Java KeyStore重复别名 [英] Java KeyStore duplicate aliases
问题描述
我有一个Java KeyStore,其中有几个条目共享相同的别名(重复项).当我执行getEntry(...)或getCertificate(...)或getKey(...)时,在所有情况下,我始终会获得第一个条目.我怎么总是得到想要的?
I have a Java KeyStore with couple of entries sharing the same alias (duplicates). When I do a getEntry(...) or getCertificate(...) or getKey(...), I always get the first entry in all the cases. How do I always get the ones that I want?
我尝试将第一个条目导出到外部文件(使用keytool),然后从原始KeyStore中删除第一个条目,然后使用不同的别名重新导入导出的条目.如果该条目是受信任的证书,这将起作用.但是,如果它是PrivateKeyEntry或SecretKeyEntry,则将无法正常工作.
I have tried exporting the first entry to an external file (using keytool), and then deleting the first entry from the original KeyStore, and then importing back the exported entry with a different alias. This would work if the entry is a Trusted Certificate. But it wouldn't work if it is a PrivateKeyEntry or a SecretKeyEntry.
有没有可行的解决方案/解决方案来解决这种情况?
Is there any feasible solution/fix to handle this scenario?
推荐答案
有一种解决重复别名的方法.由于没有直接的方法可以解决此问题,因此我们可以手动修复重复的别名.您可以在下面运行此代码来解决重复出现的别名(这是一次性的事情).
There is one way of fixing the duplicate aliases. Since there is no direct way of fixing this issue, we can fix the duplicate aliases manually. You can run this code below to fix the duplicate aliases occurrences, (it is a one time thing).
public static void removeDuplicateAliases() throws NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, KeyStoreException,
UnrecoverableEntryException
{
final String KEYSTORE_TYPE = "KEYSTORE_TYPE";
final String KEYSTORE_PATH = "KEYSTORE_PATH";
final char[] KEYSTORE_PASSWORD = "KEYSTORE_PASSWORD".toCharArray();
KeyStore ks = KeyStore.getInstance(KEYSTORE_TYPE);
ks.load(new FileInputStream(new File(KEYSTORE_PATH)), KEYSTORE_PASSWORD);
Enumeration<String> aliases = ks.aliases();
Map<String, List<KeyStore.Entry>> keyStoreEntriesMap = new LinkedHashMap<String, List<KeyStore.Entry>>();
while (aliases.hasMoreElements())
{
String alias = aliases.nextElement();
KeyStore.Entry entry = null;
try
{
entry = ks.getEntry(alias, new KeyStore.PasswordProtection(KEYSTORE_PASSWORD));
}
catch (UnsupportedOperationException e)
{
entry = ks.getEntry(alias, null);
}
if (!keyStoreEntriesMap.containsKey(alias))
{
List<KeyStore.Entry> aliasEntry = new ArrayList<KeyStore.Entry>();
aliasEntry.add(entry);
keyStoreEntriesMap.put(alias, aliasEntry);
}
else
{
keyStoreEntriesMap.get(alias).add(entry);
}
}
for (Map.Entry<String, List<KeyStore.Entry>> entry : keyStoreEntriesMap.entrySet())
{
if (entry.getValue().size() > 1)
{
System.out.println("Multiple entries found under same alias - \'" + entry.getKey() + "\'");
int counter = 1;
for (KeyStore.Entry each : entry.getValue())
{
ks.deleteEntry(entry.getKey());
String newAlias = entry.getKey() + "-" + counter;
if (each instanceof TrustedCertificateEntry)
ks.setEntry(newAlias, each, null);
else
ks.setEntry(newAlias, each, new KeyStore.PasswordProtection(PASSWORD));
System.out.println("\t(" + counter + " of " + entry.getValue().size() + ") Entry moved to new alias \'" + newAlias + "\'");
counter++;
}
System.out.println();
}
}
ks.store(new FileOutputStream(new File(KEYSTORE_PATH)), PASSWORD);
System.out.println("Done!!");
}
这基本上是将所有具有通用别名的条目归为一组,并使用新别名(在现有别名后增加增量计数器)移动/创建一个新条目,并删除所有原始条目.
What this basically does is group all the entries that have common aliases, and moves/creates a new entry with a new alias (incremental counter appended to the existing alias) and deletes all the original entries.
您可以在控制台中看到新的别名.
You can see the new aliases in your console.
P.S:建议备份原始的KeyStore.
P.S: It is advised to have your original KeyStore backed-up.
这篇关于Java KeyStore重复别名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
