证书,加密的相关知识可以参考阮一峰的密码学笔记和数字签名是什么
代码中使用的demo.p12使用jdk自带的keytool证书生成,私钥密码为123456
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.util.Enumeration;
import javax.crypto.Cipher;
public class ReadP12Cert {
@SuppressWarnings("unchecked")
public static void main(String[] args) {
final String KEYSTORE_FILE = "demo.p12";
final String KEYSTORE_PASSWORD = "123456";
try {
KeyStore ks = KeyStore.getInstance("PKCS12");
FileInputStream fis = new FileInputStream(KEYSTORE_FILE);
char[] nPassword = null;
if ((KEYSTORE_PASSWORD == null)|| KEYSTORE_PASSWORD.trim().equals("")) {
nPassword = null;
} else {
nPassword = KEYSTORE_PASSWORD.toCharArray();
}
ks.load(fis, nPassword);
fis.close();
System.out.println("keystore type = " + ks.getType());
Enumeration enuml = ks.aliases();
String keyAlias = null;
if (enuml.hasMoreElements()) {
keyAlias = (String) enuml.nextElement();
System.out.println("alias=[" + keyAlias + "]");
}
System.out.println("is key entry = " + ks.isKeyEntry(keyAlias));
PrivateKey prikey = (PrivateKey) ks.getKey(keyAlias, nPassword);
Certificate cert = ks.getCertificate(keyAlias);
PublicKey pubkey = cert.getPublicKey();
byte[] msg = "This is a demo!".getBytes("UTF8"); // 待加解密的消息
Cipher c1 = Cipher.getInstance("RSA/ECB/PKCS1Padding"); // 定义算法:RSA
c1.init(Cipher.ENCRYPT_MODE, pubkey);
byte[] msg1 = c1.doFinal(msg); // 加密后的数据
System.out.println("加密后的数据----"+new String(msg1, "UTF8"));
Cipher c2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
c2.init(Cipher.DECRYPT_MODE, prikey);
byte[] msg2 = c2.doFinal(msg1); // 解密后的数据
// 打印解密字符串
System.out.println("解密后的数据----"+new String(msg2, "UTF8")); // 将解密数据转为字符串
System.out.println(prikey.toString());
System.out.println(pubkey.toString());
} catch (Exception e) {
e.printStackTrace();
}
}
}