java實現安全證書相關操作

阿新 • • 發佈：2018-12-22

package test;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintStream;

import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;

import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateFactorySpi;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;

import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.junit.Test;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import sun.security.pkcs.ContentInfo;
import sun.security.pkcs.PKCS10;
import sun.security.pkcs.PKCS7;
import sun.security.tools.KeyStoreUtil;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateIssuerName;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateSubjectName;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X500Signer;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;
public class ReadKeyStoreTest {
/**
* 列出store中所有的私鑰和公鑰以及簽名信息
*
* @param ks
* @param storePass
* @param priKeyPass
* @throws Exception
*/
private void listKeyAndCertificate(KeyStore ks, String storePass,
String priKeyPass) throws Exception {
System.out.println("size=" + ks.size());
Enumeration<string> enum1 = ks.aliases();
int i = 0;
while (enum1.hasMoreElements()) {
String alias = enum1.nextElement();
System.out.println("第" + (++i) + "個");
System.out.println("alias=" + alias);
java.security.cert.Certificate c = ks.getCertificate(alias);// alias為條目的別名
readX509Certificate((X509Certificate) c);
readPriKey(ks, alias, priKeyPass);
}
}
/**
* 列出store中私鑰和cert chain資訊
*
* @param ks
* @param alias
* @param pass
* @throws Exception
*/
private void readPriKey(KeyStore ks, String alias, String pass)
throws Exception {
Key key = ks.getKey(alias, pass.toCharArray());
if (null == key) {
System.out.println("no priviate key of " + alias);
return;
}
System.out.println();
System.out.println("algorithm=" + key.getAlgorithm());
System.out.println("format=" + key.getFormat());
System.out.println("toString=" + key);
readCertChain(ks, alias);
}
/**
* 列出store中 cert chain資訊
*
* @param ks
* @param alias
* @throws Exception
*/
private void readCertChain(KeyStore ks, String alias) throws Exception {
Certificate[] certChain = ks.getCertificateChain(alias);
System.out.println("chain of " + alias);
if (null == certChain) {
System.out.println("no chain");
return;
}
int i = 0;
for (Certificate c : certChain) {
System.out.println("index " + (i++) + " in chain of " + alias);
readX509Certificate((X509Certificate) c);
}
}
/**
* 列出x509Certificate的基本資訊
*
* @param t
*/
private void readX509Certificate(X509Certificate t) {
System.out.println(t);
System.out.println("輸出證書資訊:\n" + t.toString());
System.out.println("版本號:" + t.getVersion());
System.out.println("序列號:" + t.getSerialNumber().toString(16));
System.out.println("主體名：" + t.getSubjectDN());
System.out.println("簽發者：" + t.getIssuerDN());
System.out.println("有效期：" + t.getNotBefore());
System.out.println("簽名演算法：" + t.getSigAlgName());
byte[] sig = t.getSignature();// 簽名值
PublicKey pk = t.getPublicKey();
byte[] pkenc = pk.getEncoded();
System.out.println("簽名：");
for (int i = 0; i < sig.length; i++)
System.out.print(sig[i] + ",");
System.out.println();
System.out.println("公鑰： ");
for (int i = 0; i < pkenc.length; i++)
System.out.print(pkenc[i] + ",");
System.out.println();
}
/**
* 建立一個新的keystore
*
* @param storePass
* @param storeType
* PKCS12/JKS
* @return
* @throws Exception
*/
private KeyStore createKeyStore(String storePass, String storeType)
throws Exception {
KeyStore ks = KeyStore.getInstance(storeType);
ks.load(null, storePass.toCharArray());
return ks;
}
/**
* 載入一個已有的keyStore
*
* @param path
* @param storePass
* @param storeType
* PKCS12/JKS
* @return
* @throws Exception
*/
private KeyStore loadKeyStore(String path, String storePass,
String storeType) throws Exception {
FileInputStream in = new FileInputStream(path);
KeyStore ks = KeyStore.getInstance(storeType);
ks.load(in, storePass.toCharArray());
in.close();
return ks;
}
/**
* 從檔案載入一個證書
*
* @param path
* @param certType
* @return
* @throws Exception
*/
private Certificate loadCert(String path, String certType) throws Exception {
CertificateFactory cf = CertificateFactory.getInstance(certType);
FileInputStream in = new FileInputStream(path);
Certificate c = cf.generateCertificate(in);
in.close();
return c;
}
/**
* 生成一個由根證書籤名的store
*
* @param rootStore
* @param rootAlias
* @param rootKeyPass
* @param subjectStr
* @param storeType
* @param storePass
* @param alg
* @param keySize
* @param keyPass
* @return
* @throws Exception
*/
public KeyStore generateSignedKeyStore(KeyStore rootStore,
String rootAlias, String rootKeyPass, String subjectStr,
String storeType, String storePass, String alias, String alg,
int keySize, String keyPass) throws Exception {
PrivateKey rootKey = null;
X509CertImpl rootCert = null;
X509CertInfo rootInfo = null;
CertificateSubjectName rootsubject = null;
// 簽發者
X500Name issueX500Name = new X500Name(subjectStr);
if (null != rootStore) {
rootKey = (PrivateKey) rootStore.getKey(rootAlias,
rootKeyPass.toCharArray());
rootCert = (X509CertImpl) rootStore.getCertificate(rootAlias);
rootInfo = (X509CertInfo) rootCert.get(X509CertImpl.NAME + "."
