Today's Question:  What's your opinion about Alibaba mooncake incident?        GIVE A SHOUT

Technical Article => Programming =>  Java

Different types of keystore in Java -- JCEKS

  Pi Ke      2015-01-05 00:30:56      11,973    0    1

JCEKS stands for Java Cryptography Extension KeyStore and it is an alternative keystore format for the Java platform. Storing keys in a KeyStore can be a measure to prevent your encryption keys from being exposed. Java KeyStores securely contain individual certificates and keys that can be referenced by an alias for use in a Java program.

The process of storing and loading different entries in JCEKS is similar to what JKS does. So please refer to the article Different types of keystore in Java -- JKS. Change the keystore type from JKS to JCEKS accordingly when calling KeyStore.getInstance().

In this post, we will only cover the process of storing secret keys in JCEKS keystore. The secret key entry will be sealed and stored in the keystore to protect the key data. Please provide a strong password when storing the entry into the keystore.

Store secret key

The secret key can be stored in JCEKS keystore with below code.

try{
	KeyStore keyStore = KeyStore.getInstance("JCEKS");
	keyStore.load(null, null);
	
	KeyGenerator keyGen = KeyGenerator.getInstance("DES");
	keyGen.init(56);;
	Key key = keyGen.generateKey();
	
	keyStore.setKeyEntry("secret", key, "password".toCharArray(), null);
	
	keyStore.store(new FileOutputStream("output.jceks"), "password".toCharArray());
} catch (Exception ex) {
	ex.printStackTrace();
}

Load secret key

The stored secret key can be extracted from JCEKS keystore in Java. The extracted key can be used to encrypt/decrypt data as normal.

try{
	KeyStore keyStore = KeyStore.getInstance("JCEKS");
	keyStore.load(new FileInputStream("output.jceks"), "password".toCharArray());
	
	Key key = keyStore.getKey("secret", "password".toCharArray());
	
	System.out.println(key.toString());
} catch (Exception ex) {
	ex.printStackTrace();
}

The output is :

javax.crypto.spec.SecretKeySpec@fffe7b9b

For the different types of keystores, please refer to Different types of keystore in Java -- Overview.

JAVA TUTORIAL KEYSTORE JCEKS

  SAVE AS PDF   MARK AS READ   MARK AS IMPORTANT

  RELATED


  0 COMMENT


No comment for this article.


  WRITE ARTICLE

Texting in class

By sonic0002
How to send SMS safely in class. New skill get