📄 test.java
字号:
{
System.out.print(pkenc[i] + ",");
}
// 五 JAVA程序列出密钥库所有条目
FileInputStream in2 = new FileInputStream(name);//.keystore
KeyStore ks1 = KeyStore.getInstance("JKS");
ks1.load(in2, pass.toCharArray());
Enumeration e = ks1.aliases();
System.out.println("--------------------");
while (e.hasMoreElements())
{
Certificate c2 = ks1.getCertificate((String) e.nextElement());
System.out.println("c2: " + c2.getPublicKey());
}
System.out.println("=====================================");
*/
// 六 JAVA程序修改密钥库口令
/*
String oldpass = "WorldHello";
String newpass = "123456";
FileInputStream in3 = new FileInputStream(name);
KeyStore ks2 = KeyStore.getInstance("JKS");
ks2.load(in3, oldpass.toCharArray());
in3.close();
FileOutputStream output = new FileOutputStream(name);
ks2.store(output, newpass.toCharArray());
output.close();
System.out.println("密码修改成功!!!!!");
*/
// 七 JAVA程序修改密钥库条目的口令及添加条目
/*
FileInputStream in4 = new FileInputStream(name);
KeyStore ks3 = KeyStore.getInstance("JKS");
ks3.load(in4, storepass.toCharArray());
Certificate[] cchain = ks3.getCertificateChain(alias);// 获取别名对应条目的证书链
PrivateKey pk1 = (PrivateKey) ks3.getKey(alias, oldkeypass
.toCharArray());// 获取别名对应条目的私钥
ks3.setKeyEntry(alias, pk1, newkeypass.toCharArray(), cchain);// 向密钥库中添加条目
// 第一个参数指定所添加条目的别名,假如使用已存在别名将覆盖已存在条目,
// 使用新别名将增加一个新条目,第二个参数为条目的私钥,第三个为设置的新口令,第四个为该私钥的公钥的证书链
FileOutputStream output1 = new FileOutputStream("e:/qhc/tools/another.keystore");
ks3.store(output1, storepass.toCharArray());// 将keystore对象内容写入新文件
System.out.println("密钥库条目口令修改成功、添加条目成功!!!!");
*/
// 八 JAVA程序检验别名和删除条目
/*
FileInputStream in8 = new FileInputStream(name);
KeyStore ks8 = KeyStore.getInstance("JKS");
// 检验条目是否在密钥库中,存在返回true
ks8.load(in8, storepass.toCharArray());
if(ks8.containsAlias("sage"))
{
ks8.deleteEntry("sage");// 删除别名对应的条目
}
FileOutputStream output8 = new FileOutputStream(name);
ks8.store(output8, storepass.toCharArray());// 将keystore对象内容写入文件,条目删除成功
System.out.println("程序检测别名、删除条目成功!!!!");
*/
// 九 JAVA程序签发数字证书
/*
// (1)从密钥库中读取CA的证书
String cakeypass = "KeytoolHello123";//
FileInputStream in9 = new FileInputStream(name);
KeyStore ks9 = KeyStore.getInstance("JKS");
ks9.load(in9, pass.toCharArray());
Certificate c9 = ks9.getCertificate(alias);
// (2)从密钥库中读取CA的私钥
PrivateKey caprk = (PrivateKey) ks9.getKey(alias, certpass
.toCharArray());
// (3)从CA的证书中提取签发者的信息
byte[] encod1 = c9.getEncoded(); // 提取CA证书的编码
X509CertImpl cimp1 = new X509CertImpl(encod1); // 用该编码创建X509CertImpl类型对象
X509CertInfo cinfo1 = (X509CertInfo) cimp1.get(X509CertImpl.NAME
+ "." + X509CertImpl.INFO); // 获取X509CertInfo对象
X500Name issuer = (X500Name) cinfo1.get(X509CertInfo.SUBJECT + "."
