Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

insert into keystore and Loading key failure.

843811Mar 4 2007 — edited Mar 4 2007
As I decided to migrate my application from 1.4.2 to 1.6, inserting public key with chain of certificate as well as loading the keys from the exiting keystore (created using 1.4.2) is failing. the errors as follows.

While loading from the existing keystore
------------------------------------------------------
java.io.IOException: Unrecognized keystore entry
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:753)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
at java.security.KeyStore.load(KeyStore.java:1185)

While inserting into keystore
---------------------------------------
Exception in thread "main" java.security.KeyStoreException: Cannot store non-PrivateKeys
at sun.security.provider.JavaKeyStore.engineSetKeyEntry(Unknown Source)
at java.security.KeyStore.setKeyEntry(Unknown Source)
at KeyStoreExample.encrypt(KeyStoreExample.java:89)
at KeyStoreExample.main(KeyStoreExample.java:39)

The source code for insert:
--------------------------------- 
              java.security.KeyStore keyStore  = java.security.KeyStore.getInstance("JKS");
                try {
                        java.io.FileInputStream ksStream = new java.io.FileInputStream(keyStoreFile);
                        keyStore.load(ksStream, password);
                }
                catch (java.io.FileNotFoundException ex) {
                }
                keyStore.load(null, password);
                java.security.cert.CertificateFactory certificateFactory = java.security.cert.CertificateFactory.getInstance("X.509");
                java.security.cert.Certificate cert = certificateFactory.generateCertificate(bCertificate);
                java.security.cert.Certificate[] certArr = new java.security.cert.Certificate[1];
                certArr[0] = cert;
                java.security.PublicKey pk = cert.getPublicKey();
                keyStore.setKeyEntry(alias, pk, password, certArr);
I checked the method Keystore.setKeyEntry it expects the chain only if the key is private key. In my case I am trying to insert the public key with chain. So the setKeyEntry invokes JavaKeyStore.engineSetKeyEntry. This method checks for the instance of Private key and throws the exception "Cannot store non-PrivateKeys".

Please help. Is it a bug ? or is there any other solution ?
Is JavaKeystore.engineSetKeyEntry made it mandatory to add only PrivateKeys.
The above source code is the same used in 1.4.2
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Apr 1 2007
Added on Mar 4 2007
#cryptography
0 comments
885 views