From 05c32a8f46e237c670ec46f4420d4a5e4de68a7a Mon Sep 17 00:00:00 2001
From: Looly <loolly@gmail.com>
Date: Tue, 27 Dec 2022 19:52:33 +0800
Subject: [PATCH] =?UTF-8?q?KeyUtil=E4=B8=AD=E7=9A=84=E8=AF=BB=E5=8F=96KeyS?=
 =?UTF-8?q?tore=E6=96=87=E4=BB=B6=E7=9A=84=E6=96=B9=E6=B3=95=E5=A2=9E?=
 =?UTF-8?q?=E5=8A=A0=E5=85=A8=E5=B1=80Provider?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CHANGELOG.md                                  |  1 +
 .../main/java/cn/hutool/crypto/KeyUtil.java   | 43 +++++++++++++------
 2 files changed, 30 insertions(+), 14 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5fce32081..fc80e8923 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@
 * 【core  】      HtmlUtil中escape方法，增加不断开空格（nbsp）转译，防止xss攻击（pr#2755@Github）
 * 【extra 】      修正sftp.cd方法 方法注释和实际效果不符（issue#2758@Github）
 * 【core  】      修改PhoneUtil容易歧义的注释（issue#I63GWK@Gitee）
+* 【crypto】      KeyUtil中的读取KeyStore文件的方法增加全局Provider（issue#I6796G@Gitee）
 * 
 ### 🐞Bug修复
 * 【json  】      修复普通byte数组转JSONArray时的异常（pr#875@Gitee）
diff --git a/hutool-crypto/src/main/java/cn/hutool/crypto/KeyUtil.java b/hutool-crypto/src/main/java/cn/hutool/crypto/KeyUtil.java
index 518f09917..b88c67e90 100644
--- a/hutool-crypto/src/main/java/cn/hutool/crypto/KeyUtil.java
+++ b/hutool-crypto/src/main/java/cn/hutool/crypto/KeyUtil.java
@@ -127,7 +127,7 @@ public class KeyUtil {
 	 *
 	 * @param algorithm 算法，支持PBE算法
 	 * @param keySize   密钥长度，&lt;0表示不设定密钥长度，即使用默认长度
-	 * @param random 随机数生成器，null表示默认
+	 * @param random    随机数生成器，null表示默认
 	 * @return {@link SecretKey}
 	 * @since 5.5.2
 	 */
@@ -140,7 +140,7 @@ public class KeyUtil {
 			keySize = 128;
 		}
 
-		if(keySize > 0){
+		if (keySize > 0) {
 			if (null == random) {
 				keyGenerator.init(keySize);
 			} else {
@@ -365,7 +365,7 @@ public class KeyUtil {
 	 */
 	public static KeyPair generateKeyPair(String algorithm) {
 		int keySize = DEFAULT_KEY_SIZE;
-		if("ECIES".equalsIgnoreCase(algorithm)){
+		if ("ECIES".equalsIgnoreCase(algorithm)) {
 			// ECIES算法对KEY的长度有要求，此处默认256
 			keySize = 256;
 		}
@@ -643,7 +643,7 @@ public class KeyUtil {
 	public static String getAlgorithmAfterWith(String algorithm) {
 		Assert.notNull(algorithm, "algorithm must be not null !");
 
-		if(StrUtil.startWithIgnoreCase(algorithm, "ECIESWith")){
+		if (StrUtil.startWithIgnoreCase(algorithm, "ECIESWith")) {
 			return "EC";
 		}
 
@@ -745,9 +745,8 @@ public class KeyUtil {
 	 * @return {@link KeyStore}
 	 */
 	public static KeyStore readKeyStore(String type, InputStream in, char[] password) {
-		KeyStore keyStore;
+		final KeyStore keyStore = getKeyStore(type);
 		try {
-			keyStore = KeyStore.getInstance(type);
 			keyStore.load(in, password);
 		} catch (Exception e) {
 			throw new CryptoException(e);
@@ -755,6 +754,21 @@ public class KeyUtil {
 		return keyStore;
 	}
 
+	/**
+	 * 获取{@link KeyStore}对象
+	 *
+	 * @param type 类型
+	 * @return {@link KeyStore}
+	 */
+	public static KeyStore getKeyStore(final String type) {
+		final Provider provider = GlobalBouncyCastleProvider.INSTANCE.getProvider();
+		try {
+			return null == provider ? KeyStore.getInstance(type) : KeyStore.getInstance(type, provider);
+		} catch (final KeyStoreException e) {
+			throw new CryptoException(e);
+		}
+	}
+
 	/**
 	 * 从KeyStore中获取私钥公钥
 	 *
@@ -953,9 +967,9 @@ public class KeyUtil {
 	 * @return RSA公钥，null表示私钥不被支持
 	 * @since 5.3.6
 	 */
-	public static PublicKey getRSAPublicKey(PrivateKey privateKey){
-		if(privateKey instanceof RSAPrivateCrtKey){
-			final RSAPrivateCrtKey privk = (RSAPrivateCrtKey)privateKey;
+	public static PublicKey getRSAPublicKey(PrivateKey privateKey) {
+		if (privateKey instanceof RSAPrivateCrtKey) {
+			final RSAPrivateCrtKey privk = (RSAPrivateCrtKey) privateKey;
 			return getRSAPublicKey(privk.getModulus(), privk.getPublicExponent());
 		}
 		return null;
@@ -964,12 +978,12 @@ public class KeyUtil {
 	/**
 	 * 获得RSA公钥对象
 	 *
-	 * @param modulus Modulus
+	 * @param modulus        Modulus
 	 * @param publicExponent Public Exponent
 	 * @return 公钥
 	 * @since 5.3.6
 	 */
-	public static PublicKey getRSAPublicKey(String modulus, String publicExponent){
+	public static PublicKey getRSAPublicKey(String modulus, String publicExponent) {
 		return getRSAPublicKey(
 				new BigInteger(modulus, 16), new BigInteger(publicExponent, 16));
 	}
@@ -977,12 +991,12 @@ public class KeyUtil {
 	/**
 	 * 获得RSA公钥对象
 	 *
-	 * @param modulus Modulus
+	 * @param modulus        Modulus
 	 * @param publicExponent Public Exponent
 	 * @return 公钥
 	 * @since 5.3.6
 	 */
-	public static PublicKey getRSAPublicKey(BigInteger modulus, BigInteger publicExponent){
+	public static PublicKey getRSAPublicKey(BigInteger modulus, BigInteger publicExponent) {
 		final RSAPublicKeySpec publicKeySpec = new RSAPublicKeySpec(modulus, publicExponent);
 		try {
 			return getKeyFactory("RSA").generatePublic(publicKeySpec);
@@ -993,11 +1007,12 @@ public class KeyUtil {
 
 	/**
 	 * 将密钥编码为Base64格式
+	 *
 	 * @param key 密钥
 	 * @return Base64格式密钥
 	 * @since 5.7.22
 	 */
-	public static String toBase64(Key key){
+	public static String toBase64(Key key) {
 		return Base64.encode(key.getEncoded());
 	}
 }