Add support for listing keystores without passphrase

[vitalyfilatov]

pyjks doesn't allow to open a keystore without passphrase, this is correct. But what about getting a simple listing of entries in a keystore without providing passphrase?

keytool allows to get some details of a pass-protected keystore without providing passphrase, e.g.:

Alias name: test
Creation date: Jul 15, 2019
Entry type: PrivateKeyEntry
Certificate chain length: 3
Certificate[1]:
Owner: CN=test, OU=ou, O=org, L=loc, C=us
Issuer: CN=cn, O=org, C=us
Serial number: 100
Valid from: Mon Jul 01 14:39:46 2019 until: Tue Jun 30 14:39:46 2020
Certificate fingerprints:
         SHA1: <<censored>>
         SHA256: <<censored>>
Signature algorithm name: SHA512withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Could you please consider adding support of keystore listing w/o passphrase like keytool does?

[mahmoud]

Hi Vitaly, thanks for the question. First, pyjks is a library, not an application like keytool. So, there are a few ways to use it, including without a passphrase. I think it may be possible to do what you want with pyjks now. See this alternate constructor.

If you pass store_password=None and try_decrypt_keys=False, you should be able to get back a keystore with entries populated. If that doesn't work, I'd be happy to help review a PR that gets to to a working state.

[vitalyfilatov]

Hi Mahmoud,

Thank you very much for the tip.