我想将X509Certificate及其私钥保存到Android KeyStore中,我认为我应该“合并”X509Certificate(包含公钥)及其私钥。私钥用于创建CSR,然后服务器方签署证书并返回应用程序,我可以将证书和私钥合并到一个唯一的证书中吗?我也在使用spongycastle(又名bouncycastle的android包装器)。
我不知道Android KeyStore,但也许你可以尝试类似的东西:
PrivateKey privateKey = ... //this is what you already have
X509Certificate certificate = ... //this is what you already have
KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
Certificate[] certChain = new Certificate[1];
certChain[0] = certificate;
char[] myKeyPassword = "myKeyPassword".toCharArray();
keyStore.setKeyEntry("mykeyalias", (Key)privateKey, myKeyPassword, certChain);
有关KeyStore.setKeyEntry的更多信息,请参阅https://docs.oracle.com/javase/9/docs/api/java/security/KeyStore.html#setKeyEntry-java.lang.String-java.security.Key-char:A-java.security.cert.Certificate:A-