为一个别名加载Java KeyStore? [英] Load Java KeyStore for one alias?
问题描述
有没有人知道是否可以加载KeyStore,以便只提示输入别名的密码?
Does anyone know if it is possible to load a KeyStore so that it only prompts for the password for the given alias?
示例:
在我的密钥存储中,我有两个私钥:Alice的加密证书和Bob的加密证书。
In my key store i have two private keys: Alice's Encryption Certificate and Bob's Encryption Certificate.
当我加载我的密钥存储: / p>
When i load my key store:
keyStore = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
keyStore.load(null);
我提示输入Alice和Bob的密钥库密码。一旦输入,我可以使用 getKey(Alice的加密证书,null); 来检索Alice的私钥。我的密钥受到Entrust的安全提供程序的保护,它是在加载密钥库时提示我输入密码的人。如果我不输入鲍勃的密码,并尝试获得他的密钥,它将返回null,这是罚款,但我想避免密码提示。
I am prompted for both Alice's and Bob's key store password. Once they are entered i can use getKey("Alice's Encryption Certificate", null); to retrieve Alice's private key. My keys are protected by Entrust's Security Provider, it is who prompts me for the passwords upon loading the key store. If i do not enter Bob's password and try to get his key it will return null, which is fine, but i would like to avoid the password prompt.
是可能以某种方式指定我只需要加载密钥存储之前的Alice的密钥,所以我从未提示过Bob的密码?
Is it possible to somehow specify that i only want Alice's key before loading the key store so i am never prompted for Bob's password?
谢谢。
推荐答案
我们有同样的问题,找不到一个办法。基本上,你问是否有一种方法来部分加载密钥库。它使事情更复杂,MSCAPI提供程序忽略您提供的任何密码。
We had the same issue and couldn't find a way to do it. Basically, you are asking if there is a way to load the keystore partially. It makes things more complicated that MSCAPI provider ignores any password you provide.
我们通过只存储一个密钥与MSCAPI密钥库来解决这个问题。事实证明,这与智能卡的安全模型也更好。
We get around the issue by storing only one key With MSCAPI keystore. It turns out this works better with the security model of Smartcard also.
这篇关于为一个别名加载Java KeyStore?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
