工具类如下:
package cert;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
/**
-
TODO
-
@author cuiran
-
@version TODO
/
public class ReadP12Util {
/*-
TODO
-
@param args
/
public static void main(String[] args) {
// TODO Auto-generated method stub
// final String KEYSTORE_FILE = “D:\ssl\111111.p12”;
// final String KEYSTORE_FILE = “C:\Users\Administrator\Desktop\C1259765000017_4002628187_SM2_SignCert.cer”;
final String KEYSTORE_FILE = “D:\cert\mykey.p12”;
final String KEYSTORE_PASSWORD = “123456”;
final String KEYSTORE_ALIAS = “alias”;
getCertDetail(KEYSTORE_PASSWORD,KEYSTORE_FILE);
}
/* -
获取证书内容
-
@param KEYSTORE_PASSWORD
-
@param KEYSTORE_FILE
-
@return
*/
public static SslCertInfo getCertDetail(String KEYSTORE_PASSWORD,String KEYSTORE_FILE){
SslCertInfo sslCertInfo = new SslCertInfo();try {
KeyStore ks = KeyStore.getInstance(“PKCS12”);
FileInputStream fis = new FileInputStream(KEYSTORE_FILE);
// If the keystore password is empty(""), then we have to set
// to null, otherwise it won’t work!!!
char[] nPassword = null;
if ((KEYSTORE_PASSWORD == null)|| KEYSTORE_PASSWORD.trim().equals("")){
nPassword = null;
}else{
nPassword = KEYSTORE_PASSWORD.toCharArray();
}
ks.load(fis, nPassword);
fis.close();
System.out.println(“keystore type=” + ks.getType());
// Now we loop all the aliases, we need the alias to get keys.
// It seems that this value is the “Friendly name” field in the
// detals tab <-- Certificate window <-- view <-- Certificate
// Button <-- Content tab <-- Internet Options <-- Tools menu
// In MS IE 6.
Enumeration enum1 = ks.aliases();
String keyAlias = null;
if (enum1.hasMoreElements()){
// we are readin just one certificate.
keyAlias = (String) enum1.nextElement();
System.out.println(“alias=[” + keyAlias + “]”);
System.out.println("----------------------------------------------------");
}
// Now once we know the alias, we could get the keys.
System.out.println(“is key entry=” + ks.isKeyEntry(keyAlias));
Certificate cert = ks.getCertificate(keyAlias);
X509Certificate x509Certificate = (X509Certificate) ks.getCertificate(keyAlias);
String subject = x509Certificate.getSubjectDN().toString();
System.out.println(“subject===”+subject);
sslCertInfo.setDn(subject);
String issuer = x509Certificate.getIssuerDN().toString();
System.out.println(“issuer===”+issuer);
Date notAfter = x509Certificate.getNotAfter();
sslCertInfo.setNotAfter(notAfter);
System.out.println(“有效期止notAfter===”+notAfter);
Date notBefore = x509Certificate.getNotBefore();
sslCertInfo.setNotBefore(notBefore);
System.out.println(“有效期起notBefore===”+notBefore);
sslCertInfo.setIssueDn(issuer);
String sigAlgName = x509Certificate.getSigAlgName().toString();
System.out.println(“sigAlgName===”+sigAlgName);
sslCertInfo.setAlgFlag(sigAlgName);
String info = new String(Base64Utils.Encode64(cert.getEncoded()));
int CERT_LINE_LENGTH = 64;
StringBuilder str = new StringBuilder();
str.append("-----BEGIN CERTIFICATE-----" + “\n”);
for (int iCnt = 0; iCnt < info.length(); iCnt += CERT_LINE_LENGTH) {
int iLineLength;
if ((iCnt + CERT_LINE_LENGTH) > info.length()) {
iLineLength = info.length() - iCnt;
} else {
iLineLength = CERT_LINE_LENGTH;
}
str.append(info.substring(iCnt, iCnt + iLineLength)).append(
“\n”);
}
str.append("-----END CERTIFICATE-----" + “\n”);
System.out.println(“info===” + str);
sslCertInfo.setCert(info);
PublicKey pubkey = cert.getPublicKey();
byte[] pubkeyByte = pubkey.getEncoded();
String pubkeyStr = DataConverter.bytesToHexString(pubkeyByte);
System.out.println("pubkeyStr key = " + pubkeyStr);
sslCertInfo.setPublicKey(pubkeyStr);
}catch (Exception e){
e.printStackTrace();
}
return sslCertInfo;
}
} -
证书实体如下:
package cert;
import java.util.Date;
public class SslCertInfo {
private Integer certId; // id
private String name; //证书别名
private String dn; // DN
private String algFlag; // 密钥算法:1. RSA-1024 2. RSA-2048 3. SM2
private String publicKey; //公钥数据(Der+Base64)
private String csr; //证书请求数据
private String cert; //证书数据
private String issueDn; //证书签发者DN
private Integer status; // 1. 有效 2. 已申请,未导入 3. 禁用 4. 过期,使用原密钥更新证书时覆盖记录 5. 删除
private Date notAfter; //有效期止
private Date notBefore; //有效期起
//查询开始页
private int curr=1;
//每页展示条数
private int pageSize=20;
public Integer getCertId() {
return certId;
}
public void setCertId(Integer certId) {
this.certId = certId;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getDn() {
return dn;
}
public void setDn(String dn) {
this.dn = dn;
}
public String getAlgFlag() {
return algFlag;
}
public void setAlgFlag(String algFlag) {
this.algFlag = algFlag;
}
public String getPublicKey() {
return publicKey;
}
public void setPublicKey(String publicKey) {
this.publicKey = publicKey;
}
public String getCsr() {
return csr;
}
public void setCsr(String csr) {
this.csr = csr;
}
public String getCert() {
return cert;
}
public void setCert(String cert) {
this.cert = cert;
}
public String getIssueDn() {
return issueDn;
}
public void setIssueDn(String issueDn) {
this.issueDn = issueDn;
}
public Integer getStatus() {
return status;
}
public void setStatus(Integer status) {
this.status = status;
}
public Date getNotAfter() {
return notAfter;
}
public void setNotAfter(Date notAfter) {
this.notAfter = notAfter;
}
public Date getNotBefore() {
return notBefore;
}
public void setNotBefore(Date notBefore) {
this.notBefore = notBefore;
}
public int getCurr() {
return curr;
}
public void setCurr(int curr) {
this.curr = curr;
}
public int getPageSize() {
return pageSize;
}
public void setPageSize(int pageSize) {
this.pageSize = pageSize;
}
}