Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7129103

Enhance keytool to support storing passwords in keystores

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P3
    • Resolution: Duplicate
    • Affects Version/s: 7
    • Fix Version/s: 8
    • Component/s: security-libs
    • Labels:
      None

      Description

      Enhance the keytool utility to support the storage of passwords in keystores.

      The KeyStore API already supports the storage of arbitrary passwords using
      Password-based-encryption (PBE) algorithms. Exposing that functionality via keytool
      would benefit applications that require a basic credential store. Password retrieval
      must be performed programatically.

      One simple approach would be to trigger password storage when keystore's existing -genseckey flag is specified with a PBE key algorithm. That would also aid
      compatability with earlier JDK releases, if necessary. For example,

          % keytool -genseckey -keyalg PBE

      This would then prompt the user for a password and generate a secret key
      using the specified PBE algorithm.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                vinnie Vincent Ryan
                Reporter:
                vinnie Vincent Ryan
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: