之前不理解公钥私钥,证书的概念,最近总结整理了⼀下。现在分享出来
注意:从⽣成签名引出公钥私钥,证书概念
⽣成key.store
运⾏--cmd--dos窗⼝
⽣成java keystore ⽂件
C:\Users\weichyang>keytool -genkey -alias test -keyalg RSA -keystore key.keysto
e
输⼊密钥库⼝令:
再次输⼊新⼝令:
您的名字与姓⽒是什么?
[Unknown]: yang
[Unknown]: nuoyuan
您的组织名称是什么?
[Unknown]: nuoyuan
您所在的城市或区域名称是什么?
[Unknown]: bj
您所在的省/市/⾃治区名称是什么?
[Unknown]: bj
该单位的双字母国家/地区代码是什么?
[Unknown]: 010
CN=yang, OU=nuoyuan, O=nuoyuan, L=bj, ST=bj, C=010是否正确?
[否]: 是
输⼊ <test> 的密钥⼝令
(如果和密钥库⼝令相同, 按回车):
看上⾯的有三个关键点:
密钥库,密钥⼝令, 别名 这⼏个关键字下⾯其他步骤会使⽤到
1.⾸先提取证书,然后查看公钥信息
C:\Users\weichyang>keytool -export -alias test -keystore key.keystore -file zhen
<
输⼊密钥库⼝令:
存储在⽂件 <zhengshu> 中的证书
-export 导出证书
-alias 证书别名
-keystore 提取证书的keystore名字
- 提取证书名字
到证书⽣成路径,双击查看公钥
这样就提取了公钥
私钥提取
私钥的提取稍微繁琐了⼀点。但是有现成提取⽅法也不必担⼼
但是我们⽆法通过KEYTOOL⼯具来提取私钥的..我们只能通过java的KeyStore类getEntry() 或者getKey()来提取私钥.贴出来⽅法
import java.io.File;
import java.io.FileInputStream;
import java.io.FileWriter;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import Certificate;
import sun.misc.BASE64Encoder;
public class ExportPrivateKey {
private File keystoreFile;
private String keyStoreType;
private char[] password;
private String alias;
private File exportedFile;
public static KeyPair getPrivateKey(KeyStore keystore, String alias,
char[] password) {
try {
Key key = Key(alias, password);
if (key instanceof PrivateKey) {
Certificate cert = Certificate(alias);
PublicKey publicKey = PublicKey();
return new KeyPair(publicKey, (PrivateKey) key);
}
} catch (UnrecoverableKeyException e) {
} catch (UnrecoverableKeyException e) {
} catch (NoSuchAlgorithmException e) {
} catch (KeyStoreException e) {
}
return null;
}
public void export() throws Exception {
KeyStore keystore = Instance(keyStoreType);
BASE64Encoder encoder = new BASE64Encoder();
keystore.load(new FileInputStream(keystoreFile), password);
KeyPair keyPair = getPrivateKey(keystore, alias, password);
PrivateKey privateKey = Private();
String encoded = Encoded());
FileWriter fw = new FileWriter(exportedFile);
fw.write("—–BEGIN PRIVATE KEY—–/n");
System.out.println("—–BEGIN PRIVATE KEY—–/n");
fw.write(encoded);
System.out.println(encoded + "/n");
fw.write("/n");
fw.write("—–END PRIVATE KEY—–");
System.out.println("—–END PRIVATE KEY—–");
fw.close();
}
public static void main(String args[]) throws Exception {
ExportPrivateKey export = new ExportPrivateKey();
export.keystoreFile = new File("c:/Users/weichyang/key.keystore");
export.keyStoreType = "JCEKS";
export.password = "123456".toCharArray();
export.alias = "test";
}
}
执⾏上⾯代码会在指定⽂件中⽣成⼀份私钥,同时输出到控制台中
