使用java证书开发包,测试开发用例

package com.xiuye.test;import java.util.Date;import java.util.List;import org.junit.Test;import com.xiuye.cert.DigitalCertificateGenerator;import com.xiuye.cert.bean.KeyStoreInfo;import com.xiuye.cert.bean.SignedCertInfo;public class DCGenTest {@Testpublic void testGenerateCert() {// 生成证书库/证书// 别名,库密码,证书密码,CN,OU,O,L,ST,C,开始时间,有效期限(单位:天),存储路径KeyStoreInfo certInfo = new KeyStoreInfo("荆轲2", "123", "456", "1", "2","3", "4", "5", "6", new Date(), 365, "CurrentTest.pfx");DigitalCertificateGenerator.generatePFX(certInfo);certInfo = new KeyStoreInfo("无名5", "789", "101", "7", "8", "9", "10","11", "12", new Date(), 365, "wuming5.keystore");DigitalCertificateGenerator.generateJKS(certInfo);certInfo = new KeyStoreInfo("无名3", "789", "101", "7", "8", "9", "10","11", "12", new Date(), 365, "wuming3.keystore");DigitalCertificateGenerator.generateJKS(certInfo);System.out.println("testGenerateCert end");}@Testpublic void testAddNewCert() {// 添加新证书到证书库KeyStoreInfo certInfo = new KeyStoreInfo("荆轲6", "123", "456", "1", "2","3", "4", "5", "6", new Date(), 365, "CurrentTest.pfx");DigitalCertificateGenerator.addNewCert2PFX(certInfo);certInfo = new KeyStoreInfo("无名9", "789", "101", "7", "8", "9", "10","11", "12", new Date(), 365, "CurrentTest.keystore");DigitalCertificateGenerator.addNewCert2JKS(certInfo);certInfo = new KeyStoreInfo("无名7", "789", "101", "7", "8", "9", "10","11", "12", new Date(), 365, "CurrentTest.keystore");DigitalCertificateGenerator.addNewCert2JKS(certInfo);System.out.println("testAddNewCert end");}@Testpublic void testExportCert() {// 导出公钥证书cer// 证书库路径,库密码,别名,cer证书路径DigitalCertificateGenerator.exportJKSPublicKeyCertificate("CurrentTest.keystore", "789", "无名3", "wuming3.cer");DigitalCertificateGenerator.exportPFXPublicKeyCertificate("CurrentTest.pfx", "123", "荆轲2", "jingke2.cer");}@Testpublic void testSignCert() {// 根据根证书签发证书// 签发证书的信息SignedCertInfo signedCertInfo = new SignedCertInfo();String s = "中原";signedCertInfo.setC(s);// 签发证书:CsignedCertInfo.setCN(s);// 签发证书:CNsignedCertInfo.setIssuerAlias("无名3");// 证书颁发者别名signedCertInfo.setIssuerAliasPass("101");// 证书颁发者证书密码signedCertInfo.setKeyStorePass("789");// 颁发者的所在证书库signedCertInfo.setKeyStorePath("CurrentTest.keystore");// 颁发者证书库路径signedCertInfo.setL(s);// 签发证书:LsignedCertInfo.setO(s);// 签发证书:OsignedCertInfo.setOU(s);// 签发证书:OUsignedCertInfo.setST(s);// 签发证书:STsignedCertInfo.setSubjectAlias(s);// 使用者证书别名signedCertInfo.setSubjectAliasPass(s);// 使用者证书密码signedCertInfo.setSubjectPath("signed.cer");// 存储签发证书的路径signedCertInfo.setValidity(365 * 2);// 有效期,单位:天System.out.println(signedCertInfo);// 签发证书("中原"的证书),并且存储到证书库("CurrentTest.keystore")DigitalCertificateGenerator.signCertJKSForSubject(signedCertInfo);}}

