java - 无法从java中的密钥库加载私钥
问题描述
我正在使用以下命令生成密钥库+密钥对:
keytool -genkeypair -keyalg RSA -alias zik -keypass blabla -keystore TESTKeystore -storepass 123456 -storetype pkcs12
然后,我尝试在 Java 中加载私钥:
char[] password = "123456".toCharArray();
String alias = "zik";
FileInputStream fIn = new FileInputStream("TESTKeystore");
KeyStore keystore = KeyStore.getInstance("pkcs12");
keystore.load(fIn, password);
Key k = keystore.getKey("zik", "blabla".toCharArray());
引发此错误:
Exception in thread "main" java.security.UnrecoverableKeyException: Get Key failed: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:454)
at java.base/sun.security.util.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:90)
at java.base/java.security.KeyStore.getKey(KeyStore.java:1050)
at Main.main(Main.java:164)
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
at java.base/com.sun.crypto.provider.CipherCore.unpad(CipherCore.java:975)
at java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1056)
at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853)
at java.base/com.sun.crypto.provider.PKCS12PBECipherCore.implDoFinal(PKCS12PBECipherCore.java:408)
at java.base/com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede.engineDoFinal(PKCS12PBECipherCore.java:440)
at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2208)
at java.base/sun.security.pkcs12.PKCS12KeyStore.lambda$engineGetKey$0(PKCS12KeyStore.java:398)
at java.base/sun.security.pkcs12.PKCS12KeyStore$RetryWithZero.run(PKCS12KeyStore.java:287)
at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:392)
这么简单的任务。我在这里想念什么?
解决方案
您正在指定 2 个别名,因此请删除一个(personA)。
keytool -genkeypair -keyalg RSA -alias zik -keypass blabla -keystore
TESTKeystore -storepass 123456 -storetype pkcs12
尝试这个
char[] password = "123456".toCharArray();
String alias = "zik";
FileInputStream fIn = new FileInputStream("TESTKeystore");
KeyStore keystore = KeyStore.getInstance("pkcs12");
keystore.load(fIn, password);
Key k = keystore.getKey(alias, "blabla".toCharArray()); //load alias here
推荐阅读
- push-notification - 如何在单个 api 调用中向多个应用程序发送推送通知
- html - 当我将此 HTML 文件上传到标记验证服务时,我收到以下指定的两个错误
- python - 工作命令不会向用户的钱包充值
- c# - C# Microsoft.CodeAnalysis 中的 System.IntPtr 和 nint
- javascript - 如何在苹果登录时让网页受信任。尝试登录时获取“isTrusted”:错误
- firebase - 找不到 com.google.firebase:firebase-ml-vision
- python - 在 Python 3.9 Ursina 代码中遇到问题。“已知管道类型:wglGraphicsPipe(3 个辅助显示模块尚未加载。)尝试使用纹理时”
- typescript - 当我将数据集应用于 event.target 时,类型“EventTarget”上不存在属性“数据集”
- huawei-mobile-services - 使用华为 GameTurbo 引擎 API updateGameAppInfo() 的问题
- dompdf - Dompdf set_opacity 'Multiply' 仅适用于第一页和最后一页