+ X509CertImpl.INFO);
rootsubject = (CertificateSubjectName) rootInfo
.get(X509CertInfo.SUBJECT);
issueX500Name = (X500Name) rootsubject
.get(CertificateIssuerName.DN_NAME);
}
// 簽發者
CertificateIssuerName issuerName = new CertificateIssuerName(
issueX500Name);
// 被簽發者
X500Name subjectX500Name = new X500Name(subjectStr);
CertificateSubjectName subjectName = new CertificateSubjectName(
subjectX500Name);
// 有效期設定
Calendar calendar = Calendar.getInstance();
Date startDate = calendar.getTime();
calendar.add(Calendar.DATE, 85);
Date endDate = calendar.getTime();
CertificateValidity certificateValidity = new CertificateValidity(
startDate, endDate);
// 序列號
CertificateSerialNumber sn = new CertificateSerialNumber(
(int) (startDate.getTime() / 1000L));
// 版本
CertificateVersion certVersion = new CertificateVersion(
CertificateVersion.V3);
// 演算法
// TODO 獲取演算法的程式碼有問題
AlgorithmId algorithmId = new AlgorithmId(
"RSA".equals(alg) ? AlgorithmId.sha1WithRSAEncryption_oid
: AlgorithmId.sha1WithDSA_oid);
// 金鑰對
KeyPairGenerator keygen = KeyPairGenerator.getInstance(alg);
keygen.initialize(keySize, new SecureRandom());
KeyPair kp = keygen.genKeyPair();
X509CertInfo certInfo = new X509CertInfo();
certInfo.set("version", certVersion);
certInfo.set("serialNumber", sn);
// localX500Signer.getAlgorithmId();
certInfo.set("algorithmID", new CertificateAlgorithmId(algorithmId));
certInfo.set("key", new CertificateX509Key(kp.getPublic()));
certInfo.set("validity", certificateValidity);
certInfo.set("subject", subjectName);
certInfo.set("issuer", issuerName);
// 擴充套件資訊
// if (System.getProperty("sun.security.internal.keytool.skid") !=
// null)
// {
// CertificateExtensions localCertificateExtensions = new
// CertificateExtensions();
// localCertificateExtensions.set("SubjectKeyIdentifier", new
// SubjectKeyIdentifierExtension(new
// KeyIdentifier(this.publicKey).getIdentifier()));
// certInfo.set("extensions", localCertificateExtensions);
// }
X509CertImpl newcert = new X509CertImpl(certInfo);
// TODO 這裡的簽名演算法可能有問題貌似應該用rootcert的簽名演算法待測試
KeyStore ks = this.createKeyStore(storePass, storeType);
Certificate[] certChain = null;
// 如果rootStore為空則生成自簽名證書
if (null == rootStore) {
newcert.sign(kp.getPrivate(), "SHA1WithRSA");
certChain = new Certificate[] { newcert };
} else {
newcert.sign(rootKey, "SHA1WithRSA");
certChain = new Certificate[] { newcert, rootCert };
}
// ks.setCertificateEntry("zrbin", newcert);
ks.setKeyEntry(alias, kp.getPrivate(), keyPass.toCharArray(), certChain);
return ks;
}
@Test
public void testReadCer() throws Exception {
String path = "d:\\test.cer";
String certType = "X.509";
CertificateFactory cf = CertificateFactory.getInstance(certType);
FileInputStream in = new FileInputStream(path);
Collection<certificate> cs = (Collection<certificate>) cf
.generateCertificates(in);
in.close();
System.out.println("size=" + cs.size());
for (Certificate c : cs) {
readX509Certificate((X509Certificate) c);
}
}
@Test
public void testReadP12() throws Exception {
String storePass = "123456";
String keyPass = "123456";
String path = "d:\\zrbin.p12";
KeyStore ks = loadKeyStore(path, storePass, "PKCS12");
listKeyAndCertificate(ks, storePass, keyPass);
}
@Test
public void testReadKeyStore() throws Exception {
String storePass = "123456";
String keyPass = "123456";
String path = "d:\\test.keystore";
KeyStore ks = loadKeyStore(path, storePass, "JCEKS");
listKeyAndCertificate(ks, storePass, keyPass);
}
@Test
public void testExportCert() throws FileNotFoundException, Exception {
String pass = "123456";
