系统要求
1. Windows系统、Linux系统、Mac系统
2. JDK7及以上
3. 调用大宝CA的JCE库
4. JDK使用无限制的安全策略文件
PEM证书和私钥导入DCKS文件的核心代码
public String importCertAndPrivateKeyPEM(String sm2PublicKeyPEMFilepath, String sm2PrivateKeyPEMFilepath, char[] priKeyPassword, String alias)
{
InputStream bis1 = null;
InputStream bis2 = null;
X509Certificate cert = null;
try
{
bis1 = new FileInputStream(new File(sm2PublicKeyPEMFilepath));
CertificateFactory cf = CertificateFactory.getInstance("X509", DoubleCA.PROVIDER_NAME);
cert = (X509Certificate)cf.generateCertificate(bis1);
if (alias == null)
{
alias = DnComponents.stringToBCDNString(((X509Certificate)cert).getSubjectDN().getName());
}
PublicKey sm2PublicKey = cert.getPublicKey();
bis2 = new FileInputStream(new File(sm2PrivateKeyPEMFilepath));
int bufferLen = bis2.available();
byte[] bufferTemp = new byte[bufferLen];
bis2.read(bufferTemp);
String strtemp = new String(bufferTemp);
strtemp = strtemp.replaceAll("-----BEGIN PRIVATE KEY-----", "");
strtemp = strtemp.replaceAll("-----END PRIVATE KEY-----", "");
byte[] privateKeyBytes = Base64.decode(strtemp);
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
KeyFactory factory = KeyFactory.getInstance("SM2");
PrivateKey sm2PrivateKey = factory.generatePrivate(pkcs8EncodedKeySpec);
KeyPair keyPair = new KeyPair(sm2PublicKey, sm2PrivateKey);
X509Certificate[] chain = new X509Certificate[1];
chain[0] = cert;
if (alias == null || alias.length() <= 0)
{
alias = DnComponents.stringToBCDNString(chain[0].getSubjectDN().getName());
}
keyStore.setKeyEntry(alias, keyPair.getPrivate(), priKeyPassword, chain);
}
catch(Exception ex)
{
ex.printStackTrace();
alias = null;
}
finally
{
try
{
bis1.close();
}
catch(Exception ex)
{
}
try
{
bis2.close();
}
catch(Exception ex)
{
}
}
return alias;
}
最新版本大宝CA国密JCE的JAR包和示例代码下载地址:https://download.csdn.net/download/upset_ming/11866671