JKS和PKCS12两种格式证书互转代码如下:
来源:互联网 发布:网络课和直播课的区别 编辑:程序博客网 时间:2024/06/05 07:55
JKS和PKCS12两种格式证书互转代码如下:
import java.io.FileInputStream;import java.io.FileOutputStream;import java.security.Key;import java.security.KeyStore;import java.security.PrivateKey;import java.security.cert.Certificate;import java.util.Enumeration;import sun.security.util.ObjectIdentifier;import sun.security.x509.CertificateExtensions;import sun.security.x509.CertificateIssuerName;import sun.security.x509.Extension;import sun.security.x509.X500Name;import sun.security.x509.X509CertImpl;import sun.security.x509.X509CertInfo;public class KeyStoreConv { /** * 从PKCS12格式转换为JKS格式 * @param srcFile String PKCS12格式的证书库 * @param srcPasswd String PKCS12格式的证书库密码 * @param destFile String JKS格式的证书库 * @param destPasswd String JKS格式的证书库密码 */ public void PKCS12ToJKS(String srcFile, String srcPasswd, String destFile, String destPasswd){ try { KeyStore inputKeyStore = KeyStore.getInstance("PKCS12"); FileInputStream fis = new FileInputStream(srcFile); char[] srcPwd = null, destPwd = null; if ((srcPasswd == null) || srcPasswd.trim().equals("")) { srcPwd = null; } else { srcPwd = srcPasswd.toCharArray(); } if ((destPasswd == null) || destPasswd.trim().equals("")) { destPwd = null; } else { destPwd = destPasswd.toCharArray(); } inputKeyStore.load(fis, srcPwd); fis.close(); KeyStore outputKeyStore = KeyStore.getInstance("JKS"); outputKeyStore.load(null, destPwd); Enumeration enums = inputKeyStore.aliases(); while (enums.hasMoreElements()) { String keyAlias = (String) enums.nextElement(); System.out.println("alias=[" + keyAlias + "]"); if (inputKeyStore.isKeyEntry(keyAlias)) { Key key = inputKeyStore.getKey(keyAlias, srcPwd); Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias); outputKeyStore.setKeyEntry(keyAlias, key, destPwd, certChain); } } FileOutputStream out = new FileOutputStream(destFile); outputKeyStore.store(out, destPwd); out.close(); } catch (Exception ex) { ex.printStackTrace(); } } /** * 从JKS格式转换为PKCS12格式 * @param srcFile String JKS格式证书库 * @param srcPasswd String JKS格式证书库密码 * @param destFile String PKCS12格式证书库 * @param destPasswd String PKCS12格式证书库密码 */ public void JSKToPKCS12(String srcFile, String srcPasswd, String destFile, String destPasswd){ try { KeyStore inputKeyStore = KeyStore.getInstance("JKS"); FileInputStream fis = new FileInputStream(srcFile); char[] srcPwd = null, destPwd = null; if ((srcPasswd == null) || srcPasswd.trim().equals("")) { srcPwd = null; } else { srcPwd = srcPasswd.toCharArray(); } if ((destPasswd == null) || destPasswd.trim().equals("")) { destPwd = null; } else { destPwd = destPasswd.toCharArray(); } inputKeyStore.load(fis, srcPwd); fis.close(); KeyStore outputKeyStore = KeyStore.getInstance("PKCS12"); Enumeration enums = inputKeyStore.aliases(); while (enums.hasMoreElements()) { String keyAlias = (String) enums.nextElement(); System.out.println("alias=[" + keyAlias + "]"); outputKeyStore.load(null, destPwd ); if (inputKeyStore.isKeyEntry(keyAlias)) { Key key = inputKeyStore.getKey(keyAlias, srcPwd); Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias); byte[] encoded = certChain[0].getEncoded(); X509CertImpl certImpl = new X509CertImpl(encoded); X509CertInfo certInfo = (X509CertInfo) certImpl .get(X509CertImpl.NAME + "." + X509CertImpl.INFO); ObjectIdentifier oid = new ObjectIdentifier("2.5.29.37"); ObjectIdentifier oid2 = new ObjectIdentifier("2.5.29.15"); Extension e1 = certImpl.getExtension(oid); Extension e2 = certImpl.getExtension(oid2); CertificateExtensions ce = new CertificateExtensions(); ce.set("2.5.29.37", e1); ce.set("2.5.29.15", e2); certInfo.delete("extensions"); certInfo.set("extensions", ce); X509CertImpl newCert = new X509CertImpl(certInfo); newCert.sign((PrivateKey)key, "SHA1WithRSA"); outputKeyStore.setKeyEntry(keyAlias, key, destPwd, new java.security.cert.Certificate[] { newCert }); } FileOutputStream out = new FileOutputStream(destFile); outputKeyStore.store(out, destPwd); out.close(); outputKeyStore.deleteEntry(keyAlias); } } catch (Exception e) { e.printStackTrace(); } } public void conver(String file,String