package com.iailab.module.data.channel.opcua.collector; import com.sun.org.apache.xerces.internal.impl.dv.util.Base64; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.security.Key; import java.security.KeyStore; import java.security.PublicKey; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; /** * @Author: zhangsong * @Date: 2019/5/28 20:21 * @Version 1.0 * 首先需要通过jdk的keytool生成秘钥库等,需确保机器中安装有jdk * 0.在本代码环境下,执行1命令时,秘钥库的密码和证书的密码须一致,请自行修改路径 * 请确保路径下无名为mykeystore.keystore的文件,否则可能会报密码错等 * 1.keytool -genkey -alias mykey -keyalg RSA -keystore C:/Users/Lenovo/AppData/Local/Temp/security/mykeystore.keystore -keysize 1024 -validity 3650 2.keytool -export -alias mykey -keystore C:/Users/Lenovo/AppData/Local/Temp/security/mykeystore.keystore -file C:/Users/Lenovo/AppData/Local/Temp/security/mykey.cer 3.代码中的秘钥库密码为keystore,请自行修改 4.查看信息 keytool -list -v -keystore C:/Users/Lenovo/AppData/Local/Temp/security/mykeystore.keystore -storepass "keystore" * */ public class RSACertHelper { public static void main(String[] args) { String path = "C:/Users/Lenovo/AppData/Local/Temp/security/"; String keyStoreFile = "mykeystore.keystore"; String passwd = "keystore"; String keyAlias = "mykey"; String pfxFile = "mykey.pfx"; String cerFile = "mykey.cer"; System.out.println("请确保已执行完注释中的两条命令再执行本代码\n\n"); System.out.println("1.开始生成PFX文件"); coverToPfx(path + keyStoreFile, passwd, keyAlias, path + pfxFile); System.out.println("==============================================================="); System.out.println("2.开始提取.cer中的公钥字符串"); String cerStr = getPubStr(path + cerFile); System.out.println("从.cer文件中提取的公钥字符串如下:"); System.out.println(cerStr); } //1生成pfx文件 public static void coverToPfx(String keyStoreFile, String passwd, String keyAlias, String pfxFile) { try { KeyStore inputKeyStore = KeyStore.getInstance("JKS"); FileInputStream fis = new FileInputStream(keyStoreFile); char[] nPassword = null; if ((passwd == null) || passwd.trim().equals("")) { nPassword = null; } else { nPassword = passwd.toCharArray(); } inputKeyStore.load(fis, nPassword); fis.close(); KeyStore outputKeyStore = KeyStore.getInstance("PKCS12"); outputKeyStore.load(null, passwd.toCharArray()); if (inputKeyStore.isKeyEntry(keyAlias)) { Key key = inputKeyStore.getKey(keyAlias, passwd.toCharArray()); Certificate[] certChain = inputKeyStore .getCertificateChain(keyAlias); outputKeyStore.setKeyEntry(keyAlias, key, passwd .toCharArray(), certChain); } FileOutputStream out = new FileOutputStream(pfxFile); outputKeyStore.store(out, nPassword); out.close(); System.out.println("已生成PFX文件" + pfxFile); } catch (Exception e) { e.printStackTrace(); } } //2获取公钥字符串 public static String getPubStr(String cerFile) { String key = ""; // 读取证书文件 try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); FileInputStream in = new FileInputStream(cerFile); //生成一个证书对象并使用从输入流 inStream 中读取的数据对它进行初始化。 Certificate c = cf.generateCertificate(in); PublicKey publicKey = c.getPublicKey(); key = Base64.encode(publicKey.getEncoded()); } catch (CertificateException e) { e.printStackTrace(); } catch (FileNotFoundException e) { e.printStackTrace(); } return key; } }