey key = (PrivateKey) mKeyStore.getKey(KEY_NAME, null);
Certificate [] cert = mKeyStore.getCertificateChain(KEY_NAME);
char[] keyStorePassword = null;
// Store private key into mKeyStore
mKeyStore.setKeyEntry(KEY_NAME, key, null, cert);
// Save mKeyStore to outputstream
String filepath = activity.getFilesDir().getPath().toString() + "/keystore.ks";
try (FileOutputStream keyStoreOutputStream = new FileOutputStream(filepath)) {
mKeyStore.store(keyStoreOutputStream, keyStorePassword);
}
mSignature.initSign(key);
Is this the best way to store my KeyStore
object for later use?这是存储我的KeyStore
对象以备后用的最佳方式吗? If so, how can I go about fixing the Can not serialize AndroidKeyStore to OutputStream
error?如果是这样,我该如何解决Can not serialize AndroidKeyStore to OutputStream
错误?
Thanks.谢谢。
KeyStore.getInstance("AndroidKeyStore");
returns an AndroidKeyStore object. 返回一个AndroidKeyStore对象。 You can see here that in older versions of Android, AndroidKeyStore.store
simply throws the exception you are talking about. 您可以在此处看到,在旧版Android中, AndroidKeyStore.store
只会引发您正在谈论的异常。
@Override
public void engineStore(OutputStream stream, char[] password) throws IOException,
NoSuchAlgorithmException, CertificateException {
throw new UnsupportedOperationException("Can not serialize AndroidKeyStore to OutputStream");
}
My recommendation is to simply use KeyStore.getInstance(KeyStore.getDefaultType())
我的建议是简单地使用KeyStore.getInstance(KeyStore.getDefaultType())
Android KeyStore
is not the same as AndroidKeyStore
. Android KeyStore
与AndroidKeyStore
。
AndroidKeyStore
is an Android component that can be used to securely generate and store your keys. AndroidKeyStore
是一个Android组件,可用于安全地生成和存储您的密钥。 See https://developer.android.com/training/articles/keystore 参见https://developer.android.com/training/articles/keystore
The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. Android Keystore系统允许您将加密密钥存储在容器中,从而使从设备中提取更加困难。 Once keys are in the keystore, they can be used for cryptographic operations with the key material remaining non-exportable. 一旦密钥存在于密钥库中,它们就可以用于加密操作,密钥材料仍然是不可导出的。
The keys are persistent. 密钥是持久的。 Any key generarated into AndroidKeyStore
will be present after application restart. 重新启动应用程序后,将生成任何生成到AndroidKeyStore
密钥。 This is the recommended way to store your keys 这是存储密钥的推荐方法
Note that the keys are non-extractable. 请注意,密钥是不可提取的。 If you need to export the private key in some way, you will need to use an standard keystore file, not AndroidKeystore 如果需要以某种方式导出私钥,则需要使用标准密钥库文件,而不是AndroidKeystore
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.