Android keystore location for wss

Question

I have an android application that communicates with a secured webservice over https and using wss (wss4j). In a previous desktop java application all worked fine and i use a physical .jks file to initialise everything, ie:

props.setProperty("org.apache.ws.security.crypto.merlin.file", "c:/temp/conf/ihar.jks");
Crypto crypto = CryptoFactory.getInstance(props);

This all works fine on the desktop, however, on an android device obviously the location is wrong ("c:/temp/conf/ihar.jks", of course, doesnt exist). So my question is how can i specify a location to the file? I think it just takes a sting value, so would something like "file:///android_asset/res/ihar.jks" be feasible?

Answer 1

I have not a share-able project at the moment (sry), but I can give you some pointers on your question:

• At least on Gingerbread there was no support for JKS, so use BKS (bouncycastle)

• Place your clientkeystore.bks and clienttruststore.bks into res/raw folder of your Android project

• Howto open your keystore to access certificate or privateKey:

  import java.security.KeyStore;   
  ...   
  InputStream keyStoreStream = resources.openRawResource(R.raw.clientkeystore);   
  KeyStore keyStore = KeyStore.getInstance("BKS");  
  keyStore.load(keyStoreStream, "xregistry".toCharArray());
  

• How to setup cryptoParams for sendSOAPMessage(this, message, endpoint, cryptoParams);

  SecCryptoParams cryptoParams = new SecCryptoParams();   
  cryptoParams.put(SecCryptoParams.KEYSTORE, new SecCryptoParam(R.raw.clientkeystore, KEYSTORE_PASSWORD));
  cryptoParams.put(SecCryptoParams.TRUSTSTORE, new SecCryptoParam(R.raw.clienttruststore, TRUSTSTORE_PASSWORD));
  

I hope from here you know how to proceed.