package com.hgh.javase.security;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.util.Enumeration;
public class ReadPFX {
public ReadPFX (){
}
//转换成十六进制字符串
public static String Byte2String(byte[] b) {
String hs="";
String stmp="";
for (int n=0;n<b.length;n++) {
stmp=(java.lang.Integer.toHexString(b[n] & 0XFF));
if (stmp.length()==1) hs=hs+"0"+stmp;
else hs=hs+stmp;
//if (n<b.length-1) hs=hs+":";
}
return hs.toUpperCase();
}
public static byte[] StringToByte(int number) {
int temp = number;
byte[] b=new byte[4];
for (int i=b.length-1;i>-1;i--){
b[i] = new Integer(temp&0xff).byteValue();//将最高位保存在最低位
temp = temp >> 8; //向右移8位
}
return b;
}
public PrivateKey GetPvkformPfx(String strPfx, String strPassword){
try {
KeyStore ks = KeyStore.getInstance("PKCS12");
FileInputStream fis = new FileInputStream(strPfx);
// If the keystore password is empty(""), then we have to set
// to null, otherwise it won't work!!!
char[] nPassword = null;
if ((strPassword == null) || strPassword.trim().equals("")){
nPassword = null;
}
else
{
nPassword = strPassword.toCharArray();
}
ks.load(fis, nPassword);
fis.close();
System.out.println("keystore type=" + ks.getType());
// Now we loop all the aliases, we need the alias to get keys.
// It seems that this value is the "Friendly name" field in the
// detals tab <-- Certificate window <-- view <-- Certificate
// Button <-- Content tab <-- Internet Options <-- Tools menu
// In MS IE 6.
Enumeration enumas = ks.aliases();
String keyAlias = null;
if (enumas.hasMoreElements())// we are readin just one certificate.
{
keyAlias = (String)enumas.nextElement();
System.out.println("alias=[" + keyAlias + "]");
}
// Now once we know the alias, we could get the keys.
System.out.println("is key entry=" + ks.isKeyEntry(keyAlias));
PrivateKey prikey = (PrivateKey) ks.getKey(keyAlias, nPassword);
Certificate cert = ks.getCertificate(keyAlias);
PublicKey pubkey = cert.getPublicKey();
System.out.println("cert class = " + cert.getClass().getName());
System.out.println("cert = " + cert);
System.out.println("public key = " + pubkey);
System.out.println("private key = " + prikey);
return prikey;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public static void main(String[] args) throws Exception {
String strPfx = "G:\\workspaceOfJava\\javaSe_test\\testfile\\联想测试pfx证书-密码123.pfx";
String strPassword ="123";
KeyStore ks = KeyStore.getInstance("PKCS12");
FileInputStream fis = new FileInputStream(strPfx);
// If the keystore password is empty(""), then we have to set
// to null, otherwise it won't work!!!
char[] nPassword = null;
if ((strPassword == null) || strPassword.trim().equals("")){
nPassword = null;
}
else
{
nPassword = strPassword.toCharArray();
}
ks.load(fis, nPassword);
fis.close();
System.out.println("keystore type=" + ks.getType());
// Now we loop all the aliases, we need the alias to get keys.
// It seems that this value is the "Friendly name" field in the
// detals tab <-- Certificate window <-- view <-- Certificate
// Button <-- Content tab <-- Internet Options <-- Tools menu
// In MS IE 6.
Enumeration enumas = ks.aliases();
String keyAlias = null;
if (enumas.hasMoreElements())// we are readin just one certificate.
{
keyAlias = (String)enumas.nextElement();
System.out.println("alias=[" + keyAlias + "]");
}
// Now once we know the alias, we could get the keys.
