How to store my openssl-generated RSA keys to a SUN keystore?
I'm completely new to these security stuff. All I need is to get a RSA encrypted string from our client through http and decrpt it with a RSA private key.
The keys are generated in OpenSSL.
So far, I've been able to decrypt the encrypt string by doing following steps:
1. use OpenSSL tool to make the key in a PKCS8 format.
2. construct a private key object from key material( bytes)
PKCS8EncodedKeySpec pkcs8SpecPriv =new PKCS8EncodedKeySpec(getBytesFromFile(privKeyFileName));
PrivateKey privKey = rsaKeyFactory.generatePrivate( pkcs8SpecPriv);
3.construct a RSA cipher and call doFinal method to decrpyt the string.
Now my supervisor asks me to put these keys into a standard keystore so our Java code can read the private key from this keystore since it's more maintainable to do this way than constructing a key from a physical key file somewhere on the hard drive.
I read the doc about "keytool", but not quite understand all those concepts yet. All I know right now is, in order to execute "keytool -import"( I guess this is the command I need), I need some sort certificate. I don't understand this part, what i imaged, or the most straightforward way I thought of is, store this pair of RSA keys( public and private) in a keystore the way some sort like a hashtable, then I can retrieve them by calling a method with their alias name. Obviously, it's not working this way, can somebody give me a simple explaination on how this certificate is needed in my scenario and what I should do for my simple needs( getting keys from a keystore).
Any hint will be appreciated.