输出私钥:
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCltQnLjqHJOry7T3iP15XV1VVn
ORP9MPi/J03j52ygU948L4iSHIJymtS8wtm+XhqVPTTn/a5aqc4D+lqPXiok0NKgWGNFZbnKc2eQ
b2KXOWg3yaqPIXrvtKQ9vDPeJvNobf9+wILH7L80B4D135/S+lIbHS6V2PxQH5LkWQHx+0R3OBbs
lzs1FbGL2KEL4UWxUbVeCtfW2wkD2H+u7NeBHq5nSvXfHagjYDHXAGZbUCeZ4ESvKpJf7u5f0wRx
pyhDHtv/G+rixnLL0PO50HfAWH8sL1Uu9jwLGuPy/uAYRu8BmcRM2oJc2R+y2azLWwpKNSfDsFY2
GZMehvO4LJPRAgMBAAECggEBAI+eXfP4Fg7TgroRgduhrTKc6J1DYijCpgT+6spJTOOUbPva8tI4
NXNg8Fr9wjz1ULLiTpV3UAMyQuU9ufmiUoKAHt1sXfXK2gE2jp8netq4nbQkbFgLW4KgHO2IzaeQ
OMzc8WEJNxBSB9HvYv03KU1xOXJYk4S6gMxs4SJaZo4znaRa4zpb+9ZlVPsuKz2K3ODEwljDzVpV
HQagFaeVHpVxVa5YCv5JavlUZ+ijis3MCoK7XvPTpF7Q9Q4DRpDDrBrXILNAs/AazMgGCHVhknIV
1x6MATWZr15D0p7aQlso5h8YWmqFrQh/6GfxUfcqOmeMD5to71aavV+y3NYsMTUCgYEA+0OaWQhs
m18WUn61itNvLvqr2hs0g4PBB40NwM96Vs0whOxWH+c+3RuRULuHk1LSVC7UWCJx0EFvGCD5fzh6 prxpHsTOoG5IOiOIaOfAOmifEOAP9J2fL+8DJ/J1KdhsKkykZ6lLWNnj5M+gD69FGCma8HtbGjHS
R9goXHUDiWsCgYEAqNSbZUBw7E7w7eWus5wEfIuikyyin/70WTKfqGOcSBMohtIpsSPu2agfo3X7
t9PecLLbRvxLHKvExX9tsE9J16W/kihRO8t16TbDSGCGHZHz+IrM4yrzicg4xoOIigZ1DdGgBlTE
oVitqhWE/RMET9+JrLkN3QHrxpepF9LD+rMCgYBcLN6wjsCY9vcPaGBc/1eoWlk0+An5vRnRFVPY
ScTNlxSXjsPBjGmpX3Wdsk34I8f5DfzkIC60gWyp417j5upHxJKjsPtEK3Dfsy1Vnr8MLlk8LZZs
3G4LfZkgzHdi1HxJwDgHtzlm7PgHdot3dYrZZFnsorQ3FdPYe1nDIUIc5QKBgH1On6+87pNV3BiW
Ot5wVBwkf5wAqwtZbf6uRjXzCNGt9oxqfCtP4j2GPUVTkmrUQ+sdtQawxwcWrktv0vfjQYlfKhrO
9cwNrQxVawfTLHfSFmRIkN2iyXNgOlOM2NCpDkQdbEqGrBKdAPiWVEiJzs+BuGuMRi/c9yRE+GoI
MxFlAoGBALHWCUJNKCGYSz6Azf1Nscr/PJusGKFCMd1IoHlPrQKMKaxI62ohiyAqyBY0q4EiRg0K
yzVvP8T3PHHgAaREUAWhUjTbGUk56PiEWwMtIfrLxuFJA0ZsviWKkQXopHgf8r1fhpfBWJUQkNgz
tK0rNFvbmRQh2TchFpopgwPxpn0y/n
证书中公钥:
3082010a 028******* a5 b5 09 cb 8e a1 c9 3a bc bb 4f 788f d7 95 d5
d5 55673913 fd 30 f8 bf 274d e3 e7 6c a0 53 de 3c 2f 88921c 82729a
d4 bc c2 d9 be 5e 1a 953d 34 e7 fd ae 5a a9 ce 03 fa 5a 8f 5e 2a 24 d0 d2
a0 58634565 b9 ca 7367906f 6297396837 c9 aa 8f 217a ef b4 a4 3d
bc 33 de 26 f3 686d ff 7e c0 82 c7 ec bf 340780 f5 df 9f d2 fa 521b 1d
2e 95 d8 fc 501f 92 e4 5901 f1 fb 44773816 ec 973b 3515 b1 8b d8 a1
0b e1 45 b1 51 b5 5e 0a d7 d6 db 0903 d8 7f ae ec d7 811e ae 674a f5 df
1d a8 236031 d7 00665b 502799 e0 44 af 2a 925f ee ee 5f d3 0471 a7
28431e db ff 1b ea e2 c6 72 cb d0 f3 b9 d0 77 c0 587f 2c 2f 552e f6 3c
0b 1a e3 f2 fe e0 1846 ef 0199 c4 4c da 825c d9 1f b2 d9 ac cb 5b 0a 4a
3527 c3 b0 563619931e 86 f3 b8 2c 93 d1 020*******
公钥私钥校验⽅式:
公钥加密,私钥解密,反之亦然。
验证公钥私钥是否配对
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileWriter;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import Certificate;
