I've read a lot-a-lot of conflicting info on this forum and others. Some say you can't and others give examples how-to. My setEntry() seems to work fine. But the getEntry() always catch's UnrecoverableEntryException/UnrecoverableKeyEntryException/CipherTextException.
My questions:
1) How do I associate an alias to a String and store into my KeyStore? (I've had no problem storing/retrieving my Keypair (priv/pub) into it)
2) Is my setEntry() correct?
3) Why does my getEntry() fail?
4) What's the difference between an "Entry", a "KeyEntry", and a "SecretKeyEntry"? (Are those just Bouncy terms or generic Crypto terms?).
void setEntry( final String alias, String aValue ){
SecretKey secretKey = null;
try{
secretKey = KeyGenerator.getInstance("AES", PROVIDER.getName()).generateKey();
}
catch ( NoSuchAlgorithmException |NoSuchProviderException aE ){ aE.printStackTrace(); }
// store the secret key
KeyStore.Entry keyStoreEntry = new KeyStore.SecretKeyEntry( secretKey );
ProtectionParameter keyPassword = new PasswordProtection( aValue.toCharArray() );
try{
mKEYSTORE.setEntry( alias, keyStoreEntry, keyPassword );
}catch ( KeyStoreException X ){
X.printStackTrace();
mLog.debug( X.getMessage() ); }
}//setEntry()
String getEntry( entryType aEntryType ){
String retVal;
try{
KeyStore.SecretKeyEntry secretKeyEntry = (SecretKeyEntry) mKEYSTORE.getEntry( aEntryType.name(), null );
retVal = new String( secretKeyEntry.getSecretKey().getEncoded() );
}catch ( NoSuchAlgorithmException | UnrecoverableEntryException | KeyStoreException X ){
mLog.error( X.getMessage() );
retVal = "ERROR getEntry";
}
return retVal;
}//getEntry()
void genKeyStore(){
try{
mKEYSTORE = KeyStore.getInstance( "BKS", "SC" );
//Pass null as the stream argument to initialize an empty KeyStore or to initialize a KeyStore which does not rely on an InputStream.
mKEYSTORE.load( null, "KSpw".toCharArray(); );
mLog.debug( "mKEYSTORE init'd" );
}
catch ( KeyStoreException | NoSuchProviderException | IOException | NoSuchAlgorithmException | CertificateException X )
{throw X;}
}//genKeyStore()