+ CertificateIssuerName.DN_NAME); // 获取X509Name类型的签发者信息
// (4)获取待签发的证书
CertificateFactory cf9 = CertificateFactory.getInstance("X.509");
FileInputStream in91 = new FileInputStream(cer);
Certificate c29 = cf9.generateCertificate(in91);
// (5)从待签发的证书中提取证书信息
byte[] encod2 = c29.getEncoded();
X509CertImpl cimp2 = new X509CertImpl(encod2); // 用该编码创建X509CertImpl类型对象
X509CertInfo cinfo2 = (X509CertInfo) cimp2.get(X509CertImpl.NAME
+ "." + X509CertImpl.INFO); // 获取X509CertInfo对象
// (6)设置新证书有效期
Date begindate = new Date(); // 获取当前时间
Date enddate = new Date(begindate.getTime() + 3000 * 24 * 60 * 60
* 1000L); // 有效期为3000天
CertificateValidity cv = new CertificateValidity(begindate, enddate); // 创建对象
cinfo2.set(X509CertInfo.VALIDITY, cv); // 设置有效期
// (7)设置新证书序列号
int sn = (int) (begindate.getTime() / 1000);// 以当前时间为序列号
CertificateSerialNumber csn = new CertificateSerialNumber(sn);
cinfo2.set(X509CertInfo.SERIAL_NUMBER, csn);
// (8)设置新证书签发者
cinfo2.set(X509CertInfo.ISSUER + "."
+ CertificateIssuerName.DN_NAME, issuer);// 应用第三步的结果
// (9)设置新证书签名算法信息
AlgorithmId algorithm = new AlgorithmId(
AlgorithmId.md5WithRSAEncryption_oid);
cinfo2.set(CertificateAlgorithmId.NAME + "."
+ CertificateAlgorithmId.ALGORITHM, algorithm);
// (10)创建证书并使用CA的私钥对其签名
X509CertImpl newcert = new X509CertImpl(cinfo2);
newcert.sign(caprk, "DSA"); // 使用CA私钥对其签名
// (11)将新证书写入密钥库
ks9.setCertificateEntry("lf_signed", newcert);
FileOutputStream out = new FileOutputStream("e:/qhc/tools/newstore.keystore");
ks9.store(out, "qihongce".toCharArray()); // 这里是写入了新的密钥库,也可以使用第七条来增加条目
System.out.println("成功啦,这才是一个完整的利用公钥私钥颁发数字证书的过程");
*/
// 十 数字证书的检验
// (1)验证证书的有效期
// (a)获取X509Certificate类型对象
CertificateFactory cf10 = CertificateFactory.getInstance("X.509");
FileInputStream in10 = new FileInputStream(cer);
Certificate c10 = cf10.generateCertificate(in10);
X509Certificate t1 = (X509Certificate) c10;
in10.close();
// (b)获取日期
Date TimeNow = new Date();
// (c)检验有效性
t1.checkValidity(TimeNow);
System.out.println("OK");
} catch (CertificateExpiredException e11)
{ // 过期
System.out.println("Expired");
System.out.println(e11.getMessage());
} catch (CertificateNotYetValidException ex)
{ // 尚未生效
System.out.println("Too early");
System.out.println(ex.getMessage());
} catch (Exception ex)
{
System.out.println(ex.getMessage());
}
boolean pass12 = false;
try
{
// (2)验证证书签名的有效性
// (a)获取CA证书
CertificateFactory cf11 = CertificateFactory.getInstance("X.509");
FileInputStream in20 = new FileInputStream(cer);
Certificate cac = cf11.generateCertificate(in20);
in20.close();
// (c)获取CA的公钥
PublicKey pbk = cac.getPublicKey();
// (b)获取待检验的证书(上步已经获取了,就是C1)
// (c)检验证书
cac.verify(pbk);
pass12 = true;
System.out.println("OK!!!");
} catch (Exception e1)
{
pass12 = false;
System.out.println(e1);
}
}
/*
