I have an android application that communicates with a secured webservice over https and using wss (wss4j). In a previous desktop java application all worked fine and i use a physical .jks file to initialise everything, ie:
props.setProperty("org.apache.ws.security.crypto.merlin.file", "c:/temp/conf/ihar.jks");
Crypto crypto = CryptoFactory.getInstance(props);
This all works fine on the desktop, however, on an android device obviously the location is wrong ("c:/temp/conf/ihar.jks", of course, doesnt exist). So my question is how can i specify a location to the file? I think it just takes a sting value, so would something like "file:///android_asset/res/ihar.jks" be feasible?
I have not a share-able project at the moment (sry), but I can give you some pointers on your question:
At least on Gingerbread there was no support for JKS, so use BKS (bouncycastle)
Place your clientkeystore.bks and clienttruststore.bks into res/raw folder of your Android project
Howto open your keystore to access certificate or privateKey:
import java.security.KeyStore;
...
InputStream keyStoreStream = resources.openRawResource(R.raw.clientkeystore);
KeyStore keyStore = KeyStore.getInstance("BKS");
keyStore.load(keyStoreStream, "xregistry".toCharArray());
How to setup cryptoParams for sendSOAPMessage(this, message, endpoint, cryptoParams);
SecCryptoParams cryptoParams = new SecCryptoParams();
cryptoParams.put(SecCryptoParams.KEYSTORE, new SecCryptoParam(R.raw.clientkeystore, KEYSTORE_PASSWORD));
cryptoParams.put(SecCryptoParams.TRUSTSTORE, new SecCryptoParam(R.raw.clienttruststore, TRUSTSTORE_PASSWORD));
I hope from here you know how to proceed.