Java密钥库的不同类型 -- JCEKS

原文：https://www.pixelstech.net/article/1420439432-Different-types-of-keystore-in-Java----JCEKS

转载：https://www.cnblogs.com/yangchongxing/p/13836850.html

机器翻译

Different types of keystore in Java -- JCEKS

Java密钥库的不同类型 -- JCEKS

JCEKS stands for Java Cryptography Extension KeyStore and it is an alternative keystore format for the Java platform. Storing keys in a KeyStore can be a measure to prevent your encryption keys from being exposed. Java KeyStores securely contain individual certificates and keys that can be referenced by an alias for use in a Java program.

JCEKS(Java Cryptography Extension KeyStore)是Java平台的另一种密钥库格式。在密钥库中存储密钥是防止加密密钥暴露的一种措施。Java密钥库安全地包含单个证书和密钥，别名可以引用这些证书和密钥，以便在Java程序中使用。

The process of storing and loading different entries in JCEKS is similar to what JKS does. So please refer to the article Different types of keystore in Java -- JKS. Change the keystore type from JKS to JCEKS accordingly when calling KeyStore.getInstance().

在JCEKS中存储和加载不同条目的过程与JKS类似。因此请参阅文章《Java密钥库的不同类型 -- JKS》。调用KeyStore.getInstance()时相应地将密钥库类型从JKS更改为JCEK。

In this post, we will only cover the process of storing secret keys in JCEKS keystore. The secret key entry will be sealed and stored in the keystore to protect the key data. Please provide a strong password when storing the entry into the keystore.

在本文中，我们将只讨论在JCEKS密钥库中存储密钥的过程。密钥项将被密封并存储在密钥库中，以保护密钥数据。请在将条目存储到密钥库中时提供一个强密码。

Store secret key

存储密钥

The secret key can be stored in JCEKS keystore with below code.

密钥可以用下面的代码存储在JCEKS密钥库中。

try{
    KeyStore keyStore = KeyStore.getInstance("JCEKS");
    keyStore.load(null, null);
     
    KeyGenerator keyGen = KeyGenerator.getInstance("DES");
    keyGen.init(56);;
    Key key = keyGen.generateKey();
     
    keyStore.setKeyEntry("secret", key, "password".toCharArray(), null);
     
    keyStore.store(new FileOutputStream("output.jceks"), "password".toCharArray());
} catch (Exception ex) {
    ex.printStackTrace();
}

Load secret key

加载密钥

The stored secret key can be extracted from JCEKS keystore in Java. The extracted key can be used to encrypt/decrypt data as normal.

存储的密钥可以从Java的JCEKS密钥库中提取。提取的密钥可用于加密/解密数据。

try{
    KeyStore keyStore = KeyStore.getInstance("JCEKS");
    keyStore.load(new FileInputStream("output.jceks"), "password".toCharArray());
     
    Key key = keyStore.getKey("secret", "password".toCharArray());
     
    System.out.println(key.toString());
} catch (Exception ex) {
    ex.printStackTrace();
}