潘志宝
2024-12-23 d6464955dc20cb527f7be02ac8631c1effb1768a
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
package com.iailab.module.data.channel.opcua.collector;
 
import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;
 
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
 
/**
 * @Author: zhangsong
 * @Date: 2019/5/28 20:21
 * @Version 1.0
 * 首先需要通过jdk的keytool生成秘钥库等,需确保机器中安装有jdk
 * 0.在本代码环境下,执行1命令时,秘钥库的密码和证书的密码须一致,请自行修改路径
 *   请确保路径下无名为mykeystore.keystore的文件,否则可能会报密码错等
 * 1.keytool -genkey -alias mykey -keyalg RSA -keystore C:/Users/Lenovo/AppData/Local/Temp/security/mykeystore.keystore -keysize 1024 -validity 3650
   2.keytool -export -alias mykey -keystore C:/Users/Lenovo/AppData/Local/Temp/security/mykeystore.keystore -file  C:/Users/Lenovo/AppData/Local/Temp/security/mykey.cer
   3.代码中的秘钥库密码为keystore,请自行修改
   4.查看信息  keytool -list -v -keystore C:/Users/Lenovo/AppData/Local/Temp/security/mykeystore.keystore -storepass "keystore"
 *
 */
public class RSACertHelper {
 
    public static void main(String[] args) {
        String path = "C:/Users/Lenovo/AppData/Local/Temp/security/";
        String keyStoreFile = "mykeystore.keystore";
        String passwd = "keystore";
        String keyAlias = "mykey";
        String pfxFile = "mykey.pfx";
        String cerFile = "mykey.cer";
 
        System.out.println("请确保已执行完注释中的两条命令再执行本代码\n\n");
        System.out.println("1.开始生成PFX文件");
        coverToPfx(path + keyStoreFile, passwd, keyAlias, path + pfxFile);
        System.out.println("===============================================================");
        System.out.println("2.开始提取.cer中的公钥字符串");
        String cerStr = getPubStr(path + cerFile);
        System.out.println("从.cer文件中提取的公钥字符串如下:");
        System.out.println(cerStr);
    }
 
    //1生成pfx文件
    public static void coverToPfx(String keyStoreFile, String passwd, String keyAlias, String pfxFile) {
        try {
            KeyStore inputKeyStore = KeyStore.getInstance("JKS");
            FileInputStream fis = new FileInputStream(keyStoreFile);
            char[] nPassword = null;
            if ((passwd == null)
                    || passwd.trim().equals("")) {
                nPassword = null;
            } else {
                nPassword = passwd.toCharArray();
            }
            inputKeyStore.load(fis, nPassword);
            fis.close();
            KeyStore outputKeyStore = KeyStore.getInstance("PKCS12");
            outputKeyStore.load(null, passwd.toCharArray());
 
            if (inputKeyStore.isKeyEntry(keyAlias)) {
                Key key = inputKeyStore.getKey(keyAlias, passwd.toCharArray());
                Certificate[] certChain = inputKeyStore
                        .getCertificateChain(keyAlias);
                outputKeyStore.setKeyEntry(keyAlias, key, passwd
                        .toCharArray(), certChain);
            }
 
            FileOutputStream out = new FileOutputStream(pfxFile);
            outputKeyStore.store(out, nPassword);
            out.close();
            System.out.println("已生成PFX文件" + pfxFile);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
 
    //2获取公钥字符串
    public static String getPubStr(String cerFile) {
        String key = "";
        // 读取证书文件
        try {
            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            FileInputStream in = new FileInputStream(cerFile);
 
            //生成一个证书对象并使用从输入流 inStream 中读取的数据对它进行初始化。
            Certificate c = cf.generateCertificate(in);
            PublicKey publicKey = c.getPublicKey();
            key = Base64.encode(publicKey.getEncoded());
        } catch (CertificateException e) {
            e.printStackTrace();
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        }
        return key;
    }
}