From f1aa91c81d2ed11512e66e4d5d136f7e47f26768 Mon Sep 17 00:00:00 2001 From: maxf <1107047387@qq.com> Date: Fri, 11 Jan 2019 16:49:34 +0800 Subject: [PATCH] =?UTF-8?q?=E5=85=AC=E7=A7=81=E9=92=A5=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/yexuejc/base/encrypt/RSA.java | 12 +- .../java/com/yexuejc/base/encrypt/RSA2.java | 128 ++++++++++++++++-- 2 files changed, 123 insertions(+), 17 deletions(-) diff --git a/src/main/java/com/yexuejc/base/encrypt/RSA.java b/src/main/java/com/yexuejc/base/encrypt/RSA.java index 6fc9010..14b322d 100644 --- a/src/main/java/com/yexuejc/base/encrypt/RSA.java +++ b/src/main/java/com/yexuejc/base/encrypt/RSA.java @@ -1,24 +1,22 @@ package com.yexuejc.base.encrypt; - import org.apache.commons.codec.binary.Base64; import org.bouncycastle.jce.provider.BouncyCastleProvider; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.UnsupportedEncodingException; +import java.io.*; import java.security.*; +import java.security.cert.Certificate; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; +import java.util.Enumeration; import java.util.HashMap; import java.util.Map; - /** * RSA加解密 配置模式 * @@ -71,7 +69,6 @@ public class RSA { */ public static SignAlgorithm signAlgorithm = SignAlgorithm.SHA1withRSA; - /** * 生成密钥对 * @@ -123,7 +120,6 @@ public class RSA { return keyPairMap; } - /** * 得到公钥 * @@ -203,7 +199,6 @@ public class RSA { } } - /** * 私钥加密 * @@ -310,7 +305,6 @@ public class RSA { private static Signature signature; - /** * /** * 私钥签名:默认算法SHA1withRSA diff --git a/src/main/java/com/yexuejc/base/encrypt/RSA2.java b/src/main/java/com/yexuejc/base/encrypt/RSA2.java index 2e86afd..68e7099 100644 --- a/src/main/java/com/yexuejc/base/encrypt/RSA2.java +++ b/src/main/java/com/yexuejc/base/encrypt/RSA2.java @@ -2,14 +2,8 @@ package com.yexuejc.base.encrypt; import com.yexuejc.base.util.StrUtil; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.InputStream; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableKeyException; +import java.io.*; +import java.security.*; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; @@ -192,4 +186,122 @@ public class RSA2 { return (RSAPrivateKey) ks.getKey(alias, password.toCharArray()); } + /** + * 证书格式转换 JKS(xx.keystore) 转 PKCS12(xx.pfx) + * + * @param inPath 证书输入文件路径 + * @param outPath 证书输出文件路径 + * @param oPwd 原证书密码 + * @param nPwd 新证书密码(为空同原证书密码一致) + */ + public static void cover2Pfx(String inPath, String outPath, String oPwd, String nPwd) { + try { + FileInputStream fis = new FileInputStream(inPath); + FileOutputStream out = new FileOutputStream(outPath); + if (nPwd == null) { + nPwd = oPwd; + } + cover2Pfx(fis, out, oPwd.toCharArray(), nPwd.toCharArray()); + out.close(); + } catch (Exception e) { + e.printStackTrace(); + } + } + + /** + * 证书格式转换 JKS(xx.keystore) 转 PKCS12(xx.pfx) + * + * @param fis 证书输入文件流 + * @param out 证书输出文件流[自行关闭->out.close()] + * @param oPwd 原证书密码 + * @param nPwd 新证书密码(为空同原证书密码一致) + */ + public static void cover2Pfx(FileInputStream fis, FileOutputStream out, char[] oPwd, char[] nPwd) { + try { + KeyStore inputKeyStore = KeyStore.getInstance("JKS"); + cover(fis, out, oPwd, nPwd, inputKeyStore, "PKCS12"); + } catch (Exception e) { + e.printStackTrace(); + } + } + + /** + * 证书格式转换 PKCS12(xx.pfx) 转 JKS(xx.keystore) + * + * @param inPath 证书输入文件路径 + * @param outPath 证书输出文件路径 + * @param oPwd 原证书密码 + * @param nPwd 新证书密码(为空同原证书密码一致) + */ + public static void cover2keyStore(String inPath, String outPath, String oPwd, String nPwd) { + try { + FileInputStream fis = new FileInputStream(inPath); + FileOutputStream out = new FileOutputStream(outPath); + if (nPwd == null) { + nPwd = oPwd; + } + cover2keyStore(fis, out, oPwd.toCharArray(), nPwd.toCharArray()); + out.close(); + } catch (Exception e) { + e.printStackTrace(); + } + + } + + /** + * 证书格式转换 PKCS12(xx.pfx) 转 JKS(xx.keystore) + * + * @param fis 证书输入文件流 + * @param out 证书输出文件流[自行关闭->out.close()] + * @param oPwd 原证书密码 + * @param nPwd 新证书密码(为空同原证书密码一致) + */ + public static void cover2keyStore(FileInputStream fis, FileOutputStream out, char[] oPwd, char[] nPwd) { + try { + KeyStore inputKeyStore = KeyStore.getInstance("PKCS12"); + cover(fis, out, oPwd, nPwd, inputKeyStore, "JKS"); + } catch (Exception e) { + e.printStackTrace(); + } + } + + /** + * 证书转换操作 + * + * @param fis 证书输入文件流 + * @param out 证书输出文件流[自行关闭->out.close()] + * @param oPwd 原证书密码 + * @param nPwd 新证书密码(为空同原证书密码一致) + * @param inputKeyStore 输入格式 + * @param type 目标类型 + * @throws IOException + * @throws NoSuchAlgorithmException + * @throws CertificateException + * @throws KeyStoreException + * @throws UnrecoverableKeyException + */ + public static void cover(FileInputStream fis, FileOutputStream out, char[] oPwd, char[] nPwd, KeyStore inputKeyStore, String type) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException { + inputKeyStore.load(fis, oPwd); + fis.close(); + if (nPwd == null) { + nPwd = oPwd; + } + KeyStore outputKeyStore = KeyStore.getInstance(type); + outputKeyStore.load(null, nPwd); + Enumeration enums = inputKeyStore.aliases(); + while (enums.hasMoreElements()) { + String keyAlias = enums.nextElement(); + System.out.println("alias=[" + keyAlias + "]"); + if (inputKeyStore.isKeyEntry(keyAlias)) { + Key key = inputKeyStore.getKey(keyAlias, oPwd); + Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias); + outputKeyStore.setKeyEntry(keyAlias, key, nPwd, certChain); + } + } + outputKeyStore.store(out, nPwd); + } + + public static void main(String[] args) { + cover2Pfx("D:\\mykeystore.keystore", "D:\\m1.pfx", "123456", null); + } }