如何取回存储在 JCEKS 密钥库中的密码?
How can I get back the password I stored in a JCEKS keystore?
我使用 java 密钥工具创建了一个密钥库,以使用以下命令存储密码
$ keytool -importpassword -alias myalias -keystore mykeystore.jceks -storetype jceks
Enter keystore password: keystore
Re-enter new password: keystore
Enter the password to be stored: testpassword
Re-enter password: testpassword
Enter key password for <myalias>
(RETURN if same as keystore password):
我想在 java 程序中检索此密码。这是我到目前为止所写的内容。
InputStream is = new FileInputStream(new File("mykeystore.jceks"));
KeyStore ks = KeyStore.getInstance("jceks");
ks.load(is, "keystore".toCharArray());
PasswordProtection pp = new PasswordProtection("keystore".toCharArray());
SecretKeyEntry ske = (SecretKeyEntry) ks.getEntry("myalias", pp);
System.out.println(ske.toString()); // Outputs: "Secret key entry with algorithm PBEWithMD5AndDES"
如何取回我存储的密码?有可能吗?
下面是完整的参考代码。
所需的库:
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStore.PasswordProtection;
import java.security.KeyStore.SecretKeyEntry;
import java.security.cert.CertificateException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.UnrecoverableEntryException;
Class:
class JCEKS
{
public static void main(String args[])
{
try{
InputStream is = new FileInputStream(new File("mykeystore.jceks"));
KeyStore ks = KeyStore.getInstance("jceks");
ks.load(is, "keystore".toCharArray());
PasswordProtection pp = new PasswordProtection("keystore".toCharArray());
SecretKeyEntry ske = (SecretKeyEntry) ks.getEntry("myalias", pp);
System.out.println(ske.toString());
}
catch(KeyStoreException e){
System.out.println("KeyStoreException:");
System.out.println(e);
}
catch(FileNotFoundException e){
System.out.println("FileNotFoundException:");
System.out.println(e.getMessage());
}
catch(IOException e){
System.out.println("IOException:");
System.out.println(e.getMessage());
}
catch(NoSuchAlgorithmException e){
System.out.println("NoSuchAlgorithmException:");
System.out.println(e.getMessage());
}
catch(CertificateException e){
System.out.println("CertificateException:");
System.out.println(e.getMessage());
}
catch(UnrecoverableKeyException e){
System.out.println("UnrecoverableKeyException:");
System.out.println(e.getMessage());
}
catch(UnrecoverableEntryException e){
System.out.println("UnrecoverableEntryException:");
System.out.println(e.getMessage());
}
}
}
您存储的 password
条目存储为 SecretKeyEntry
并且可以使用 secretKey
对象的 getEncoded()
方法检索其值。
System.out.println(new String(ske.getSecretKey().getEncoded()));
经过一些挖掘和反复试验后,事实证明您可以使用 keytool 检索您存储的密码
例如,如果您使用以下命令存储密码
> $ keytool -importpassword -alias my-alias -keystore my-keystore.jcek -storetype jceks
> Enter keystore password: keystorepassword
> Re-enter new password:keystorepassword
> Enter the password to be stored: thepassword
> Re-enter password: thepassword
> Enter key password for <my-alias>
(RETURN if same as keystore password): keypassword
> Re-enter new password: keypassword
检索您存储的密码(即'thepassword'):
InputStream is = new FileInputStream(new File("my-keystore.jceks"));
KeyStore ks = KeyStore.getInstance("JCEKS");
ks.load(is, "keystorepassword".toCharArray());
PasswordProtection pp = new PasswordProtection("keypassword".toCharArray());
SecretKeyEntry ske = (SecretKeyEntry) ks.getEntry("my-alias", pp);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5ANDDES");
PBEKeySpec keySpec = (PBEKeySpec) factory.getKeySpec(ske.getSecretKey(), PBEKeySpec.class);
String password = new String(keySpec.getPassword());
System.out.println(password);
输出:密码
请注意,当您存储一个字符串时,它默认为 PBEWITHMD5ANDDES 算法。因此,您需要下载 javax-crypto.jar 并将其与您的程序一起编译 javac -cp javax-crypto.jar your-program.java
我使用 java 密钥工具创建了一个密钥库,以使用以下命令存储密码
$ keytool -importpassword -alias myalias -keystore mykeystore.jceks -storetype jceks
Enter keystore password: keystore
Re-enter new password: keystore
Enter the password to be stored: testpassword
Re-enter password: testpassword
Enter key password for <myalias>
(RETURN if same as keystore password):
我想在 java 程序中检索此密码。这是我到目前为止所写的内容。
InputStream is = new FileInputStream(new File("mykeystore.jceks"));
KeyStore ks = KeyStore.getInstance("jceks");
ks.load(is, "keystore".toCharArray());
PasswordProtection pp = new PasswordProtection("keystore".toCharArray());
SecretKeyEntry ske = (SecretKeyEntry) ks.getEntry("myalias", pp);
System.out.println(ske.toString()); // Outputs: "Secret key entry with algorithm PBEWithMD5AndDES"
如何取回我存储的密码?有可能吗?
下面是完整的参考代码。
所需的库:
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStore.PasswordProtection;
import java.security.KeyStore.SecretKeyEntry;
import java.security.cert.CertificateException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.UnrecoverableEntryException;
Class:
class JCEKS
{
public static void main(String args[])
{
try{
InputStream is = new FileInputStream(new File("mykeystore.jceks"));
KeyStore ks = KeyStore.getInstance("jceks");
ks.load(is, "keystore".toCharArray());
PasswordProtection pp = new PasswordProtection("keystore".toCharArray());
SecretKeyEntry ske = (SecretKeyEntry) ks.getEntry("myalias", pp);
System.out.println(ske.toString());
}
catch(KeyStoreException e){
System.out.println("KeyStoreException:");
System.out.println(e);
}
catch(FileNotFoundException e){
System.out.println("FileNotFoundException:");
System.out.println(e.getMessage());
}
catch(IOException e){
System.out.println("IOException:");
System.out.println(e.getMessage());
}
catch(NoSuchAlgorithmException e){
System.out.println("NoSuchAlgorithmException:");
System.out.println(e.getMessage());
}
catch(CertificateException e){
System.out.println("CertificateException:");
System.out.println(e.getMessage());
}
catch(UnrecoverableKeyException e){
System.out.println("UnrecoverableKeyException:");
System.out.println(e.getMessage());
}
catch(UnrecoverableEntryException e){
System.out.println("UnrecoverableEntryException:");
System.out.println(e.getMessage());
}
}
}
您存储的 password
条目存储为 SecretKeyEntry
并且可以使用 secretKey
对象的 getEncoded()
方法检索其值。
System.out.println(new String(ske.getSecretKey().getEncoded()));
经过一些挖掘和反复试验后,事实证明您可以使用 keytool 检索您存储的密码 例如,如果您使用以下命令存储密码
> $ keytool -importpassword -alias my-alias -keystore my-keystore.jcek -storetype jceks
> Enter keystore password: keystorepassword
> Re-enter new password:keystorepassword
> Enter the password to be stored: thepassword
> Re-enter password: thepassword
> Enter key password for <my-alias>
(RETURN if same as keystore password): keypassword
> Re-enter new password: keypassword
检索您存储的密码(即'thepassword'):
InputStream is = new FileInputStream(new File("my-keystore.jceks"));
KeyStore ks = KeyStore.getInstance("JCEKS");
ks.load(is, "keystorepassword".toCharArray());
PasswordProtection pp = new PasswordProtection("keypassword".toCharArray());
SecretKeyEntry ske = (SecretKeyEntry) ks.getEntry("my-alias", pp);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5ANDDES");
PBEKeySpec keySpec = (PBEKeySpec) factory.getKeySpec(ske.getSecretKey(), PBEKeySpec.class);
String password = new String(keySpec.getPassword());
System.out.println(password);
输出:密码
请注意,当您存储一个字符串时,它默认为 PBEWITHMD5ANDDES 算法。因此,您需要下载 javax-crypto.jar 并将其与您的程序一起编译 javac -cp javax-crypto.jar your-program.java