生成证书/证书库,导出cer证书,签发证书,添加新证书到证书库

package com.xiuye.test;import java.security.InvalidKeyException;import java.security.NoSuchAlgorithmException;import java.security.PrivateKey;import java.security.PublicKey;import javax.crypto.BadPaddingException;import javax.crypto.Cipher;import javax.crypto.IllegalBlockSizeException;import javax.crypto.NoSuchPaddingException;import org.junit.Test;import com.xiuye.cert.util.CertUtil;public class CertUtilTest {@Testpublic void testCertVerifing() {// 验证签发证书的签名// "wuming3.cer"是根证书导出的公钥证书,"signed.cer"是签发的子证书.CertUtil.verifySign("wuming3.cer", "signed.cer");System.out.println("test passed!");}@Testpublic void testCertValidityDays() {// 验证有效期,即证书没有过期,到当前时间有效.CertUtil.verifyValidityDays("wuming3.cer");System.out.println("test passed!");}@Testpublic void testGetAllAliasesInfo() {// 获取证书库中所有证书别名System.out.println(CertUtil.allAliasesInJKS("CurrentTest.keystore","789"));System.out.println(CertUtil.allAliasesInPFX("CurrentTest.pfx", "123"));}@Testpublic void testPublicKeyInCert() {// 获取cer证书的公钥System.out.println(CertUtil.publicKeyInCert("wuming3.cer"));System.out.println("1 := "+ CertUtil.publicKeyInJKS("CurrentTest.keystore","789", "无名3"));System.out.println("2 := "+ CertUtil.publicKeyInPFX("CurrentTest.pfx", "123", "荆轲6"));}@Testpublic void testPrivateKey() {// 根据证书别名,获取证书库中该证书的私钥// 证书库路径,证书库密码,证书别名,证书密码System.out.println(CertUtil.privateKeyInJKS("CurrentTest.keystore","789", "无名3", "101"));System.out.println(CertUtil.privateKeyInPFX("CurrentTest.pfx", "123","荆轲6", "456"));}@Testpublic void testKeyStoreEncodeAndDecode() {// 根据证书库中的证书(私钥公钥),加密解密String msg = "你好啊,奔跑者!";// 用私钥加密byte[] data = CertUtil.encodeByJKSPrivateKey("CurrentTest.keystore","789", "无名3", "101", msg.getBytes());System.out.println(new String(data));// 用公钥解密data = CertUtil.decodeByJKSPublicKey("CurrentTest.keystore", "789","无名3", data);System.out.println(new String(data));System.out.println("==============");data = CertUtil.encodeByJKSPublicKey("CurrentTest.keystore", "789","无名3", msg.getBytes());System.out.println(new String(data));data = CertUtil.decodeByJKSPrivateKey("CurrentTest.keystore", "789","无名3", "101", data);System.out.println(new String(data));System.out.println("==============");data = CertUtil.encodeByPFXPublicKey("CurrentTest.pfx", "123", "荆轲6",msg.getBytes());System.out.println(new String(data));data = CertUtil.decodeByPFXPrivateKey("CurrentTest.pfx", "123", "荆轲6","456", data);System.out.println(new String(data));System.out.println("==============");data = CertUtil.encodeByPFXPublicKey("CurrentTest.pfx", "123", "荆轲6",msg.getBytes());System.out.println(new String(data));data = CertUtil.decodeByPFXPrivateKey("CurrentTest.pfx", "123", "荆轲6","456", data);System.out.println(new String(data));}@Testpublic void testCerFileEncodeAndDecode() {// 公钥证书cer的加密解密String msg = "[无名9, 无名7, 中原, 无名3]";// cer证书加密byte[] encodeBytes = CertUtil.encodeByCert("signed.cer", msg.getBytes());System.out.println(new String(encodeBytes));// 用其相关的私钥解密byte[] decodeBytes = CertUtil.decodeByJKSPrivateKey("CurrentTest.keystore", "789", "中原", "中原", encodeBytes);System.out.println(new String(decodeBytes));System.out.println("=============================");// 用其相关的私钥加密encodeBytes = CertUtil.encodeByJKSPrivateKey("CurrentTest.keystore","789", "中原", "中原", msg.getBytes());System.out.println(new String(encodeBytes));// cer证书解密decodeBytes = CertUtil.decodeByCert("signed.cer", encodeBytes);System.out.println(new String(decodeBytes));}}

cer证书加解密,证书库中证书加解密,验证证书有效期,验证证书签名,获取证书库所有证书别名等.

本文使用证书开发包下载地址(修改版)