如何列出/导出密钥库中的私钥？

最初来自Example Depot的一部分代码，用于列出密钥存储区中的所有别名：

    // Load input stream into keystore    keystore.load(is, password.toCharArray());    // List the aliases    Enumeration aliases = keystore.aliases();    for (; aliases.hasMoreElements(); ) {        String alias = (String)aliases.nextElement();        // Does alias refer to a private key?        boolean b = keystore.isKeyEntry(alias);        // Does alias refer to a trusted certificate?        b = keystore.isCertificateEntry(alias);    }

几个月前，在Sun论坛上讨论了私钥的导出问题，而u：turingcompleter提出了DumpPrivateKey类，以将其缝入您的应用程序。

import java.io.FileInputStream;import java.security.Key;import java.security.KeyStore;import sun.misc.base64Enprer;public class DumpPrivateKey {         static public void main(String[] args)    throws Exception {        if(args.length < 3) {          throw new IllegalArgumentException("expected args: Keystore filename, Keystore password, alias, <key password: default same than keystore");        }        final String keystoreName = args[0];        final String keystorePassword = args[1];        final String alias = args[2];        final String keyPassword = getKeyPassword(args,keystorePassword);        KeyStore ks = KeyStore.getInstance("jks");        ks.load(new FileInputStream(keystoreName), keystorePassword.toCharArray());        Key key = ks.getKey(alias, keyPassword.toCharArray());        String b64 = new base64Enprer().enpre(key.getEnpred());        System.out.println("-----BEGIN PRIVATE KEY-----");        System.out.println(b64);        System.out.println("-----END PRIVATE KEY-----");    }    private static String getKeyPassword(final String[] args, final String keystorePassword)    {       String keyPassword = keystorePassword; // default case       if(args.length == 4) {         keyPassword = args[3];       }       return keyPassword;    }}

注意：这使用Sun软件包，这是一件“坏事”。
如果您可以下载apache
commons代码
，则以下是无需警告即可编译的版本：

javac -classpath .:commons-prec-1.4/commons-prec-1.4.jar DumpPrivateKey.java

并会得到相同的结果：

import java.io.FileInputStream;import java.security.Key;import java.security.KeyStore;//import sun.misc.base64Enprer;import org.apache.commons.prec.binary.base64;public class DumpPrivateKey {         static public void main(String[] args)    throws Exception {        if(args.length < 3) {          throw new IllegalArgumentException("expected args: Keystore filename, Keystore password, alias, <key password: default same than keystore");        }        final String keystoreName = args[0];        final String keystorePassword = args[1];        final String alias = args[2];        final String keyPassword = getKeyPassword(args,keystorePassword);        KeyStore ks = KeyStore.getInstance("jks");        ks.load(new FileInputStream(keystoreName), keystorePassword.toCharArray());        Key key = ks.getKey(alias, keyPassword.toCharArray());        //String b64 = new base64Enprer().enpre(key.getEnpred());        String b64 = new String(base64.enprebase64(key.getEnpred(),true));        System.out.println("-----BEGIN PRIVATE KEY-----");        System.out.println(b64);        System.out.println("-----END PRIVATE KEY-----");    }    private static String getKeyPassword(final String[] args, final String keystorePassword)    {       String keyPassword = keystorePassword; // default case       if(args.length == 4) {         keyPassword = args[3];       }       return keyPassword;    }}

您可以这样使用它：

java -classpath .:commons-prec-1.4/commons-prec-1.4.jar DumpPrivateKey $HOME/.keystore changeit tomcat