I'm using this code to store a key into a KeyStore in an Android App:
SecretKeyFactory kf = SecretKeyFactory.getInstance("DES");
DESKeySpec keySpec = new DESKeySpec(key); // byte[] key
SecretKey skey = kf.generateSecret(keySpec);
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, "ksPassword".toCharArray());
PasswordProtection pass = new PasswordProtection(
"entryPassword".toCharArray());
KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(skey);
ks.setEntry("keyAlias", skEntry, pass);
FileOutputStream fos = ctx.getApplicationContext().openFileOutput("bs.keystore",
Context.MODE_PRIVATE);
ks.store(fos, ksPassword);
fos.close();
Then, in another method, I use this code to retrieve the key I stored,
FileInputStream fis = ctx.getApplicationContext().openFileInput("bs.keystore");
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(fis, "ksPassword".toCharArray());
Key k = (SecretKey) ks.getKey(keyAlias, "entryPassword".toCharArray());
fis.close();
but the instruction ks.getKey("keyAlias", "entryPassword".toCharArray())
returns null.
Where am I wrong?
Ok, I finally understood the problem...
I used the method to store more than a key in the keystore. Using the code ks.load(null, "ksPassword".toCharArray());
the previous key was erased each time (because loading an empty keystore) and only the last one was stored on the keystore.
So the correct code is:
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
try {
FileInputStream fis = ctx.getApplicationContext().openFileInput("bs.keystore");
ks.load(fis, ksPassword);
} catch(FileNotFoundException e) {
ks.load(null, ksPassword);
}
The first time that the method is executed the file bs.keystore does not exist, so the code in the catch block is executed. Instead in the next calls the file exists and the new key is added to the keystore.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With