kurtbrose / Pyjks
Licence: mit
a pure python Java KeyStore file parser, including private key decryption
Stars: ✭ 100
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Pyjks
Chromium Gost
Chromium с поддержкой алгоритмов ГОСТ
Stars: ✭ 123 (+23%)
Mutual labels: cryptography, ssl
Pyopenssl
A Python wrapper around the OpenSSL library
Stars: ✭ 701 (+601%)
Mutual labels: cryptography, ssl
S2n Tls
s2n : an implementation of the TLS/SSL protocols
Stars: ✭ 4,029 (+3929%)
Mutual labels: cryptography, ssl
Wolfssl
wolfSSL (formerly CyaSSL) is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!
Stars: ✭ 1,098 (+998%)
Mutual labels: cryptography, ssl
Php Hyper Builtin Server
Reverse proxy for PHP built-in server which supports multiprocessing and TLS/SSL encryption
Stars: ✭ 93 (-7%)
Mutual labels: ssl
0fc
Anonymous web chat server, built on top of Themis/WebThemis
Stars: ✭ 98 (-2%)
Mutual labels: cryptography
Portablesigner2
PortableSigner - A Commandline and GUI Tool to digital sign PDF files with X.509 certificates
Stars: ✭ 92 (-8%)
Mutual labels: cryptography
Tls Inspector
Easily view and inspect X.509 certificates on your iOS device.
Stars: ✭ 92 (-8%)
Mutual labels: ssl
Cdk Spa Deploy
This is an AWS CDK Construct to make deploying a single page website (Angular/React/Vue) to AWS S3 behind SSL/Cloudfront easier
Stars: ✭ 94 (-6%)
Mutual labels: ssl
Computer Science Resources
A list of resources in different fields of Computer Science (multiple languages)
Stars: ✭ 1,316 (+1216%)
Mutual labels: cryptography
Simpletcp
Simple wrapper for TCP client and server in C# with SSL support
Stars: ✭ 99 (-1%)
Mutual labels: ssl
Jmacaroons
Pure Java implementation of Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud. Android ready. Online playground available.
Stars: ✭ 100 (+0%)
Mutual labels: cryptography
Packetsender
Network utility for sending / receiving TCP, UDP, SSL
Stars: ✭ 1,349 (+1249%)
Mutual labels: ssl
Pki
The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
Stars: ✭ 97 (-3%)
Mutual labels: ssl
pyjks
A pure python Java KeyStore file parser, including private/secret key decryption. Can read JKS, JCEKS, BKS and UBER (BouncyCastle) key stores.
The best way to utilize a certificate stored in a jks file up to this point has been to use the java keytool command to transform to pkcs12, and then openssl to transform to pem.
This is better:
- no security concerns in passwords going into command line arguments, or unencrypted files being left around
- no dependency on a JVM
Requirements:
- Python 2.6+ or Python 3.3+
- pyasn1 0.3.5+
- pyasn1_modules 0.0.8+
- javaobj-py3 0.1.4+
- pycryptodomex, if you need to read JCEKS, BKS or UBER keystores
- twofish, if you need to read UBER keystores
Usage examples:
Reading a JKS or JCEKS keystore and dumping out its contents in the PEM format:
from __future__ import print_function
import sys, base64, textwrap
import jks
def print_pem(der_bytes, type):
print("-----BEGIN %s-----" % type)
print("\r\n".join(textwrap.wrap(base64.b64encode(der_bytes).decode('ascii'), 64)))
print("-----END %s-----" % type)
ks = jks.KeyStore.load("keystore.jks", "XXXXXXXX")
# if any of the keys in the store use a password that is not the same as the store password:
# ks.entries["key1"].decrypt("key_password")
for alias, pk in ks.private_keys.items():
print("Private key: %s" % pk.alias)
if pk.algorithm_oid == jks.util.RSA_ENCRYPTION_OID:
print_pem(pk.pkey, "RSA PRIVATE KEY")
else:
print_pem(pk.pkey_pkcs8, "PRIVATE KEY")
for c in pk.cert_chain:
print_pem(c[1], "CERTIFICATE")
print()
for alias, c in ks.certs.items():
print("Certificate: %s" % c.alias)
print_pem(c.cert, "CERTIFICATE")
print()
for alias, sk in ks.secret_keys.items():
print("Secret key: %s" % sk.alias)
print(" Algorithm: %s" % sk.algorithm)
print(" Key size: %d bits" % sk.key_size)
print(" Key: %s" % "".join("{:02x}".format(b) for b in bytearray(sk.key)))
print()
Transforming an encrypted JKS/JCEKS file into an OpenSSL context:
import OpenSSL
import jks
_ASN1 = OpenSSL.crypto.FILETYPE_ASN1
def jksfile2context(jks_file, passphrase, key_alias, key_password=None):
keystore = jks.KeyStore.load(jks_file, passphrase)
pk_entry = keystore.private_keys[key_alias]
# if the key could not be decrypted using the store password, decrypt with a custom password now
if not pk_entry.is_decrypted():
pk_entry.decrypt(key_password)
pkey = OpenSSL.crypto.load_privatekey(_ASN1, pk_entry.pkey)
public_cert = OpenSSL.crypto.load_certificate(_ASN1, pk_entry.cert_chain[0][1])
trusted_certs = [OpenSSL.crypto.load_certificate(_ASN1, cert.cert) for alias, cert in keystore.certs]
ctx = OpenSSL.SSL.Context(OpenSSL.SSL.TLSv1_METHOD)
ctx.use_privatekey(pkey)
ctx.use_certificate(public_cert)
ctx.check_privatekey() # want to know ASAP if there is a problem
cert_store = ctx.get_cert_store()
for cert in trusted_certs:
cert_store.add_cert(cert)
return ctx
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].