JKS密钥存储格式的规范 [英] Specification of JKS key store format

问题描述

我想知道是否存在的正式规范JKS Java中使用的密钥库格式？我想从/到PKCS＃12编写一个转换器，但不是用Java编写，所以不幸的是，keytool或Java代码不是一个选项。

I was wondering if there exists an official specification of the JKS key store format used in Java? I'd like to write a converter from/to PKCS#12, but not in Java, so keytool or Java code is not an option unfortunately.

查看一个十六进制编辑器告诉我它可能不是ASN.1。在我开始深入研究OpenJDK之前，尝试对格式进行逆向工程，有没有人知道是否存在规范？到目前为止我找不到任何帮助，非常感谢任何帮助！

Looking at one in a hex editor tells me that it's probably not ASN.1. Before I start digging into OpenJDK, trying to reverse-engineer the format, does anyone know if there exists a spec maybe? I couldn't find anything so far, any help would be much appreciated!

推荐答案

我认为你应该在JDK开始你的研究源。那里有一些非常有用的评论。
例如

I think you should start your research at JDK sources. There are some very useful comments there. E.g.

/*
         * KEYSTORE FORMAT:
         *
         * Magic number (big-endian integer),
         * Version of this file format (big-endian integer),
         *
         * Count (big-endian integer),
         * followed by "count" instances of either:
         *
         *     {
         *      tag=1 (big-endian integer),
         *      alias (UTF string)
         *      timestamp
         *      encrypted private-key info according to PKCS #8
         *          (integer length followed by encoding)
         *      cert chain (integer count, then certs; for each cert,
         *          integer length followed by encoding)
         *     }
         *
         * or:
         *
         *     {
         *      tag=2 (big-endian integer)
         *      alias (UTF string)
         *      timestamp
         *      cert (integer length followed by encoding)
         *     }
         *
         * ended by a keyed SHA1 hash (bytes only) of
         *     { password + whitener + preceding body }
         */

这篇关于JKS密钥存储格式的规范的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！