证书工具类:
import java.io.FileInputStream;
import java.io.StringWriter;
import java.io.Writer;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.openssl.PEMWriter;
/**
* 证书操作工具类
*/
public class CaUtils {
public static final String KEY_STORE = "JKS";
public static final String X509 = "X.509";
public static final String SunX509 = "SunX509";
public static final String SSL = "SSL";
/**
* 获取KeyStore
* @param keyStorePath
* @param password
* @return KeyStore
* @throws Exception
*/
public static KeyStore getKeyStore(String keyStorePath,String password)throws Exception
{
FileInputStream fis = new FileInputStream(keyStorePath);
KeyStore ks = KeyStore.getInstance(KEY_STORE);
ks.load(fis, password.toCharArray());
fis.close();
return ks;
}
/**
* 获取Certificate
* @param certificatePath
* @return Certificate
* @throws Exception
*/
public static Certificate getCertificate(String certificatePath)throws Exception
{
CertificateFactory certificateFactory = CertificateFactory.getInstance(X509);
FileInputStream fis = new FileInputStream(certificatePath);
Certificate certificate = certificateFactory.generateCertificate(fis);
fis.close();
return certificate;
}
/**
* 获取私钥
* @param keyStorePath
* @param alias
* @param password
* @return PrivateKey
* @throws Exception
*/
public static PrivateKey getPrivateKey(String keyStorePath,String alias,String password)throws Exception
{
KeyStore ks = getKeyStore(keyStorePath, password);
PrivateKey privateKey = (PrivateKey) ks.getKey(alias, password.toCharArray());
return privateKey;
}
/**
* 获取公钥
* @param certificatePath
* @return PublicKey
* @throws Exception
*/
public static PublicKey getPublicKey(String certificatePath)throws Exception
{
Certificate certificate = getCertificate(certificatePath);
PublicKey publicKey = certificate.getPublicKey();
return publicKey;
}
/**
* 获取公钥
* @param keyStorePath
* @param alias
* @param password
* @return PublicKey
* @throws Exception
*/
public static PublicKey getPublicKey(String keyStorePath,String alias,String password)throws Exception
{
KeyStore ks = getKeyStore(keyStorePath, password);
Certificate cert = ks.getCertificate(alias);
PublicKey publicKey = cert.getPublicKey();
return publicKey;
}
/**
* Key转换为Pem格式
* @param Key
* @return 字符串(Pem格式)
* @throws Exception
*/
public static String changeKeyToPem(Key key)throws Exception
{
PEMWriter pemWriter;
try {
Writer writer = new StringWriter();
pemWriter = new PEMWriter(writer);
pemWriter.writeObject(key);
pemWriter.flush();
pemWriter.close();
return writer.toString();
} finally {
pemWriter = null;
}
}
/**
* 获得SSLSocketFactory
* @param password
* @param keyStorePath
* @param trustKeyStorePath
* @return SSLSocketFactory
* @throws Exception
*/
public static SSLSocketFactory getSSLSocketFactory(String password,String keyStorePath, String trustKeyStorePath) throws Exception
{
// 初始化密钥库
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(SunX509);
KeyStore keyStore = getKeyStore(keyStorePath, password);
keyManagerFactory.init(keyStore, password.toCharArray());
// 初始化信任库
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(SunX509);
KeyStore trustkeyStore = getKeyStore(trustKeyStorePath, password);
trustManagerFactory.init(trustkeyStore);
// 初始化SSL上下文
SSLContext ctx = SSLContext.getInstance(SSL);
ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
SSLSocketFactory sf = ctx.getSocketFactory();
return sf;
}
/**
* 获取密钥对
* @param keyStorePath
* @param alias
* @param password
* @return KeyPair
* @throws Exception
*/
public static KeyPair getKeyPair(String keyStorePath,String alias,String password)throws Exception
{
KeyStore ks = getKeyStore(keyStorePath, password);
Key key = ks.getKey(alias, password.toCharArray());
if (key instanceof PrivateKey)
{
Certificate cert = ks.getCertificate(alias);
PublicKey publicKey = cert.getPublicKey();
return new KeyPair(publicKey, (PrivateKey) key);
}else
{
return null;
}
}
}
分享到:
相关推荐
编译:javac InstallCert.java 运行:java InstallCert 要访问的网址 最后面会输出: Enter certificate to add to trusted keystore or 'q' to quit: [1] ...将证书copy到$JAVA_HOME/jre/lib/security目录下
Https单向认证忽略证书工具类,自定义TrustManager和HostnameVerifier,适用于OkHttp和HttpURLConnection
java生成https安全证书,解决httpClient访问https出错 编译:javac InstallCert.java 运行:java InstallCert 要访问的网址 ...输入1确认生成jssecacerts文件,将证书copy到$JAVA_HOME/jre/lib/security目录下
一些工具类代码块的标准代码: SSL双向认证 获得双向认证所需的参数
此资源为java证书(https)导入的小巧的工具,小巧,实用,适合开发过程中https证书的导入
java的get和post请求,获取json的工具类,https时会存在ssl校验的问题,工具会自动去除ssl校验。
java信任SSL证书的工具类 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
工具内容有完整的CSR生成及对应秘钥保存,使用java.securtiy Signature类
生成证书文件的工具类
证书签名加密工具类 CertificateUtils
以前做项目时候为了实现证书打印做的简单封装,使用方便,只需给定证书底版图的路径以及文字样式和坐标即可。代码以项目的方式提供(内含Demo)。
华为手机缺少证书工具打包 安全类授权开放SDK1.2版本 解决安装包无证书
该实例是以springBoot框架,jdk8、maven,包含HttpClient工具类,一般请求。https请求加载证书工具类。并附有测试类。
httplient向https发送请求会因为证书校验而报错,该工具类提供绕开HTTPS证书校验方法,以实现访问https网站的功能
微信支付工具类v3版 包含: 1. 微信支付v3版 2. 微信退款v3版 3. 微信交易状态查询 4. 企业打款到个人零钱(旧版) 本人在企业项目中使用,自己封装的的微信交易相关的一套工具类。 直接调用方法传入对应的参数即可...
微信支付工具---appid和商户号在配置文件中放置,没有放里面,。退款回调和付款回调也没有,退款证书自己在微信里面下载
设计到的方法如下: DigitalSign init getInstance SignMsgByRelativePath SignMsgByInputStream signMsgByAbsolutePath verifyMsgByInputSteam verifyMsgByAbsolutePath verifyMsgByRelativePath ...
1、根证书、子证书签发; 2、证书签发者、使用者、有效期可自定义; 3、产生标准P10、封装成P7格式的P10。 三、各算法实现代码连接 1、SM2:https://download.csdn.net/download/qq42750617/13188634 2、SM3:...
华为mate9缺少证书工具打包 安全类授权开放SDK1.2版本,请查看我的博客介绍:http://blog.csdn.net/xiayiye5/article/details/78258263