I am writing a jar to fill apk on Google Play. Required to send the key p12, it was placed in the keystore on the poppy keychain mac osx

Now we need to somehow extract privatekey. Began to do so:

String ALIAS = "test1234"; char[] PASSWORD = null; KeyStore keyStore = KeyStore.getInstance("KeychainStore", "Apple"); keyStore.load(null, null); PrivateKey privateKey = (PrivateKey)keyStore.getKey(ALIAS, PASSWORD);

privateKey is obtained by NullPointerException

String

 Enumeration<String> al = keyStore.aliases();

I can get a list of all certificates, as well as pull out the public key. If you can not get a privatekey - are there any ready-made solutions for pulling out the key? Can shells / wrappers? Maybe somehow through bash you can pull it out?

From the fact that I managed to dig in the internet, for example, here is the question , but here about the login / password, I tried to use the shell osx-keychain-java, but it is only for pulling passwords, not for keys.

PS We can not shine p12 key in the clear, so they stuffed it in a keychain. This is the task ...

Know, direct, pliz, in the right direction.

    1 answer 1

    After some time, a solution was found:

    1. Set access to the private key in the keychain. Double click on the key will open the properties window, where in the tab "Access" set "Allow all programs to access this object"

    2. On the mac'e keychain_access utility we compile the executable file.

    3. In command line in command_line we call this utility to get the key

     chmod +x keychain_access PRIVATE_KEY=$(./keychain_access -t private-key "<имя_ключа,_как назван_в_связке_ключей>")

    4. The resulting key in the String format is passed to our utility for Java (what it is - https://habrahabr.ru/post/281557/ )

      java -jar public.jar "$PRIVATE_KEY"

    5. Convert the String key to PrivateKey using the additional library https://github.com/rtyley/spongycastle For myself, I separately compiled spongycastle-core-1.54.0.0.jar and attached to the project in eclipse.

      PrivateKey getPrivateKeyAttempt(String key) { String privKeyPEM = key.replace("-----BEGIN RSA PRIVATE KEY-----\n", "") .replace("-----END RSA PRIVATE KEY-----", ""); // Base64 decode the data byte[] encodedPrivateKey = Base64.decodeBase64(privKeyPEM); try { ASN1Sequence primitive = (ASN1Sequence) ASN1Sequence.fromByteArray(encodedPrivateKey); Enumeration<?> e = primitive.getObjects(); BigInteger v = ((ASN1Integer) e.nextElement()).getValue(); int version = v.intValue(); if (version != 0 && version != 1) { throw new IllegalArgumentException("wrong version for RSA private key"); } BigInteger modulus = ((ASN1Integer) e.nextElement()).getValue(); BigInteger privateExponent = ((ASN1Integer) e.nextElement()).getValue(); RSAPrivateKeySpec spec = new RSAPrivateKeySpec(modulus, privateExponent); KeyFactory kf = KeyFactory.getInstance("RSA"); PrivateKey pk = kf.generatePrivate(spec); return pk; } catch (IOException e2) { throw new IllegalStateException(); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } catch (InvalidKeySpecException e) { throw new IllegalStateException(e); } }

    6. Well and, actually, everything, we use PrivateKey for filling.