(一)目录结构
(二)PKCS12转JKS
package com.sslserver;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Enumeration;
public class ConvertPKCS12ToJKS {
//certificate store format
public static final String PKCS12 = "PKCS12";
public static final String JKS = "KEYSTORE";
// PKCS12 keystore propert
public static final String INPUT_KEYSTORE_FILE = "src/com/data/client.p12"; //"cert/dev_coo1.p12";
public static final String KEYSTORE_PASSWORD = "12345678"; //vc端的密码
// JKS output file
public static final String OUTPUT_KEYSTORE_FILE = "src/com/data/client.keystore";
public static void main(String[] args)
{
try
{
KeyStore inputKeyStore = KeyStore.getInstance("PKCS12");
FileInputStream fis = new FileInputStream(INPUT_KEYSTORE_FILE);
// If the keystore password is empty(""), then we have to set
// to null, otherwise it won't work!!!
char[] nPassword = null;
if ((KEYSTORE_PASSWORD == null) || KEYSTORE_PASSWORD.trim().equals(""))
{
nPassword = null;
}
else
{
nPassword = KEYSTORE_PASSWORD.toCharArray();
}
inputKeyStore.load(fis, nPassword);
fis.close();
System.out.println("keystore type=" + inputKeyStore.getType());
//----------------------------------------------------------------------
// get a JKS keystore and initialize it.
KeyStore outputKeyStore = KeyStore.getInstance("JKS");
outputKeyStore.load(null, "changeit".toCharArray());
// Now we loop all the aliases, we need the alias to get keys.
// It seems that this value is the "Friendly name" field in the
// detals tab <-- Certificate window <-- view <-- Certificate
// Button <-- Content tab <-- Internet Options <-- Tools menu
// In MS IE 6.
Enumeration<String> enumer = inputKeyStore.aliases();
while (enumer.hasMoreElements()) // we are readin just one certificate.
{
String keyAlias = (String)enumer.nextElement();
System.out.println("alias=[" + keyAlias + "]");
if (inputKeyStore.isKeyEntry(keyAlias))
{
Key key = inputKeyStore.getKey(keyAlias, nPassword);
Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias);
outputKeyStore.setKeyEntry("dev", key, "changeit".toCharArray(), certChain);
}
}
FileOutputStream out = new FileOutputStream(OUTPUT_KEYSTORE_FILE);
outputKeyStore.store(out, nPassword);
out.close();
}
catch (Exception e)
{
e.printStackTrace();
}
}
}
(三)PKCS12转BKS
package com.sslserver;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.Security;
import java.util.Enumeration;
public class covertPFXToBKS {
public static final String PKCS12 = "PKCS12";
public static final String BKS = "BKS";
// PKCS12 keystore propert
public static final String INPUT_KEYSTORE_FILE = "src/com/data/client.p12"; //"cert/dev_coo1.p12";
public static final String pfxPasswd = "12345678"; //vc端的密码
// JKS output file
public static final String OUTPUT_KEYSTORE_FILE = "src/com/data/client.bks";
public static final String jksPasswd = "12345678"; //vc端的密码
public static void main(String[] args) throws Throwable {
FileInputStream fis = null;
try
{
KeyStore inputKeyStore = KeyStore.getInstance("PKCS12");
fis = new FileInputStream(INPUT_KEYSTORE_FILE);
char[] srcPwd = jksPasswd == null ? null : jksPasswd.toCharArray();
char[] destPwd = pfxPasswd == null ? null : pfxPasswd.toCharArray();
inputKeyStore.load(fis, srcPwd);
KeyStore outputKeyStore = KeyStore.getInstance("BKS",
new org.bouncycastle.jce.provider.BouncyCastleProvider());
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
Enumeration<String> enums = inputKeyStore.aliases();
while (enums.hasMoreElements())
{
String keyAlias = (String) enums.nextElement();
System.out.println("alias=[" + keyAlias + "]");
outputKeyStore.load(null, destPwd);
if (inputKeyStore.isKeyEntry(keyAlias))
{
Key key = inputKeyStore.getKey(keyAlias, srcPwd);
java.security.cert.Certificate[] certChain = inputKeyStore
.getCertificateChain(keyAlias);
outputKeyStore.setKeyEntry(keyAlias, key, destPwd,
certChain);
}
//String fName = OUTPUT_KEYSTORE_FILE + "_" + keyAlias + ".bks";
String fName = OUTPUT_KEYSTORE_FILE;
FileOutputStream out = new FileOutputStream(fName);
outputKeyStore.store(out, destPwd);
out.close();
outputKeyStore.deleteEntry(keyAlias);
}
} finally
{
try
{
if (fis != null)
{
fis.close();
}
} catch (Exception e)
{
e.printStackTrace();
}
}
}
}