password,String keystoreFile) { try { String caAlias = "caAlias"; String certToSignAlias = "cert"; String newAlias = "newAlias"; FileInputStream input = new FileInputStream(file); KeyStore keyStore = KeyStore.getInstance("JKS"); keyStore.load(input, password.toCharArray()); input.close(); Enumeration enums = keyStore.aliases(); while (enums.hasMoreElements()) { String keyAlias = (String) enums.nextElement(); PrivateKey caPrivateKey = (PrivateKey) keyStore.getKey(keyAlias, password.toCharArray()); java.security.cert.Certificate caCert = keyStore.getCertificate(caAlias); byte[] encoded = caCert.getEncoded(); X509CertImpl caCertImpl = new X509CertImpl(encoded); } PrivateKey caPrivateKey = (PrivateKey) keyStore.getKey(caAlias, password.toCharArray()); java.security.cert.Certificate caCert = keyStore.getCertificate(caAlias); byte[] encoded = caCert.getEncoded(); X509CertImpl caCertImpl = new X509CertImpl(encoded); X509CertInfo caCertInfo = (X509CertInfo) caCertImpl.get(X509CertImpl.NAME + "." + X509CertImpl.INFO); X500Name issuer = (X500Name) caCertInfo.get(X509CertInfo.SUBJECT + "." + CertificateIssuerName.DN_NAME); java.security.cert.Certificate cert = keyStore.getCertificate(certToSignAlias); PrivateKey privateKey = (PrivateKey) keyStore.getKey(certToSignAlias, password.toCharArray()); encoded = cert.getEncoded(); X509CertImpl certImpl = new X509CertImpl(encoded); X509CertInfo certInfo = (X509CertInfo) certImpl .get(X509CertImpl.NAME + "." + X509CertImpl.INFO);// Date firstDate = new Date();// Date lastDate = new Date(firstDate.getTime() + 365 * 24 * 60 * 60 * 1000L);// CertificateValidity interval = new CertificateValidity(firstDate, lastDate); //// certInfo.set(X509CertInfo.VALIDITY, interval); //// certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(// (int) (firstDate.getTime() / 1000))); //// certInfo.set(X509CertInfo.ISSUER + "." + CertificateSubjectName.DN_NAME, issuer); //// AlgorithmId algorithm = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);// certInfo.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algorithm); X509CertImpl newCert = new X509CertImpl(certInfo); newCert.sign(caPrivateKey, "MD5WithRSA"); keyStore.setKeyEntry(newAlias, privateKey, password.toCharArray(), new java.security.cert.Certificate[] { newCert }); // JSKToPKCS12(); FileOutputStream output = new FileOutputStream(keystoreFile); keyStore.store(output, password.toCharArray()); output.close(); } catch(Exception e) { System.out.println(e.getMessage()); } }public static void main(String[] args) { KeyStoreConv c = new KeyStoreConv(); c.JSKToPKCS12("D:\\radius.keystore2", "password2", "D:\\radius.pfx", "password1"); // String flag = "P2J"; // if(args.length<5) { // System.out.println("用法:"); // System.out.println(" KeyStoreConv <转换标志> <源证书库文件名> <源证书库密码> <目标证书库文件名> <目标证书库密码>"); // System.out.println(" 转换标志: P2J -- 从PKCS12转换为JKS格式"); // System.out.println(" J2P -- 从JKS转换为PKCS12格式"); // System.out.println(" 注意: 1、如果从JKS转换为PKCS12且源JKS中有多个密钥对或证书,则每个密钥对或证书单独保存为一个文件。"); // }else{ // flag = args[0].toUpperCase(); // if (!(flag.equals("P2J") || flag.equals("J2P"))) flag = "P2J"; // // KeyStoreConv c = new KeyStoreConv(); // if (flag.equals("P2J")) { // c.PKCS12ToJKS(args[1], args[2], args[3], args[4]); // } else { // c.JSKToPKCS12(args[1], args[2], args[3], args[4]); // } // } } }
0 0
- JKS和PKCS12两种格式证书互转代码如下:
- linux tomcat7 配置证书(JKS和PKCS12格式)
- PKCS12转JKS和PKCS12转BKS
- jks转为pkcs12格式
- JKS、BKS、PKCS12证书之间转换
- JKS、BKS、PKCS12证书之间转换
- JKS、BKS、PKCS12证书之间转换
- jks与pkcs12格式的keystore互转
- JKS和PKCS12密钥容器相互转换
- PFX证书转JKS证书和java证书常用操作
- PFX证书转JKS证书和java证书常用操作
- pfx证书转jks
- PFX 证书 转 jks 证书
- JKS证书申请,转换为PEM格式
- JKS、BKS、PFX证书格式之间转换
- Tomcat使用JKS格式证书配置HTTPS
- 制作jks、pkcs12的keystore
- 将PKCS12文件转成JKS
- POJ 2185 Milking Grid
- Android 自动化测试—robotium(二)初识
- 请求大神看看下面这个是怎么了啊
- jsp获取ip地址
- 【注解】学习自己写注解【@Retention,决定注解存在的时期,@Target决定注解使用的地方】
- JKS和PKCS12两种格式证书互转代码如下:
- poj 3252 Round Numbers(数位dp+组合计数)
- ACM-DFS之SumItUp——hdu1258
- beaglebone black EZSDK linux从EMMC中启动一
- jquery里面的trigger和triggerHandler的区别
- android开发笔记之Instrumentation一个小应用
- vs2012 俄罗斯方块游戏
- 最速下降法
- 3.为自定义控件添加属性