keytool生成密钥对

keytool生成密钥对


C:\Users\Administrator>keytool -genkey -alias alias1 -keyalg RSA -keysize 1024 -
keystore E:\公司\zhengshu\haha.keystore -validity 4000
输入密钥库口令:
您的名字与姓氏是什么?
[Unknown]: zl
您的组织单位名称是什么?
[Unknown]: zl
您的组织名称是什么?
[Unknown]: zl
您所在的城市或区域名称是什么?
[Unknown]: zl
您所在的省/市/自治区名称是什么?
[Unknown]: zl
该单位的双字母国家/地区代码是什么?
[Unknown]: zl
CN=zl, OU=zl, O=zl, L=zl, ST=zl, C=zl是否正确?
[否]: Y

输入 的密钥口令
(如果和密钥库口令相同, 按回车):
再次输入新口令:

输出Keystore证书
从密钥库haha.keystore中导出别名为alias1的证书到alias1.crt文件中(导出的证书中包括主体信息和公钥)。
keytool -export -alias alias1 -keystore haha.keystore -file alias1.crt
Enter keystore password: ****(输入Keystore操作密码)

查看导出的证书信息
keytool -printcert -file alias1.crt

导入证书
从名为alias2.crt文件中取出别名为alias2的证书信息导入到名为haha.keystore密钥库中。
keytool -import -alias alias2 -keystore haha.keystore -file alias2.crt

package zhengshu;

import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.util.Base64;
import java.util.Enumeration;

public class Test {

	public static void main(String[] args) {

		try {
			FileInputStream is = new FileInputStream(new File(
					"E:\\公司\\zhengshu\\haha.keystore"));
			KeyStore keyStore = KeyStore.getInstance("JKS");
			keyStore.load(is, "123456".toCharArray());
			Enumeration aliasEnum = keyStore.aliases();

			while (aliasEnum.hasMoreElements()) {
				String keyAlias = (String) aliasEnum.nextElement();
				System.out.println("List别名item: " + keyAlias);
			}

			Certificate certificate = keyStore.getCertificate("alias1");
			PublicKey publicKey = keyStore.getCertificate("alias1")
					.getPublicKey();

			PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) keyStore
					.getEntry("alias1", new KeyStore.PasswordProtection(
							"654321".toCharArray()))).getPrivateKey();

			Base64.Encoder en = Base64.getEncoder();
			Base64.Decoder de = Base64.getDecoder();

			String strPrivateKey = en.encodeToString(privateKey.getEncoded());
			System.out.println("私钥 = \n" + strPrivateKey + "\n");

			String strPubKey = en.encodeToString(publicKey.getEncoded());
			System.out.println("公钥 = \n" + strPubKey + "\n");

			String sign = en.encodeToString(sign("测试内容".getBytes(), privateKey,
					"SHA1withRSA", null));
			System.out.println("签名测试 = \n" + sign + "\n");

			boolean verfi = verify("测试内容".getBytes(), de.decode(sign),
					publicKey, "SHA1withRSA", null);
			System.out.println("验签测试 = \n" + verfi + "\n");

		} catch (Exception e) {
			e.printStackTrace();
		}

	}

	/**
	 * 签名
	 */
	private static byte[] sign(byte[] message, PrivateKey privateKey,
			String algorithm, String provider) throws Exception {
		Signature signature;
		if (null == provider || provider.length() == 0) {
			signature = Signature.getInstance(algorithm);
		} else {
			signature = Signature.getInstance(algorithm, provider);
		}
		signature.initSign(privateKey);
		signature.update(message);
		return signature.sign();
	}

	/**
	 * 验签
	 */
	private static boolean verify(byte[] message, byte[] signMessage,
			PublicKey publicKey, String algorithm, String provider)
			throws Exception {
		Signature signature;
		if (null == provider || provider.length() == 0) {
			signature = Signature.getInstance(algorithm);
		} else {
			signature = Signature.getInstance(algorithm, provider);
		}
		signature.initVerify(publicKey);
		signature.update(message);
		return signature.verify(signMessage);
	}

}

你可能感兴趣的:(keytool生成密钥对)