前言
生成keystore签名文件使用的是jdk1.8以上自带的jar包进行生成与解析,无需引入其他jar包。
1.生成keystore文件代码
public class KeyStoreUtil {
public static void main(String[] args) throws Exception {
creatKeyStore();
}
public static void creatKeyStore() throws Exception{
String filePath = "C:\\Users\\hp\\Desktop\\test.keystore"; // 文件生成路径
int keysize = 1024; // 大小
String commonName = "www.dreamsoft.com";
final String organizationalUnit = "dreamsoftIT";
final String organization = "dreamsoft";
final String city = "chengdu";
final String state = "chengdu";
final String country = "chengdu";
final long validity = 365 * 50; // 证书的有效期
String alias = "alias"; // 别名
char[] storePass = "123456".toCharArray(); // 秘钥库口令 签名文件密码
char[] keyPass = "123456".toCharArray(); // 别名密码 私钥
// 初始化一个keystore对象 keystore文件对应JKS实例 ios的p12文件对应PKCS12实例
KeyStore ks = KeyStore.getInstance("JKS");
// 由于是新创建keystore文件参数传null
ks.load(null, null);
// 签名文件加密方式和签名文件常规信息
CertAndKeyGen keypair = new CertAndKeyGen("RSA", "SHA1WithRSA", null);
X500Name x500Name = new X500Name(commonName, organizationalUnit, organization, city, state, country);
keypair.generate(keysize);
// 创建私钥对象及设置证书的有效期
PrivateKey privateKey = keypair.getPrivateKey();
X509Certificate[] chain = new X509Certificate[1];
chain[0] = keypair.getSelfCertificate(x500Name, new Date(), (long)validity*24*60*60);
// store away the key store
FileOutputStream fos = new FileOutputStream(filePath);
// 设置别名私钥密码
ks.setKeyEntry(alias, privateKey, keyPass, chain);
// 设置签名文件密码 秘钥库口令
ks.store(fos, storePass);
fos.close();
}
}
生成结果:
2.验证keystore签名文件代码
/**
*
* @param storePass 签名文件密码
* @param keyPass 别名密码
* @param alias 别名
* @throws Exception
*/
public static void validAndroidKey(String storePass,String keyPass,String alias) throws Exception{
KeyStore keyStore = KeyStore.getInstance("JKS");
FileInputStream keyFile = new FileInputStream("C:\\Users\\hp\\Desktop\\test.keystore");
try {
// 根据签名文件密码加载keyStore对象 签名文件密码错误会抛出异常
keyStore.load(keyFile, storePass.toCharArray());
// 得到签名文件的别名并验证别名是否相同 不相同则抛出自定义异常
Enumeration aliases = keyStore.aliases();
if(aliases.hasMoreElements()){
if(!alias.equals((String)aliases.nextElement())) {
throw new Exception();
}
}
// 验证别名密码是否相同
PrivateKey prikey = (PrivateKey) keyStore.getKey(alias, keyPass.toCharArray());
if(prikey == null) {
throw new Exception();
}
} finally {
keyFile.close();
}
}
public static void main(String[] args){
//creatKeyStore();
try {
validAndroidKey("123456","123456","alias");
System.out.println("验证成功!!");
} catch (Exception e) {
// TODO Auto-generated catch block
System.out.println("验证失败!!");
e.printStackTrace();
}
try {
validAndroidKey("123456","1234567","alias");
System.out.println("验证成功!!");
} catch (Exception e) {
// TODO Auto-generated catch block
System.out.println("验证失败!!");
e.printStackTrace();
}
}
执行结果:
验证成功!!
验证失败!!
3.cmd验证查看kestore文件命令
keytool -list -v -keystore C:\Users\hp\Desktop\test.keystore
注意:此命令要先安装jdk并设置环境变量
4.源码
源码及生成的android签名文件。