* public void key() { String before = "asdf"; byte[] plainText =
* before.getBytes("UTF8");
*
* //1步**********************************************************************
* System.out.println("Start generate AES key.");
* //得到一个使用AES算法的KeyGenerator的实例 KeyGenerator keyGen =
* KeyGenerator.getInstance("AES"); //定义密钥长度128位 keyGen.init(128);
* //通过KeyGenerator产生一个key(密钥算法刚才已定义,为AES) Key key = keyGen.generateKey();
* System.out.println("Finish generating AES key."+key);
*
*
* //2步**********************************************************************
* //获得一个私钥加密类Cipher,定义Cipher的基本信息:ECB是加密方式,PKCS5Padding是填充方法 Cipher cipher =
* Cipher.getInstance("AES/ECB/PKCS5Padding"); // System.out.println("\n" +
* cipher.getProvider().getInfo());
*
*
* //3步**********************************************************************
* //使用私钥加密 System.out.println("\n用私钥加密...");
* //把刚才生成的key当作参数,初始化使用刚才获得的私钥加密类,Cipher.ENCRYPT_MODE意思是加密
* cipher.init(Cipher.ENCRYPT_MODE, key);
*
* //私钥加密类Cipher进行加密,加密后返回一个字节流 byte[] byte[] cipherText =
* cipher.doFinal(plainText);
*
* //以UTF8格式把字节流转化为 String String after1 = new String(cipherText, "UTF8");
* System.out.println("用私钥加密完成:"+after1);
*
*
* //4步**********************************************************************
* //使用私钥对刚才加密的信息进行解密,看看是否一致,Cipher.DECRYPT_MODE意思是解密钥
* System.out.println("\n用私钥解密..."); cipher.init(Cipher.DECRYPT_MODE, key);
*
* //对刚才私钥加密的字节流进行解密,解密后返回一个字节流 byte[] byte[] newPlainText =
* cipher.doFinal(cipherText);
*
* String after2 = new String(newPlainText, "UTF8");
* System.out.println("用私钥解密完成:"+after2); }
*
* public void key1() { String before = "asdf"; byte[] plainText =
* before.getBytes("UTF8");
*
* //产生一个RSA密钥生成器KeyPairGenerator(顾名思义:一对钥匙生成器) KeyPairGenerator keyGen =
* KeyPairGenerator.getInstance("RSA"); //定义密钥长度1024位
* keyGen.initialize(1024); //通过KeyPairGenerator产生密钥,注意:这里的key是一对钥匙!!
* KeyPair key = keyGen.generateKeyPair();
*
* //获得一个RSA的Cipher类,使用公钥加密 Cipher cipher =
* Cipher.getInstance("RSA/ECB/PKCS1Padding"); // System.out.println("\n" +
* cipher.getProvider().getInfo());
*
* System.out.println("\n用公钥加密...");
* //Cipher.ENCRYPT_MODE意思是加密,从一对钥匙中得到公钥key.getPublic()
* cipher.init(Cipher.ENCRYPT_MODE, key.getPublic()); //用公钥进行加密,返回一个字节流
* byte[] cipherText = cipher.doFinal(plainText); //以UTF8格式把字节流转化为 String
* String after1 = new String(cipherText, "UTF8");
* System.out.println("用公钥加密完成:"+after1);
*
*
* //使用私钥解密 System.out.println("\n用私钥解密...");
* //Cipher.DECRYPT_MODE意思是解密,从一对钥匙中得到私钥 key.getPrivate()
* cipher.init(Cipher.DECRYPT_MODE, key.getPrivate()); //用私钥进行解密,返回一个字节流
* byte[] newPlainText = cipher.doFinal(cipherText);
*
* String after2 = new String(newPlainText, "UTF8");
* System.out.println("用私钥解密完成:"+after2); }
*/
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -