问题
I am trying to add bouncycastle to my classpath and the only instructions I can find is for Windows. I need it so I can connect my android client to my server. Has anyone gone through the same problem?
回答1:
Answer provided by user2829409 in his question:
It's actually very simple. Just add the provider jar to System/Library/Java/Extensions the OS takes care of adding it to your class path. Then run some code like:
keytool -importcert -v -trustcacerts -file "YOUR_CERT.crt" -alias imeto_alias -keystore
"NEW_BKS_SERVER_CERT_NAME.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider
-providerpath "bcprov-jdk16-146.jar" -storetype BKS
You should see a prompt asking for a password. Enter a password and then add your "NEW_BKS_SERVER_CERT_NAME.bks" into the res/raw folder in eclipse.
I hope that helps somebody out there.
回答2:
I thought I would write this as an answer even though OP gave the solution in an Edit. The extra explinations may help but more importantly I encountered a weird issue with either Gradle or Android Studio after doing this. So, here the step by step is:
The "proivder JAR" mentioned refers to a Bouncy Castle JAR. The one I used I downloaded from maven.org/maven2/org/bouncycastle/bcprov-ext-jdk15on/1.46/. Drop this, as instructed, into /System/Library/Java/Extensions.
Use the line provided by OP but be sure to change -providerpath "bcprov-jdk16-146.jar" to match the JAR you actually have. So here we would have:
-providerpath "bcprov-ext-jdk15on-1.46.jar"
Now you have your truststore. When trying to build in Android Studio I got the following error:
Error:Execution failed for task ':app:packageDebug'. > class org.bouncycastle.asn1.ASN1Primitive overrides final method equals.(Ljava/lang/Object;)Z
Apparently the issue is that there are now two Bouncy Castle JAR's on the classpath. So remove the one you added to /Extensions and all will be well.
To create a keystore with a self signed certificate and subsequent BKS truststore I used the following commands:
Create the keystore:
keytool -genkey -keyalg RSA -alias selfsigned -keystore server.jks -storepass password -validity 360 -keysize 2048
Create the truststore:
keytool -export -alias selfsigned -keystore server.jks -file server.cer -storepass password
keytool -importcert -v -trustcacerts -file "server.cer" -alias server_truststore \
-keystore "server_truststore.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider \
-providerpath "bcprov-ext-jdk15on-1.46.jar" -storetype BKS`
来源:https://stackoverflow.com/questions/21893754/how-do-you-configure-bouncycastle-for-mac-osx-maverick