All geek questions in one place

How to view the contents of cacerts.bks (certificate file / system / etc / security / carcerts.bks)

Does anyone know how to view a list of root certificates supported by an Android device? I would like to see this information.

I found that it /system/etc/security/carcerts.bkscontains information about root certificates, but I cannot decrypt the contents using any available editors.

I also tried KeyTool but couldn't handle it.

Please suggest how to decode the contents of this file.

Hi,

Durga

+3
source share
3 answers

keytool -list -v -keystore "cacerts.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "bcprov-jdk16-146.jar" -storetype BKS -storepass ""

+10

You can get a list of installed certificates on an Android device from the code: In your onCreate () method, enter this code:

For pre IceCream Sandwich devices (API <14):

TrustManagerFactory tmf;
    try {
        tmf = TrustManagerFactory.getInstance(TrustManagerFactory
                .getDefaultAlgorithm());

        tmf.init((KeyStore) null);

        X509TrustManager xtm = (X509TrustManager) tmf.getTrustManagers()[0];
        for (X509Certificate cert : xtm.getAcceptedIssuers()) {
            String certStr = "S:" + cert.getSubjectDN().getName() + "\nI:"
                    + cert.getIssuerDN().getName();
            Log.d(LOG_TAG, certStr);
        }
    } catch (NoSuchAlgorithmException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (KeyStoreException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }

For devices with Android 4.0 and higher (API> = 14):

try 
    {
        KeyStore ks = KeyStore.getInstance("AndroidCAStore");
        if (ks != null) 
        {
            ks.load(null, null);
            Enumeration aliases = ks.aliases();
            while (aliases.hasMoreElements()) 
            {
                String alias = (String) aliases.nextElement();
                java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate) ks.getCertificate(alias);

                Log.d(LOG_TAG, cert.getIssuerDN().getName());
            }
        }
    } catch (IOException e) {
        e.printStackTrace();
    } catch (KeyStoreException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (java.security.cert.CertificateException e) {
        e.printStackTrace();
    }
0
source

Source: https://habr.com/ru/post/1783950/

More articles:


All Articles