RFE: SecretKeyEntry support for Apple KeychainStore

Wed Mar 12 10:59:13 UTC 2014

On Mar 12, 2014, at 4:35 AM, Hendrik Schreiber <hs at tagtraum.com> wrote:

> Hey...
> 
> I was pleasantly surprised to learn that Apple and subsequently OpenJDK provides support for using the Apple KeyChain as a keystore.
> As I common use case, I tried to use it to store passwords for third party services (Twitter, git, whatever), but couldn't get it to work.
> 
> Apparently the implementation lacks support for SecretKeyEntry, as pointed out in http://stackoverflow.com/questions/727812/storing-username-password-on-mac-using-java#727840

The stackoverflow entry seems correct that password entries don't show alias's.

java -cp . KeyStoreTester | grep github
KeychainStore Ignored Exception: java.security.cert.CertificateException: Signature algorithm mismatch
KeychainStore Ignored Exception: java.security.cert.CertificateParsingException: java.io.IOException: Duplicate extensions not allowed

Shows nothing for a password, it does show keys & certs, but it also oddly gets a couple exceptions.

import java.security.*;
import java.util.Enumeration;

public class KeyStoreTester {

	public static void main(String[] args) {
		try {
			KeyStore ks = KeyStore.getInstance("KeychainStore","Apple");
			ks.load(null,"ANY".toCharArray());
			System.out.println(ks.getProvider());
			Enumeration<String> e = ks.aliases();
			while (e.hasMoreElements())
				System.out.println(e.nextElement());
		}
		catch (Exception ex) { ex.printStackTrace(); }	
	}

}

java -version
java version "1.7.0_51"
Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode)

Michael Hall

trz nio.2 for OS X http://www195.pair.com/mik3hall/index.html#trz

HalfPipe Java 6/7 shell app http://www195.pair.com/mik3hall/index.html#halfpipe

AppConverter convert Apple jvm to openjdk apps http://www195.pair.com/mik3hall/index.html#appconverter