KeyStore Explorer – OSS Update

A month ago I wrote about a new owner having been identified for KeyStore Explorer (KSE). This post comprises an interim update on the new owner’s progress in taking over the application.

The new owner has been very busy over the last four weeks and has, in a relatively short space of time, removed all impediments to open sourcing the code base. This involved replacing a third party ASN.1 library (which was used extensively by KSE) with calls to Bouncy Castle.

In addition most of KSE’s icons were sourced from the commercial Icon Experience set. The new owner has replaced these icons with the Fugue set created by Yusuke Kamiyamane.

The new icons give the application a new look:

Click to Enlarge

Click to Enlarge

We have have also settled on an OSS license we are both comfortable with: GPL v3.

Upcoming work by the new owner will complete my unfinished work on new features for version 4.2 and perhaps add a few more items of functionality.

There is still a lot of work to be done but I am confident that KSE is in good hands.

Explore posts in the same categories: KeyStore Explorer, Open Source


You can comment below, or link to this permanent URL from your own site.

6 Comments on “KeyStore Explorer – OSS Update”

  1. Phillip Says:

    I have heard Java doesn’t have that great of a RNG. So how safe is using KSE for generating certs? If it is true that java doesn’t have good random numbers doesn’t that make it inadequate for certificate generation?

  2. eckes/Bernd Says:

    First of all: Congrats on the new Owner and the progress, thats big news.

    Regarding the State of Randomness in Java there are some problems with SecureRandom in Oracle or OpenJDK Java. They are not so critical for every day usage, but generating keys (especially with 256bit) is another thing. A good writeup (before some fixes have been implemented) can be found here:

    There are some PRNG implementations which have a larger state and also are better useable with untrusted entropy sources. Fortuna is one – there was a discussion to inlcude it in BC, but I am not sure what its current state is. There are GPL stand alone versions available.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: