zoukankan      html  css  js  c++  java
  • java 从 PKCS12(比如pfx格式)证书中提取私钥证书(PrivateKey)和受信任的公钥证书(X509Certificate)的序列号(SerialNumber)

    import lombok.Cleanup;
    import lombok.Getter;
    import lombok.Setter;
    import lombok.SneakyThrows;
    import lombok.experimental.UtilityClass;
    
    import java.io.FileInputStream;
    import java.security.KeyStore;
    import java.security.PrivateKey;
    import java.security.cert.X509Certificate;
    import java.util.Enumeration;
    
    /**
     * An utility class for obtaining {@link PrivateKey} and the serial number of the trusted {@link X509Certificate} 
    * from keystore in PKCS12 format
    */ @Getter @Setter @UtilityClass public class SignCertInfo { private static final SignCertInfo DEFAULT = new SignCertInfo(); private String certId; private PrivateKey privateKey; public static SignCertInfo createNew(Configs configs) { return createNewFrom(getKeyStore(configs), configs); } @SneakyThrows private static SignCertInfo createNewFrom(KeyStore store, Configs configs) { Enumeration<String> aliases = store.aliases(); while (aliases.hasMoreElements()) { String alia = aliases.nextElement(); if (isX509Cert(store, alia)) { newSignCertInfo(store, alia, configs); } } return DEFAULT; } @SneakyThrows private static KeyStore getKeyStore(Configs configs) { @Cleanup FileInputStream stream = new FileInputStream(configs.getPfxPath()); KeyStore store = KeyStore.getInstance(Pkcs12KeyStore.TYPE, Pkcs12KeyStore.PROVIDER); store.load(stream, configs.getPfxPasswd().toCharArray()); return store; } @SneakyThrows private static boolean isX509Cert(KeyStore store, String alia) { return CertificateType.X509.equalsIgnoreCase(store.getCertificate(alia).getType()); } @SneakyThrows private static SignCertInfo newSignCertInfo(KeyStore store, String alia, Configs configs) { SignCertInfo signCertInfo = new SignCertInfo(); signCertInfo.setCertId(((X509Certificate) store.getCertificate(alia)).getSerialNumber().toString()); signCertInfo.setPrivateKey((PrivateKey) store.getKey(alia, configs.getPfxPasswd().toCharArray())); return signCertInfo; } }
    public interface Pkcs12KeyStore {
    
      String TYPE = "PKCS12";
    
      String PROVIDER = "SunJSSE";
    
    }
  • 相关阅读:
    Zabbix通过进程名监控进程状态配置详解
    kibana 统计field所有值百分比
    使用Logstash filter grok过滤日志文件
    python 修改文件内容
    清理elasticsearch的索引
    zabbix3.2.1安装graphtrees插件
    snmpwalk用法
    Zabbix通过SNMPv2监控DELL服务器的硬件信息
    zabbix上的宏(macro)介绍
    解决TeamViewer无法按给定网络地址联系伙伴
  • 原文地址:https://www.cnblogs.com/frankyou/p/11384314.html
Copyright © 2011-2022 走看看