setKeyEntry() allows a password to protect a single private key, and store() allows a password to encrypt the entire keyStore. I'm using pkcs12 keystore type with the BC as the provider, and I can't figure out what it's using for encryption.
Am I able to specify the kind of encryption used in these methods?
The KeyStore
implementation depends on the type you request, and for some types, will depend on the provider as well.
If you are talking about the "JKS" type, you can find a description of the format and algorithms used here.
With a JKS key store, you cannot specify an encryption algorithm for private keys.
It depends on which KeyStore provider you are using.
The JCEKS provider uses PBEWithMD5AndTripleDES password-based encryption algorithm.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With