System.out.println("is key entry=" + ks.isKeyEntry(keyAlias));
PrivateKey prikey = (PrivateKey) ks.getKey(keyAlias, nPassword);
Certificate cert = ks.getCertificate(keyAlias);
PublicKey pubkey = cert.getPublicKey();
System.out.println("cert class = " + cert.getClass().getName());
System.out.println("cert = " + cert);
System.out.println("public key = " + pubkey);
System.out.println("private key = " + prikey);
}
}
keystore type=PKCS12
alias=[51d5a154-415e-4b1b-a055-bb37858ca95a]
is key entry=true
cert class = sun.security.x509.X509CertImpl
cert = [
[
Version: V3
Subject: O="iTrusChina Co.,Ltd.", OU=Lenovo Project, CN=测试证书20180223, OU=QXCD - 33333, OU=TaxCD - 22222, OU=AgencyID - 11111, EMAILADDRESS=13076684@q123123.com
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: 22657557413401284100317094122201793054162429174129431065947590647854190906608370581286403391341087763841097975687068701429936152897071539889422949403226598003536587449975692615847706829935556655811895258170702116834985572238495571627042731572846922335830615637175517376649775332008195580962533786663755913965907159282213259680423901869255714119163043711206221551766213650295141599478801968859399127722270154565860981431180272488351937142179175776325777949972384300433866258071941139117596804563616993083186036901020114838205796878318295684796020281687231710152726135818054983898634643653967742508133763124702016417333
public exponent: 65537
Validity: [From: Fri Feb 23 16:02:18 CST 2018,
To: Sat Feb 23 16:02:18 CST 2019]
Issuer: CN=iTrusChina Class 2 Enterprise Subscriber CA - G3, OU=China Trust Network, O=iTrusChina, C=CN
SerialNumber: [ 3d94cfc7 94b6bec0 90f6a2ac 8c3f270b ee9bddc7]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
[2]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://topca.itrus.com.cn/public/itruscrl?CA=2C1D97288DE14F85C6640698FB24739AF47DFD1A]
]]
[3]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 5B EE E7 0C 11 FF 50 0E 04 8F B8 09 7F F7 BF 0E [.....P.........
0010: A5 5C B6 BB F7 78 DE EC AF 32 9A C1 02 9A 7B 5E .\...x...2.....^
0020: 23 19 9D 8D 8C 47 16 0B AA F0 92 EF 29 51 5B 3E #....G......)Q[>
0030: 03 E5 4F 18 86 DC ED 4C 63 29 3B E6 06 7A 1C 92 ..O....Lc);..z..
0040: 20 1D 60 2B 42 C5 C3 B6 98 61 A0 8E 20 FF 0F 33 .`+B....a.. ..3
0050: CA F0 32 C8 8B 2C 64 D7 99 4F FC 4F 98 22 4E D3 ..2..,d..O.O."N.
0060: 6A E3 0E F8 A7 2D 04 AD 37 39 23 4C 21 09 C4 8F j....-..79#L!...
0070: 9D 7E 4D 5B 5C C9 25 4F BB EC 6F 80 C8 B8 F0 CE ..M[\.%O..o.....
0080: BD D8 E6 E5 88 88 DB 7B BA 64 E2 57 E3 0F ED 55 .........d.W...U
0090: 74 A6 77 AD 9F CC 78 07 BD 69 7E 6C D3 B5 7E BE t.w...x..i.l....
00A0: 0D DF 47 40 D0 BE 00 08 F5 3B AE C6 70 0B BB DD ..G@.....;..p...
00B0: 51 50 20 3F CF AD 96 BC 69 0B B3 F3 02 16 D3 DE QP ?....i.......
00C0: 31 7B 78 A2 92 C3 00 E1 24 22 39 41 F6 BD 31 7C 1.x.....$"9A..1.
00D0: 8A 1B 73 0E 59 23 2A 2E 6C 9A 34 8B CB 2F E8 24 ..s.Y#*.l.4../.$
00E0: 33 07 19 8B 55 D6 5E C9 A5 92 F2 CB 38 1E 37 3F 3...U.^.....8.7?
00F0: B0 20 0C 64 60 03 17 4C C9 CE 7E 67 C5 98 BF F3 . .d`..L...g....
]
public key = Sun RSA public key, 2048 bits
modulus: 22657557413401284100317094122201793054162429174129431065947590647854190906608370581286403391341087763841097975687068701429936152897071539889422949403226598003536587449975692615847706829935556655811895258170702116834985572238495571627042731572846922335830615637175517376649775332008195580962533786663755913965907159282213259680423901869255714119163043711206221551766213650295141599478801968859399127722270154565860981431180272488351937142179175776325777949972384300433866258071941139117596804563616993083186036901020114838205796878318295684796020281687231710152726135818054983898634643653967742508133763124702016417333
public exponent: 65537
private key = sun.security.rsa.RSAPrivateCrtKeyImpl@9f22d
扫一扫
247
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
