[英]Java self signed certificate and keystore usage
I need to create public and private key along public certificate. 我需要沿着公共证书创建公共和私有密钥。 I am able to generate the self sign certificate using the following code ... 我可以使用以下代码生成自签名证书...
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair KPair = keyPairGenerator.generateKeyPair();
PrivateKey privkey = KPair.getPrivate();
X509CertInfo info = new X509CertInfo();
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000l);
CertificateValidity interval = new CertificateValidity(from, to);
BigInteger sn = new BigInteger(64, new SecureRandom());
X500Name owner = new X500Name(dn);
info.set(X509CertInfo.VALIDITY, interval);
info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
info.set(X509CertInfo.KEY, new CertificateX509Key(pair.getPublic()));
info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);
info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));
// Sign the cert to identify the algorithm that's used.
X509CertImpl cert = new X509CertImpl(info);
cert.sign(privkey, algorithm);
// Update the algorith, and resign.
algo = (AlgorithmId)cert.get(X509CertImpl.SIG_ALG);
info.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algo);
cert = new X509CertImpl(info);
cert.sign(privkey, algorithm);
Now i need to save the private and public key either by using keystore or any otherway so that i can retrieve those for signing any file or object. 现在,我需要通过使用密钥库或其他方式来保存私钥和公钥,以便我可以检索到那些用于签署任何文件或对象的密钥。 I tried using simple file streaming but it gave me error and seems like its not the proper way. 我尝试使用简单的文件流传输,但是它给了我错误,并且似乎不是正确的方法。 Kindly guide me what should i do next. 请指导我下一步该怎么做。 I want to use certificate and private key to sign some data and i want to save them so that i can use verification anytime. 我想使用证书和私钥对一些数据进行签名,并且我想保存它们,以便我可以随时使用验证。
i found the answer 我找到了答案
private void savePublicKeyToFile(String fileName,
BigInteger mod, BigInteger exp) throws IOException {
ObjectOutputStream oout = new ObjectOutputStream(
new BufferedOutputStream(new FileOutputStream(fileName)));
try {
oout.writeObject(mod);
oout.writeObject(exp);
} catch (Exception e) {
// throw new SomeException(e);
} finally {
oout.close();
}
}
private void savePrivteKeyToFile(String fileName,
BigInteger mod, BigInteger PublicExponent, BigInteger PrivateExponent,
BigInteger PrimeP, BigInteger PrimeQ,BigInteger PrimeExponentP,BigInteger PrimeExponentQ,
BigInteger CrtCoefficient) throws IOException {
ObjectOutputStream oout = new ObjectOutputStream(
new BufferedOutputStream(new FileOutputStream(fileName)));
try {
oout.writeObject(mod);
oout.writeObject(PublicExponent);
oout.writeObject(PrivateExponent);
oout.writeObject(PrimeP);
oout.writeObject(PrimeQ);
oout.writeObject(PrimeExponentP);
oout.writeObject(PrimeExponentQ);
oout.writeObject(CrtCoefficient);
} catch (Exception e) {
// throw new SomeException(e);
} finally {
oout.close();
}
}
// To save in keystore here is the way
Certificate [] certChain = new Certificate[1];
certChain[0] = ca;
String strAlias = "abcalias", strPassword="mypass";
KeyStore keyStore = KeyStore.getInstance("jks");
keyStore.load(null,strPassword.toCharArray());
keyStore.setEntry(strAlias,
new KeyStore.PrivateKeyEntry((PrivateKey) KPair.getPrivate(), certChain),
new KeyStore.PasswordProtection(strPassword.toCharArray()));
FileOutputStream fkey = new FileOutputStream(strFilePath+".keystore");
keyStore.store(fkey, strPassword.toCharArray());
fkey.close();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.