测试keytool 生成公钥私钥

最新推荐文章于 2023-04-19 13:49:40 发布

金意

最新推荐文章于 2023-04-19 13:49:40 发布

阅读量679

点赞数

文章标签： java

本文链接：https://blog.csdn.net/zfdabc_ok/article/details/50505543

版权

package test;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/**
 * 测试keytool 生成公钥私钥
 * 
 * @author dh jboss SSL java中Keytool的使用总结
 *         http://blog.chinaunix.net/uid-17102734-id-2830223.html
 * 
 *         localhost:bin dh$ cd
 *         /Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/bin
 * 
 *         localhost:bin dh$ ./keytool -genkey -alias tc-ssl -keyalg RSA
 *         -keystore server.keystore -validity 3650
 * 
 *         Enter keystore password: Dongh12!
 * 
 *         Re-enter new password: Dongh12!
 * 
 *         What is your first and last name?
 * 
 *         [Unknown]: localhost
 * 
 *         What is the name of your organizational unit?
 * 
 *         [Unknown]: dh
 * 
 *         What is the name of your organization?
 * 
 *         [Unknown]: dh
 * 
 *         What is the name of your City or Locality?
 * 
 *         [Unknown]: beijing
 * 
 *         What is the name of your State or Province?
 * 
 *         [Unknown]: beijing
 * 
 *         What is the two-letter country code for this unit?
 * 
 *         [Unknown]: CN
 * 
 *         Is CN=localhost, OU=dh, O=dh, L=beijing, ST=beijing, C=CN correct?
 * 
 *         [no]: yes
 * 
 * 
 * 
 *         Enter key password for <tc-ssl>
 * 
 *         (RETURN if same as keystore password):
 * 
 *         localhost:bin dh$ ls
 * 
 *         server.keystore
 * 
 *         2.导出 localhost:bin dh$ ./keytool -export -alias tc-ssl -keystore
 *         server.keystore -file server.crt -storepass Dongh12!
 * 
 *         3.拷贝到jboss
 * 
 *         localhost:bin dh$ cp server.keystore
 *         /Users/dh/app/jboss-5.1.0.GA/server/default/conf
 * 
 *         4.修改jboss配置
 * 
 *         localhost:jbossweb.sar dh$ vim
 *         /Users/dh/app/jboss-5.1.0.GA/server/default/deploy/jbossweb.sar/
 *         server.xml 修改
 *         <Connector protocol="HTTP/1.1" SSLEnabled="true" port="8443" address=
 *         "${jboss.bind.address}" scheme="https" secure="true" clientAuth=
 *         "true" keystoreFile="${jboss.server.home.dir}/conf/server.keystore"
 *         keystorePass="Dongh12!" sslProtocol = "TLS" />
 */
public class KeyTool {

	public static void main(String[] args) {
		try {
			KeyTool t = new KeyTool();
			String p = t.getClass().getClassLoader().getResource(".").getPath();
			System.out.println(p);
			String PASSWORD = "Dongh12!";
			KeyStore ks = KeyStore.getInstance("JKS");
			ks.load(new FileInputStream(p + "server.keystore"), PASSWORD.toCharArray());
			String alias = (String) ks.aliases().nextElement();
			PrivateKey myPrivateKey = (PrivateKey) ks.getKey(alias, PASSWORD.toCharArray());
			// Certificate[] chain = ks.getCertificateChain(alias);

			// 通过证书,获取公钥
			CertificateFactory cf = CertificateFactory.getInstance("X.509");
			FileInputStream in = new FileInputStream(p + "server.crt");
			// 生成一个证书对象并使用从输入流 inStream 中读取的数据对它进行初始化。
			Certificate c = cf.generateCertificate(in);
			PublicKey publicKey = c.getPublicKey();
			// 通过下面这段代码提取的私钥是否正确
			String before = "abc";
			byte[] plainText = before.getBytes("UTF-8");
			Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
			cipher.init(Cipher.ENCRYPT_MODE, publicKey);
			// 用公钥进行加密，返回一个字节流
			byte[] cipherText = cipher.doFinal(plainText);
			cipher.init(Cipher.DECRYPT_MODE, myPrivateKey);
			// 用私钥进行解密，返回一个字节流
			byte[] newPlainText = cipher.doFinal(cipherText);
			System.out.println(new String(newPlainText, "UTF-8"));

		} catch (FileNotFoundException e) {
			e.printStackTrace();
		} catch (KeyStoreException e) {
			e.printStackTrace();
		} catch (NoSuchAlgorithmException e) {
			e.printStackTrace();
		} catch (CertificateException e) {
			e.printStackTrace();
		} catch (IOException e) {
			e.printStackTrace();
		} catch (NoSuchPaddingException e) {
			e.printStackTrace();
		} catch (InvalidKeyException e) {
			e.printStackTrace();
		} catch (IllegalBlockSizeException e) {
			e.printStackTrace();
		} catch (BadPaddingException e) {
			e.printStackTrace();
		} catch (UnrecoverableKeyException e) {
			e.printStackTrace();
		}
	}

}

运行结果为： abc

注意：生成server.keystore 使用但jdk版本，和测试工程使用的jdk版本相同

我生成server.keystore使用的是jdk1.6

所以设置工程properties

金意

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
测试keytool 生成公钥私钥

package test;import java.io.FileInputStream;import java.io.FileNotFoundException;import java.io.IOException;import java.security.InvalidKeyException;import java.security.KeyStore;import java.se
复制链接

扫一扫