Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature: Add action to android-keystore to extract single certificate from a keystore #253

Merged
merged 4 commits into from
Aug 16, 2022
Merged

Feature: Add action to android-keystore to extract single certificate from a keystore #253

merged 4 commits into from
Aug 16, 2022

Conversation

priitlatt
Copy link
Contributor

@priitlatt priitlatt commented Aug 16, 2022
edited
Loading

With some keystores keytool is unable to list certificates in RFC format even if -rfc flag is passed to the keytool -list command. For example:

% keytool -list -storepass test123 -keystore /tmp/t.ks.jks -alias debug -rfc
Command line args: [-list, -storepass, test123, -keystore, /tmp/t.ks.jks, -alias, debug, -rfc]
Alias name: debug
Creation date: 12 Aug 2022
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
[
[
  Version: V3
  Subject: CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown
  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11

  Key:  Sun RSA public key, 2048 bits
...

Due to this we cannot obtain a certificate from a keystore for given alias using the -list verb. However, certificate can be exported in ASN.1 format using -exportcert verb. This PR adds new action android-keystore certificate along with accompanying Python API which is a wrapper for keytool -exportcert.

New action:

  • android-keystore certificate

@priitlatt priitlatt added the enhancement New feature or request label Aug 16, 2022
@priitlatt priitlatt marked this pull request as ready for review August 16, 2022 12:54
@priitlatt priitlatt merged commit 0314d18 into master Aug 16, 2022
@priitlatt priitlatt deleted the feature/get-certificate-from-keystore branch August 16, 2022 13:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@artemii-yanushevskyi artemii-yanushevskyi artemii-yanushevskyi approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@priitlatt @artemii-yanushevskyi