StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>let's say you saved a string called "this is my sentence" in the keystore, and when you open it by notepad, you saw cipher-text "blabla", and you copied the "blabla" to another file and claim you findout the plain-text, and it is "blabla", that is obvious incorrect, you still don't know the original pliant-ext until recover it by password.</p> <p>==EDIT==</p> <p>for JKS keystore, the keystore password is used to verify integrity, <a href="http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/sun/security/provider/JavaKeyStore.java#JavaKeyStore.engineLoad%28java.io.InputStream,char%5B%5D%29" rel="noreferrer">src</a></p> <pre><code>636 if (password != null) { 637 md = getPreKeyedHash(password); 638 dis = new DataInputStream(new DigestInputStream(stream, md)); 639 } </code></pre> <p>the DigestInputStream generate a signature and compare it to acutal one to see if is modified. </p> <p>BouncyCastle keystore <a href="http://grepcode.com/file/repo1.maven.org/maven2/com.madgag/scprov-jdk15on/1.47.0.2/org/spongycastle/jce/provider/JDKKeyStore.java#JDKKeyStore.BouncyCastleStore" rel="noreferrer">UBER</a> is more secure, the entire keystore is encrypted with a PBE based on SHA1 and Twofish (PBEWithSHAAndTwofish-CBC)</p> <pre><code> Cipher cipher = this.makePBECipher(cipherAlg, Cipher.DECRYPT_MODE, password, salt, iterationCount); CipherInputStream cIn = new CipherInputStream(dIn, cipher); Digest dig = new SHA1Digest(); DigestInputStream dgIn = new DigestInputStream(cIn, dig); this.loadStore(dgIn); </code></pre>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload