1. 技术文章
  2. Android : BKS keystore throwing error for connecting to https.

Android : BKS keystore throwing error for connecting to https.

匆匆过客 提交于 2019-12-12 02:53:48

问题


I am working on an Android project in which I am trying to connect to an HTTPS endpoint with an Http client. I checked some links and found out that I have to convert the .keystore file to .bks or bouncy castle. I used Portecle and was able to convert the keystore file to bks. I am getting the following error when I try with the updated keystore file.

Error log :

.059  [main] WARN org.eclipse.jetty.util.component.AbstractLifeCycle - FAILED SslContextFactory@9824b76(null,null): java.security.KeyStoreException: java.security.NoSuchAlgorithmException: KeyStore JKS implementation not found
.059  java.security.KeyStoreException: java.security.NoSuchAlgorithmException: KeyStore JKS implementation not found
.067      at java.security.KeyStore.getInstance(KeyStore.java:119)
.068      at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:52)
.068      at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:871)
.068      at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:273)
.068      at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
.068      at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
.068      at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
.068      at org.eclipse.jetty.client.HttpClient.doStart(HttpClient.java:229)
.068      at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
.068      at myapp.Activity.ConsoleChatClient.performConnection(ConsoleChatClient.java:109)
.069      at myapp.Activity.ConsoleChatClient.onCreate(ConsoleChatClient.java:56)
.069      at android.app.ActivityThread.handleCreateService(ActivityThread.java:2877)
.069      at android.app.ActivityThread.-wrap4(ActivityThread.java)
.069      at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1427)
.069      at android.os.Handler.dispatchMessage(Handler.java:102)
.069      at android.os.Looper.loop(Looper.java:148)
.069      at android.app.ActivityThread.main(ActivityThread.java:5417)
.069      at java.lang.reflect.Method.invoke(Native Method)
.069      at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
.069      at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
.069  Caused by: java.security.NoSuchAlgorithmException: KeyStore JKS implementation not found
.075      at org.apache.harmony.security.fortress.Engine.notFound(Engine.java:190)
.075      at org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:139)
.075      at java.security.KeyStore.getInstance(KeyStore.java:116)
.075    ... 19 more
.075  [main] WARN org.eclipse.jetty.util.component.AbstractLifeCycle - FAILED org.eclipse.jetty.client.HttpClient@f573e38: java.security.KeyStoreException: java.security.NoSuchAlgorithmException: KeyStore JKS implementation not found
.075  java.security.KeyStoreException: java.security.NoSuchAlgorithmException: KeyStore JKS implementation not found
.075      at java.security.KeyStore.getInstance(KeyStore.java:119)
.075      at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:52)
.075      at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:871)
.075      at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:273)
.075      at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
.075      at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
.075      at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
.075      at org.eclipse.jetty.client.HttpClient.doStart(HttpClient.java:229)
.075      at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
.075      at myapp.Activity.ConsoleChatClient.performConnection(ConsoleChatClient.java:109)
.076      at myapp.Activity.ConsoleChatClient.onCreate(ConsoleChatClient.java:56)
.076      at android.app.ActivityThread.handleCreateService(ActivityThread.java:2877)
.076      at android.app.ActivityThread.-wrap4(ActivityThread.java)
.076      at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1427)
.076      at android.os.Handler.dispatchMessage(Handler.java:102)
.076      at android.os.Looper.loop(Looper.java:148)
.076      at android.app.ActivityThread.main(ActivityThread.java:5417)
.076      at java.lang.reflect.Method.invoke(Native Method)
.076      at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
.076      at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
.076  Caused by: java.security.NoSuchAlgorithmException: KeyStore JKS implementation not found
.076      at org.apache.harmony.security.fortress.Engine.notFound(Engine.java:190)
.076      at org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:139)
.076      at java.security.KeyStore.getInstance(KeyStore.java:116)
.076    ... 19 more
.076  java.security.KeyStoreException: java.security.NoSuchAlgorithmException: KeyStore JKS implementation not found
.076      at java.security.KeyStore.getInstance(KeyStore.java:119)
.076      at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:52)
.076      at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:871)
.076      at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:273)
.076      at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
.077      at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
.077      at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
.077      at org.eclipse.jetty.client.HttpClient.doStart(HttpClient.java:229)
.077      at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
.077      at myapp.Activity.ConsoleChatClient.performConnection(ConsoleChatClient.java:109)
.077      at myapp.Activity.ConsoleChatClient.onCreate(ConsoleChatClient.java:56)
.077      at android.app.ActivityThread.handleCreateService(ActivityThread.java:2877)
.077      at android.app.ActivityThread.-wrap4(ActivityThread.java)
.077      at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1427)
.077      at android.os.Handler.dispatchMessage(Handler.java:102)
.077      at android.os.Looper.loop(Looper.java:148)
.077      at android.app.ActivityThread.main(ActivityThread.java:5417)
.077      at java.lang.reflect.Method.invoke(Native Method)
.077      at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
.077      at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
.077  Caused by: java.security.NoSuchAlgorithmException: KeyStore JKS implementation not found
.077      at org.apache.harmony.security.fortress.Engine.notFound(Engine.java:190)
.077      at org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:139)
.077      at java.security.KeyStore.getInstance(KeyStore.java:116)
.077    ... 19 more
.433 7290-7297/myapp W/art: Suspending all threads took: 24.215ms
.725 7290-7360/myapp I/MaliEGL: [Mali]window_type=1, is_framebuffer=0, errnum = 0
.725 7290-7360/myapp I/MaliEGL: [Mali]surface->num_buffers=4, surface->num_frames=3, win_min_undequeued=1
.725 7290-7360/myapp I/MaliEGL: [Mali]max_allowed_dequeued_buffers=3
04-21 10:42:33.849 7290-7301/myapp I/art: Background partial concurrent mark sweep GC freed 2372(599KB) AllocSpace objects, 2(1076KB) LOS objects, 39% free, 14MB/24MB, paused 22.566ms total 40.576ms
04-21 10:42:33.914 7290-7297/myapp W/art: Suspending all threads took: 5.063ms
04-21 10:42:40.786 7290-7336/myapp I/GMPM: Tag Manager is not found and thus will not be used

