package sslSocket;
import javax.crypto.Cipher;
import java.io.FileInputStream;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Base64;
/**
* @ClassName: 证书获取公钥、私钥、加密、解密、加签、验签示例
* @Description:
* @author:
* @date: 2020年07月21日 14:56
* @Copyright:
*/
public class KeyStoreDemo {
public static void main(String[] args) throws Exception {
// keyTool 工具制作使用下面工具
// 1.制作保存公钥信息和私钥信息的jks文件
// keytool -genkeypair -alias mtlks -keyalg RSA -keypass 123456 -keystore E:\自制证书\mtlks.jks -validity 3650 -storepass 123456
// 2.将jks文件转换为行业标准PKCS12格式
// keytool -importkeystore -srckeystore E:\自制证书\mtlks.jks -destkeystore E:\自制证书\mtlks.jks -deststoretype pkcs12
// 3.导出只包括公钥信息的cer文件
// keytool -export -alias mtlks -keystore E:\自制证书\mtlks.jks -storepass 123456 -file E:\自制证书\mtlks.cer
// 4.制作keystore公钥证书
// keytool -import -alias mtltks -file E:\自制证书\mtlks.cer -keystore E:\自制证书\mtlt.jks -storepass 654321
//在线制作
// https://myssl.com/
KeyStoreDemo demo=new KeyStoreDemo();
KeyStore keyStore = demo.loadKeyStore("E:\\自制证书\\mtlks.pfx", "123456");//自制的pfx证书
System.out.println("公钥:"+demo.getPublicKeyStr(keyStore,"mtlks"));
System.out.println("私钥:"+demo.getPrivateKeyStr(keyStore,"mtlks","123456"));
System.out.println("-------------------------");
KeyStore keyStore2 = demo.loadKeyStore("E:\\自制证书\\mtlt.jks", "654321");//自制的公钥证书
System.out.println("公钥:"+demo.getPublicKeyStr(keyStore2,"mtltks"));
//System.out.println("私钥:"+demo.getPrivateKeyStr(keyStore2,"mtltks","123456"));//不带私钥,所以没有私钥
//待加密数据
String data="17788662514莫天龙大囧看几哈出红堵车好e上大囧的那件黄卡件档卡41.\\=--\\/./,nj户丢刷车汉黄炯A款韩打算好久as当";
//私钥加密
System.out.println("---------------------\n\n\n");
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE,keyStore.getKey("mtlks", "123456".toCharArray()));
//如果报错,javax.crypto.IllegalBlockSizeException: Data must not be longer than 245 bytes,加密数据过长,请采用分段加密策略
byte[] bytes = cipher.doFinal(data.getBytes("UTF-8"));
System.out.println("私钥加密结果:"+Base64.getEncoder().encodeToString(bytes));
//公钥解密
Cipher c=Cipher.getInstance("RSA");
c.init(Cipher.DECRYPT_MODE,keyStore2.getCertificate("mtltks").getPublicKey());
byte[] bys = c.doFinal(bytes);
System.out.println("公钥解析结果:"+new String(bys,"UTF-8"));
System.out.println("\n\n\n####################################\n\n\n");
//公钥加密
Cipher cc1=Cipher.getInstance("RSA");
cc1.init(Cipher.ENCRYPT_MODE,keyStore2.getCertificate("mtltks").getPublicKey());
byte[] bb1 = cc1.doFinal(data.getBytes("UTF-8"));
System.out.println("公钥加密结果:"+Base64.getEncoder().encodeToString(bb1));
//私钥解密
Cipher cc2=Cipher.getInstance("RSA");
cc2.init(Cipher.DECRYPT_MODE,keyStore.getKey("mtlks