1. 技术文章
  2. How can I store a program password in the OS keystore?

How can I store a program password in the OS keystore?

谁说胖子不能爱 提交于 2021-02-05 05:05:39

问题


I am currently developing a Java application on a Mac. I know that there is the keystore from Apple and I want to securely store a password within that keystore.

According to Apple developers I can get the keystore with keyStore = KeyStore.getInstance("KeychainStore", "Apple");

Now my question is: How can I store the password and how can I get the password back again? I have read a lot about keystores but I do not know, how an implementation would look like.

And how can I get the built-in keystore from Windows / Linux?


回答1:


java.security.KeyStore was not created to deal with passwords. It is a storage facility for cryptographic keys and certificates. While you can try to use it to store passwords since it can for example store private keys, I would advise you against that, because KeyStore's API is cumbersome and was not designed for your use case. https://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html

How to store passwords in Windows, Linux or macOS

What you need instead is Keychain in macOS and similar tools in other operating systems. Since you are also asking about Windows and Linux, you might be interested in the Java Keyring library. It stores passwords in:

  1. Keychain on macOS
  2. Credential Manager on Windows
  3. DBus Secret Service on GNOME

Here's how to use it:

public static void main(String[] args) throws Exception {
    Keyring keyring = Keyring.create();
    String serviceName = "test-app";
    String accountName = "test-account";
    keyring.setPassword(serviceName, accountName, "test-password");
    String password = keyring.getPassword(serviceName, accountName);
    System.out.println(password);
}

Gradle

implementation 'com.github.javakeyring:java-keyring:1.0.1'

Maven

<dependency>
  <groupId>com.github.javakeyring</groupId>
  <artifactId>java-keyring</artifactId>
  <version>1.0.1</version>
</dependency>

If you want to support desktop environments other than GNOME you would probably have to come up with your own solution or search for a different library, but this should get you started.




回答2:


I don't think you can. Keystores are there for a reason other than what you're looking for, public key infrastructure(I think this was mentioned). You can't store a password in a keystore. You said you're doing this on Windows, right? I don't think Windows allows something like what you're looking for. Use a different device, or try using a different type of code.



来源:https://stackoverflow.com/questions/60985877/how-can-i-store-a-program-password-in-the-os-keystore

标签
java
keystore
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!