import CertificateException;
import CertificateFactory;
pto.Cipher;
import apache.ic.NEW;
import sun.misc.BASE64Encoder;
public class ExportPrivateKey {
private File keystoreFile;
private String keyStoreType;
private char[] password;
private String alias;
private File exportedFile;
public static KeyPair getPrivateKey(KeyStore keystore, String alias,
char[] password) {
try {
Key key = Key(alias, password);
if (key instanceof PrivateKey) {
Certificate cert = Certificate(alias);
PublicKey publicKey = PublicKey();
return new KeyPair(publicKey, (PrivateKey) key);
}
} catch (UnrecoverableKeyException e) {
} catch (NoSuchAlgorithmException e) {
} catch (KeyStoreException e) {
}
return null;
}
public PrivateKey export() throws Exception {
KeyStore keystore = Instance(keyStoreType);
BASE64Encoder encoder = new BASE64Encoder();
keystore.load(new FileInputStream(keystoreFile), password);
KeyPair keyPair = getPrivateKey(keystore, alias, password);
PrivateKey privateKey = Private();
String encoded = Encoded());
FileWriter fw = new FileWriter(exportedFile);
fw.write("—–BEGIN PRIVATE KEY—–/n");
System.out.println("—–BEGIN PRIVATE KEY—–/n");
fw.write(encoded);
System.out.println(encoded + "/n");
fw.write("/n");
fw.write("—–END PRIVATE KEY—–");
System.out.println("—–END PRIVATE KEY—–");
fw.close();
return privateKey;
}
public static void main(String args[]) throws Exception {
ExportPrivateKey export = new ExportPrivateKey();
export.keystoreFile = new File("c:/Users/weichyang/key.keystore");
export.keyStoreType = "JCEKS";
export.password = "123456".toCharArray();
export.alias = "test";
PrivateKey port();
// 验证加密解密
PublicKey pKey = gePublic();
byte[] plainText = "我⽤这串字符进⾏加密".getBytes("UTF-8");
Cipher cipher = Instance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, pKey);
// ⽤公钥进⾏加密,返回⼀个字节流
byte[] cipherText = cipher.doFinal(plainText);
System.out.println("====================================");
System.out.println(new String(cipherText,"Utf-8"));
System.out.println("====================================");
cipher.init(Cipher.DECRYPT_MODE, privateKey);
// ⽤私钥进⾏解密,返回⼀个字节流
byte[] newPlainText = cipher.doFinal(cipherText);
System.out.println(new String(newPlainText, "UTF-8"));
}
private static PublicKey gePublic() {
// ⽣成⼀个证书对象并使⽤从输⼊流 inStream 中读取的数据对它进⾏初始化。 try {
CertificateFactory cf = Instance("X.509");
FileInputStream in = new FileInputStream(
"C:/Users/");
Certificate c = cf.generateCertificate(in);
PublicKey publicKey = c.getPublicKey();
豫公网安备41160202000603
站长QQ:729038198
关于我们
投诉建议