Skip to main content

pure python jks file parser

Project description


A pure python Java KeyStore file parser, including private key decryption.

Usage example (transforming an encrypted jks file into an OpenSSL context):
import OpenSSL
import jks

_ASN1 = OpenSSL.crypto.FILETYPE_ASN1

def jksfile2context(jks_file, passphrase):
keystore = jks.KeyStore.load(jks_file, passphrase)
pkey = OpenSSL.crypto.load_privatekey(_ASN1, keystore.private_key.pkey)
trusted_certs = [OpenSSL.crypto.load_certificate(_ASN1, cert.cert)
for cert in keystore.certs]
public_cert = OpenSSL.crypto.load_certificate(
_ASN1, keystore.private_keys[0].cert_chain[0][1])

ctx = OpenSSL.SSL.Context(OpenSSL.SSL.TLSv1_METHOD)
#want to know ASAP if there is a problem with the protected
cert_store = ctx.get_cert_store()
for cert in trusted_certs:
return ctx


The best way to utilize a certificate stored in a jks file up to this point has been
to use the java keytool command to transform to pkcs12, and then openssl to transform to pem.

This is better:

1- no security concerns in passwords going into command line arguments, or unencrypted files being left around

2- no dependency on a JVM

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date (3.2 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page