SSL==java从CER读取公钥和证书信息,从PFX读取证书公钥私钥并加解密
一个java开发
帮助1人
参照以上两篇文章,生成PFX证书,并且读取出公钥私钥,此时是带着换行符的,将换行符去掉用留存来和后面代码读取出来的进行对比。
-
-
import javax.crypto.Cipher;
-
import java.io.FileInputStream;
-
import java.security.KeyFactory;
-
import java.security.KeyStore;
-
import java.security.PrivateKey;
-
import java.security.PublicKey;
-
import java.security.cert.Certificate;
-
import java.security.spec.PKCS8EncodedKeySpec;
-
import java.security.spec.X509EncodedKeySpec;
-
import java.util.Base64;
-
import java.util.Enumeration;
-
-
-
public class ReadPFX {
-
public static void main(String[] args) throws Exception {
-
//PFX存放的地址
-
String strPfx = "C:\\test.pfx";
-
//生成PFX文件时输入的密码
-
String strPassword = "123456";
-
KeyStore ks = KeyStore.getInstance("PKCS12");
-
FileInputStream fis = new FileInputStream(strPfx);
-
char[] nPassword = null;
-
if ((strPassword == null) || strPassword.trim().equals("")) {
-
nPassword = null;
-
} else {
-
nPassword = strPassword.toCharArray();
-
}
-
ks.load(fis, nPassword);
-
fis.close();
-
System.out.println("keystore type=" ks.getType());
-
Enumeration enumas = ks.aliases();
-
String keyAlias = null;
-
if (enumas.hasMoreElements())// we are readin just one certificate.
-
{
-
keyAlias = (String) enumas.nextElement();
-
System.out.println("alias=[" keyAlias "]");
-
}
-
// Now once we know the alias, we could get the keys.
-
System.out.println("is key entry=" ks.isKeyEntry(keyAlias));
-
PrivateKey prikey = (PrivateKey) ks.getKey(keyAlias, nPassword);
-
Certificate cert = ks.getCertificate(keyAlias);
-
PublicKey pubkey = cert.getPublicKey();
-
System.out.println("cert class = " cert.getClass().getName());
-
System.out.println("cert = " cert);
-
-
Base64.Encoder encoder = Base64.getEncoder();
-
-
//使用java代码从PFX读取到的公钥私钥是没有带换行符的
-
System.out.println("public key = " pubkey);
-
String publicKeyString = encoder.encodeToString(pubkey.getEncoded());
-
System.out.println("-----------------公钥--------------------");
-
System.out.println(publicKeyString);
-
System.out.println("-----------------公钥--------------------");
-
-
-
System.out.println("private key = " prikey);
-
String prikeyString = encoder.encodeToString(prikey.getEncoded());
-
System.out.println("-----------------私钥--------------------");
-
System.out.println(prikeyString);
-
System.out.println("-----------------私钥--------------------");
-
-
//使用openssl从PFX中读取到的私钥,此时是带着换行符的。
-
/**从pfx提取密钥信息,并转换为key格式(pfx使用pkcs12模式补足)
-
(1)提取密钥对
-
openssl pkcs12 -in test.pfx -nocerts -nodes -out 1.key
-
//如果pfx证书已加密,会提示输入密码。如果cer证书没有安装,则密码没法验证
-
(2)从密钥对提取私钥
-
openssl rsa -in 1.key -out 1_pri.key
-
(3)从密钥对提取公钥
-
openssl rsa -in 1.key -pubout -out 1_pub.key
-
(4)因为RSA算法使用的是pkcs8模式补足,需要对提取的私钥进一步处理
-
openssl pkcs8 -topk8 -inform PEM -in 1_pri.key -outform PEM -nocrypt
-
复制窗口中生成的密钥,保存为1_pri_pkcs8.key
-
(5)得到密钥对1_pri_pkcs8.key和1_pub.keyopenssl pkcs12 -in test.pfx -nocerts -nodes -out 1.key
-
*/
-
String privateKeyFromCA = "888888888888888888\n"
-
"888888888888888888";
-
String replace = privateKeyFromCA.replace("\n", "");
-
System.out.println(replace);
-
-
//使用读取到的公钥和私钥进行加解密
-
String src = "6666666需要加解密6666666666666666";
-
System.out.println("\n");
-
String s1 = decryptByPrivateKey(prikeyString, encryptByPublicKey(publicKeyString, src));
-
System.out.println(s1);
-
}
-
-
/**
-
* 公钥加密
-
*
-
* @param publicKeyText
-
* @param text
-
* @return
-
*/
-
public static String encryptByPublicKey(String publicKeyText, String text) throws Exception {
-
X509EncodedKeySpec x509EncodedKeySpec2 = new X509EncodedKeySpec(org.apache.commons.codec.binary.Base64.decodeBase64(publicKeyText));
-
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
-
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec2);
-
Cipher cipher = Cipher.getInstance("RSA");
-
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
-
byte[] result = cipher.doFinal(text.getBytes());
-
return org.apache.commons.codec.binary.Base64.encodeBase64String(result);
-
}
-
-
/**
-
* 私钥解密
-
*
-
* @param privateKeyText
-
* @param text
-
* @return
-
* @throws Exception
-
*/
-
public static String decryptByPrivateKey(String privateKeyText, String text) throws Exception {
-
PKCS8EncodedKeySpec pkcs8EncodedKeySpec5 = new PKCS8EncodedKeySpec(org.apache.commons.codec.binary.Base64.decodeBase64(privateKeyText));
-
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
-
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec5);
-
Cipher cipher = Cipher.getInstance("RSA");
-
cipher.init(Cipher.DECRYPT_MODE, privateKey);
-
byte[] result = cipher.doFinal(org.apache.commons.codec.binary.Base64.decodeBase64(text));
-
return new String(result);
-
}
-
}
然后通过可以与openssl读取出的进行对比,发现是一样的。然后参照下一篇文章用公钥私钥进行加密解密
这篇好文章是转载于:学新通技术网
- 版权申明: 本站部分内容来自互联网,仅供学习及演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,请提供相关证据及您的身份证明,我们将在收到邮件后48小时内删除。
- 本站站名: 学新通技术网
- 本文地址: /boutique/detail/tanhgaeeaa
系列文章
更多
同类精品
更多
-
photoshop保存的图片太大微信发不了怎么办
PHP中文网 06-15 -
Android 11 保存文件到外部存储,并分享文件
Luke 10-12 -
word里面弄一个表格后上面的标题会跑到下面怎么办
PHP中文网 06-20 -
《学习通》视频自动暂停处理方法
HelloWorld317 07-05 -
photoshop扩展功能面板显示灰色怎么办
PHP中文网 06-14 -
微信公众号没有声音提示怎么办
PHP中文网 03-31 -
怎样阻止微信小程序自动打开
PHP中文网 06-13 -
excel下划线不显示怎么办
PHP中文网 06-23 -
excel打印预览压线压字怎么办
PHP中文网 06-22 -
photoshop蒙版画笔没反应怎么办
PHP中文网 06-24