Code :

SslContextFactory sslContextFactory = new SslContextFactory();
            sslContextFactory.setTrustAll(true);
            sslContextFactory.setEndpointIdentificationAlgorithm("HTTPS");

            InputStream ins = getResources().openRawResource(
                    getResources().getIdentifier("bksdomain",
                            "raw", getPackageName()));
            File file = new File(getCacheDir(), "bksdomain.bks");

            try {
                OutputStream output = new FileOutputStream(file);
                try {
                    try {
                        byte[] buffer = new byte[4 * 1024]; // or other buffer size
                        int read;

                        while ((read = ins.read(buffer)) != -1) {
                            output.write(buffer, 0, read);
                        }
                        output.flush();
                    } finally {
                        output.close();
                    }
                } catch (Exception e) {
                    e.printStackTrace(); // handle exception, define IOException and others
                }
            } finally {
                ins.close();
            }

            Resource keystore = Resource.newResource(file);
  sslContextFactory.setKeyStoreResource(keystore);
            sslContextFactory.setKeyStorePassword("PASSWORD");
            sslContextFactory.setRenegotiationAllowed(true);
            sslContextFactory.setWantClientAuth(false);
            HttpClient localClient = new HttpClient(sslContextFactory);
            localClient.setFollowRedirects(true);
            localClient.start();
}

What am I doing wrong? If any more information is required, kindly let me know. Thank you.


回答1:


Add this: sslContextFactory.setKeyStoreType("BKS");
org.eclipse.jetty.util.ssl.SslContextFactory uses JKS by default, for the keystoreType.




回答2:


I had a similar problem, had to setKeyStoreType("BKS") AND setTrustStoreType("BKS") because I had changed the provider to "BC" which doesn't understand JKS when it tries to default load the default trust store, so watch out for that! Looks like it doesn't solve your problem as your stack trace shows loadKeyStore, mine was failing in the stack trace at loadTrustStore before it even got to loadKeyStore...



来源:https://stackoverflow.com/questions/36764841/android-bks-keystore-throwing-error-for-connecting-to-https

标签
java
android
ssl
bouncycastle
keystore
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!