检查 android 密钥库 keypass 的正确性
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/23945936/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Check android keystore keypass for correctness
提问by Narfanator
I'm automating some things that involve the android keytool and jarsigner. The tool takes a keystore, the password for the keystore, the alias name, and the password for the alias / key, and I'm trying to find a way to explicitly check to see if the supplied password for the alias / key is correct.
我正在自动化一些涉及 android keytool 和 jarsigner 的事情。该工具需要一个密钥库、密钥库的密码、别名和别名/密钥的密码,我正在尝试找到一种方法来明确检查为别名/密钥提供的密码是否正确.
Any ideas? Also, I need to check it without a jar file to sign - getting that file in my context is lengthy, so I want to abort sooner rather than later.
有任何想法吗?此外,我需要在没有要签名的 jar 文件的情况下检查它 - 在我的上下文中获取该文件很长,所以我想尽早中止。
回答by Jeff LaFay
You can also check if the password is correct without attempting to change the password. I did it by listing the properties of the keystore with this command:
您还可以在不尝试更改密码的情况下检查密码是否正确。我通过使用以下命令列出密钥库的属性来做到这一点:
keytool -list -keystore <keystorefile> -storepass <passwordtocheck>
回答by rxg
You can do it a couple of ways:
您可以通过以下几种方式做到这一点:
A. With keytool
A. 与 keytool
If you run the command keytool -keypasswd -keystore <keystore> -alias <alias> -storepass <storepass> -keypass <keypass> -new <keypass>then you will get the error Keystore was tampered with, or password was incorrectif the keystore password is wrong, or the error Cannot recover keyif the alias password is wrong. Unfortunately the return code is 1 in both cases, so you will need to do parsing of the program's output if you want to be smart about the type of error.
如果您运行该命令,keytool -keypasswd -keystore <keystore> -alias <alias> -storepass <storepass> -keypass <keypass> -new <keypass>那么Keystore was tampered with, or password was incorrect如果密钥库密码错误,您将收到错误消息,Cannot recover key如果别名密码错误,您将收到错误消息。不幸的是,在这两种情况下返回码都是 1,因此如果您想对错误类型保持清醒,则需要对程序的输出进行解析。
B. With a small Java program
B.用一个小的Java程序
Something along these lines:
沿着这些路线的东西:
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
try (FileInputStream fis = new FileInputStream(keystore)) {
ks.load(fis, ksPw.toCharArray());
}
ks.getEntry(alias, new KeyStore.PasswordProtection(aliasPw.toCharArray()));
will fail at line 4 with a java.io.IOExceptionif the key store password is wrong, or with a java.security.UnrecoverableKeyExceptionat line 7 if the alias password is wrong.
java.io.IOException如果密钥库密码错误,将在第 4 行失败,java.security.UnrecoverableKeyException如果别名密码错误,则在第 7 行失败。
