Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What algorithm does java.security.KeyStore use to encrypt the privateKey in KeyStore.setKeyEntry() and KeyStore.store()?

setKeyEntry() allows a password to protect a single private key, and store() allows a password to encrypt the entire keyStore. I'm using pkcs12 keystore type with the BC as the provider, and I can't figure out what it's using for encryption.

Am I able to specify the kind of encryption used in these methods?

like image 749
pizzathehut Avatar asked Aug 09 '10 23:08

pizzathehut


2 Answers

The KeyStore implementation depends on the type you request, and for some types, will depend on the provider as well.

If you are talking about the "JKS" type, you can find a description of the format and algorithms used here.

With a JKS key store, you cannot specify an encryption algorithm for private keys.

like image 135
erickson Avatar answered Nov 12 '22 21:11

erickson


It depends on which KeyStore provider you are using.

The JCEKS provider uses PBEWithMD5AndTripleDES password-based encryption algorithm.

like image 31
President James K. Polk Avatar answered Nov 12 '22 23:11

President James K. Polk