java 从文件实例化 JavaKeyStore 时遇到问题
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/16240679/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Trouble instantiating a JavaKeyStore from file
提问by Waltzy
I'm trying to get an instance of org.apache.ws.security.components.crypto.Merlinusing org.apache.ws.security.components.crypto.CryptoFactoryspecifically the CryptoFactory.getInstance(properties)method.
我正在尝试获得一个专门org.apache.ws.security.components.crypto.Merlin使用org.apache.ws.security.components.crypto.CryptoFactory该CryptoFactory.getInstance(properties)方法的实例。
This will consistantly throw
这将不断抛出
java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin cannot create instance
java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin cannot create instance
which evantually is caused by
这最终是由
java.security.UnrecoverableKeyException: Password verification failed
java.security.UnrecoverableKeyException: Password verification failed
The password on the keystore file has been checked with the keytool on the command line and is correct.
keystore文件上的密码已经在命令行中用keytool检查过,是正确的。
the keystore is generated via the following process:
密钥库是通过以下过程生成的:
Which is in the root directory of the eclipse porject.
这是在 eclipse 项目的根目录中。
The test applciation is as follows:
测试应用如下:
public class App {
public static void main(String[] args) throws CredentialException,
IOException {
System.out.println("Starting");
Properties p = new Properties();
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
"password");
p.setProperty("org.apache.ws.security.crypto.provider",
"org.apache.ws.security.components.crypto.Merlin");
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.type",
"jks");
p.setProperty("org.apache.ws.security.crypto.merlin.file", "./testkeystore.jks");
Crypto crypto = CryptoFactory.getInstance(p);
System.out.println(" Complete ");
}
}
and the following exception is generated:
并生成以下异常:
Exception in thread "main" java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin cannot create instance
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:225)
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:180)
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:73)
at com.restart.test.cryptotest2.App.main(App.java:22)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:211)
... 3 more
Caused by: org.apache.ws.security.components.crypto.CredentialException: Failed to load credentials.
at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:174)
at org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractCrypto.java:135)
at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:71)
... 8 more
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
at java.security.KeyStore.load(KeyStore.java:1214)
at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:168)
... 10 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
... 13 more
The password as indicated in the cmd window is set to "password" , but by all accounts the application is rejecting it, I can change the password using keytool -storepasswdwith no issues, So i know the the password I am providing is correct; can anyone suggest what may be going wrong here? I've been trying to debug this unsuccessfully for full a day now.
cmd 窗口中指示的密码设置为 "password" ,但所有帐户都拒绝应用程序,我可以毫无问题地更改密码keytool -storepasswd,所以我知道我提供的密码是正确的;谁能建议这里可能出了什么问题?我已经尝试调试了整整一天,但没有成功。
If there is any additional information I can provide please let me know.
如果我可以提供任何其他信息,请告诉我。
edit --
编辑 -
the folloing maven dependency is required to build this test:
构建此测试需要以下 maven 依赖项:
<dependency>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
<version>1.5.8</version>
<scope>provided</scope>
</dependency>
采纳答案by Waltzy
After reading the comments from User I built it against a different version of the JDK/JRE and it worked, after downloading the sources for rt.java and stepping through I found that the CryptoBase class was instantiating two JavaKeyStores, the first (being my .jks file) which instantiated fine, but the second was the cacertskeystore in jre\lib\security>which did not have the default password of changeitwhich was causing the failure;
在阅读了用户的评论后,我针对不同版本的 JDK/JRE 构建了它并且它工作正常,在下载了 rt.java 的源代码并逐步完成后,我发现 CryptoBase 类正在实例化两个 JavaKeyStores,第一个(是我的 . jks 文件),它实例化得很好,但第二个是cacerts密钥库,jre\lib\security>其中没有changeit导致失败的默认密码;
I have now changed the password on the jre keystore and I'm working fine in my original jre/jdk.
我现在已经更改了 jre 密钥库上的密码,并且在我原来的 jre/jdk 中工作正常。
回答by Curro Jimenez
I think your problem is related with libraries because stacktrace says
我认为您的问题与库有关,因为 stacktrace 说
'org.apache.ws.security.components.crypto.Merlin cannot create instance'
'org.apache.ws.security.components.crypto.Merlin 无法创建实例'
it means you don't have (o have an incorrect version) of WSS4J library.
这意味着您没有(或者版本不正确)WSS4J 库。
