import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PushbackReader;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import sun.security.x509.CertificateIssuerName;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;
public class CertificateSigner {
public static void main(String[] args) {
String ksname = null; // the keystore name
String alias = null; // the private key alias
String inname = null; // the input file name
String outname = null; // the output file name
for (int i = 0; i < args.length; i += 2) {
if (args[i].equals("-keystore"))
ksname = args[i + 1];
else if (args[i].equals("-alias"))
alias = args[i + 1];
else if (args[i].equals("-infile"))
inname = args[i + 1];
else if (args[i].equals("-outfile"))
outname = args[i + 1];
else
usage();
}
if (ksname == null || alias == null || inname == null
|| outname == null)
usage();
try {
PushbackReader console = new PushbackReader(new InputStreamReader(
System.in));
KeyStore store = KeyStore.getInstance("JKS", "SUN");
InputStream in = new FileInputStream(ksname);
char[] password = readPassword(console, "Keystore password");
store.load(in, password);
Arrays.fill(password, ' ');
in.close();
char[] keyPassword = readPassword(console, "Key password for "
+ alias);
PrivateKey issuerPrivateKey = (PrivateKey) store.getKey(alias,
keyPassword);
Arrays.fill(keyPassword, ' ');
if (issuerPrivateKey == null)
error("No such private key");
in = new FileInputStream(inname);
CertificateFactory factory = CertificateFactory
.getInstance("X.509");
X509Certificate inCert = (X509Certificate) factory
.generateCertificate(in);
in.close();
byte[] inCertBytes = inCert.getTBSCertificate();
X509Certificate issuerCert = (X509Certificate) store
.getCertificate(alias);
Principal issuer = issuerCert.getSubjectDN();
String issuerSigAlg = issuerCert.getSigAlgName();
FileOutputStream out = new FileOutputStream(outname);
X509CertInfo info = new X509CertInfo(inCertBytes);
info.set(X509CertInfo.ISSUER, new CertificateIssuerName(
(X500Name) issuer));
X509CertImpl outCert = new X509CertImpl(info);
outCert.sign(issuerPrivateKey, issuerSigAlg);
outCert.derEncode(out);
out.close();
} catch (Exception exception) {
System.out.println(exception);
}
}
public static char[] readPassword(PushbackReader in, String prompt)
throws IOException {
System.out.print(prompt + ": ");
System.out.flush();
final int MAX_PASSWORD_LENGTH = 100;
int length = 0;
char[] buffer = new char[MAX_PASSWORD_LENGTH];
while (true) {
int ch = in.read();
if (ch == '\r' || ch == '\n' || ch == -1
|| length == MAX_PASSWORD_LENGTH) {
if (ch == '\r') // handle DOS "\r\n" line ends
{
ch = in.read();
if (ch != '\n' && ch != -1)
in.unread(ch);
}
char[] password = new char[length];
System.arraycopy(buffer, 0, password, 0, length);
Arrays.fill(buffer, ' ');
return password;
} else {
buffer[length] = (char) ch;
length++;
}
}
}
public static void error(String message) {
System.out.println(message);
System.exit(1);
}
public static void usage() {
System.out.println("Usage: java CertificateSigner"
+ " -keystore keyStore -alias issuerKeyAlias"
+ " -infile inputFile -outfile outputFile");
System.exit(1);
}
}
分享到:
相关推荐
网上转了好多圈,发现数据安全的资料太少,好用的源码就更少了,所以自己决定做一个示例的集合,供大家参考和使用。 一些C#中数据安全的基本处理以及综合使用的实际例程。...方便好用,里面是我做的多个例子的集合。
评委签字表的格式,属性,内容的介绍,对其进行阐述等。。。。
CA 也拥有一个证书(内含公钥和私钥)。网上的公众用户通过验证 CA 的签字从而信任 CA ,任何人都可以得到 CA 的证书(含公钥),用以验证它所签发的证书。
签字模板组件
winfrom签字工具,支持通用型签字版
jquery在线签字插件
c#实现pc端和app端手动签字功能
机动车检测站授权签字人考试试题
银行签字样本查看器,输入银行编号,自动回显银行的电话、签字样本图片
蒙恬手写板移动前台,签字软件程序
机动车检测站授权签字人测试题
检验检测机构授权签字人理论考试题.doc
H5页面通过canvas_sign实现手机签名功能 canvas 电脑及手机端签名实现 电子签名
合同中“签字盖章生效”与_“签字、盖章生效”的区别.doc
微信小程序签字板,实现在微信小程序签字并保存签字图片
机动车检测站授权签字人考试试题
jSignature手写签字插件demo
这是一个很不错的JS画图板,可以根据自己需要改成网上手写签字
Android手写签字源码,提取至github开源项目Brushs,适配android4.3以上版本。含有三种笔锋效果:白板笔、喷绘笔等,适合需要用户手写保存笔迹图片的项目。