FileInputStream in = new FileInputStream("d:\\zrbin.p12");
boolean rfc = true;
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(in, pass.toCharArray());
Certificate cert = ks.getCertificate("zrbin");
PrintStream out = new PrintStream("D:\\zrbin.cer");
if (rfc) {
BASE64Encoder encoder = new BASE64Encoder();
out.println("-----BEGIN CERTIFICATE-----");
encoder.encodeBuffer(cert.getEncoded(),
out);
out.println("-----END CERTIFICATE-----");
} else {
out.write(cert.getEncoded());
}
out.write(cert.getEncoded());
}
@Test
public void testImportCert() throws Exception {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
FileInputStream storeIn = new FileInputStream("d:\\server.keystore");
FileInputStream in = new FileInputStream("d:\\zrbin.cer");
FileInputStream rootin = new FileInputStream("d:\\root.cer");
X509CertImpl cert = (X509CertImpl) cf.generateCertificate(in);
X509CertImpl rootcert = (X509CertImpl) cf.generateCertificate(rootin);
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(null, "123456".toCharArray());
ks.deleteEntry("zrbin");
// ks.setCertificateEntry("zrbin", cert);
ks.setCertificateEntry("root", rootcert);
in.close();
FileOutputStream out = new FileOutputStream("d:\\server.keystore");
ks.store(out, "123456".toCharArray());
}
@Test
public void testImportSigenedCert() throws Exception {
String alias = "test";
CertificateFactory cf = CertificateFactory.getInstance("X.509");
FileInputStream storeIn = new FileInputStream("d:\\test.keystore");
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(storeIn, "123456".toCharArray());
PrivateKey priKey = (PrivateKey) ks.getKey(alias,
"123456".toCharArray());
FileInputStream in = new FileInputStream("d:\\test.cer");
Collection<certificate> certCollection = (Collection<certificate>) cf
.generateCertificates(in);
System.out.println(certCollection.size());
if (certCollection.size() == 0) {
System.out.println("沒有要匯入的證書");
return;
}
// 如果沒有對應的私鑰，直接匯入certficateEntry
if (null == priKey) {
for (Certificate _cert : certCollection) {
ks.setCertificateEntry(alias, _cert);
break;
}
} else {
Certificate importCert = null;
for (Certificate cert : certCollection) {
if (ks.getCertificate(alias).getPublicKey()
.equals(cert.getPublicKey())) {
importCert = cert;
break;
}
}
if (null == importCert) {
System.out.println("錯誤：no replay cert");
}
certCollection.remove(importCert);
if (X509CertImpl.isSelfSigned((X509Certificate) importCert, null)) {
System.out.println("證書未被ca簽名,無需匯入");
} else {
// 構建認證鏈
List<certificate> certList = new ArrayList<certificate>(
ks.size());
Map<principal certificate=""> cerMap = new HashMap<principal certificate="">();
Enumeration<string> aliasEnum = ks.aliases();
// 把不包括當前回覆的都加到map裡
while (aliasEnum.hasMoreElements()) {
String _alias = aliasEnum.nextElement();
if (!_alias.equals(alias)) {
X509CertImpl _cert = (X509CertImpl) ks
.getCertificate(_alias);
cerMap.put(_cert.getSubjectDN(), _cert);
}
}
for (Certificate cert : certCollection) {
cerMap.put(((X509Certificate) cert).getSubjectDN(), cert);
}
certList.add(importCert);
Principal issuerName = ((X509Certificate) importCert)
.getIssuerDN();
while (cerMap.keySet().contains(issuerName)) {
X509Certificate _rootCert = (X509Certificate) cerMap
.remove(issuerName);
if (null == _rootCert) {
System.out.println(issuerName + "的根證書為空");
return;
}
certList.add(_rootCert);
issuerName = _rootCert.getIssuerDN();
}
X509CertImpl rootCert = (X509CertImpl) certList.get(certList
.size() - 1);
if (!X509CertImpl.isSelfSigned(rootCert, null)) {
System.out.println("構建證書鏈錯誤,請先匯入頒發者(" + issuerName
+ ")的CA證書");
return;
}
Certificate[] certChain = certList
.toArray(new Certificate[certList.size()]);
ks.setKeyEntry(alias, priKey, "123456".toCharArray(), certChain);
}
}
in.close();
FileOutputStream out = new FileOutputStream("d:\\test.keystore");
ks.store(out, "123456".toCharArray());
out.close();
}
@Test
public void testGenerateKeyStore() throws Exception {
KeyPairGenerator kg = KeyPairGenerator.getInstance("RSA");
KeyPair kp = kg.genKeyPair();
System.out.println(KeyStoreUtil.niceStoreTypeName("PKCS12"));
System.out.println(kp.getPrivate());
System.out.println(kp.getPublic());
KeyStore ks = KeyStore.getInstance("JKS");
}
@Test
public void testX500Name() throws IOException, CertificateException {
// for(byte i=48;i<=57;i++){
// System.out.println((char)i);
// }
// RFC 1779 (CN, L, ST, O, OU, C, STREET)
// RFC 2253 (CN/name, L/location, ST/station, O/org, OU/orgunit,
// C/country, STREET, DC, UID)
X500Name subjectName = new X500Name(
"CN=www.jiangtech.com,L=ZuChongZhi road,ST=Shang Hai,O=Jiangdatech,OU=ENTERPRISE APP,C=China,STREET=ZuChongZhi Road");
X500Name subjectName1 = new X500Name(
"CN=www.jiangtech.com,L=ZuChongZhi road,ST=Shang Hai,O=Jiangdatech,OU=ENTERPRISE APP,C=China,STREET=ZuChongZhi Road");
// X509CertInfo certInfo = new X509CertInfo();
// certInfo.set(X509CertInfo.SUBJECT, new CertificateSubjectName(
// subjectName));
System.out.println(subjectName.hashCode());
System.out.println(subjectName1.hashCode());
}
/**
* 證書驗證
*
* @throws Exception
*/
@Test
public void testValidate() throws Exception {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
// kpg.initialize()
KeyPair kp = kpg.genKeyPair();
KeyStore rootStore = this.loadKeyStore("d:/root.keystore", "123456",
"JKS");
PrivateKey rootKey = (PrivateKey) rootStore.getKey("jdcert",
"123456".toCharArray());
KeyStore store1 = this.loadKeyStore("d:/jd_signed.keystore", "123456",
"JKS");
X509CertImpl rootCert = (X509CertImpl) rootStore
.getCertificate("jdcert");
X509CertInfo rootInfo = (X509CertInfo) rootCert.get(X509CertImpl.NAME
+ "." + X509CertImpl.INFO);
CertificateSubjectName rootsubject = (CertificateSubjectName) rootInfo
.get(X509CertInfo.SUBJECT);
Certificate[] chain = rootStore.getCertificateChain("jdcert");
rootCert.verify(kp.getPublic());
}
/**
* 測試簽發證書
*/
@Test
public void testGenerateSignedKeyStore() {
try {
KeyStore rootStore = this.loadKeyStore("d:/root.keystore",
"123456", "JKS");
String rootAlias = "test";
String subjectStr = "[email protected],L=PU Dong,ST=Shang Hai,O=Jiangdatech,OU=ENTERPRISE APP,C=China,STREET=ZuChongZhi Road";
String alg = "RSA";
String storeType = "JKS";
int keySize = 1024;
String keyPass = "123456";
String rootKeyPass = "123456";
String storePass = "123456";
String alias = "test";
KeyStore ks = this.generateSignedKeyStore(null, rootAlias,
rootKeyPass, subjectStr, storeType, storePass, alias, alg,
keySize, keyPass);
OutputStream out = new FileOutputStream(
new File("d:/test.keystore"));
ks.store(out, "123456".toCharArray());
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 測試簽發證書
*/
@Test
public void testGenerateSecKeyStore() {
try {
String rootAlias = "test";
String subjectStr = "[email protected],L=PU Dong,ST=Shang Hai,O=Jiangdatech,OU=ENTERPRISE APP,C=China,STREET=ZuChongZhi Road";
String alg = "DES";
String storeType = "JKS";
int keySize = 1024;
String keyPass = "123456";
String rootKeyPass = "123456";
String storePass = "123456";
String alias = "test";
KeyStore ks = this.createKeyStore("123456", "JCEKS");
KeyGenerator keygen = KeyGenerator.getInstance("DES");
SecretKey secKey = keygen.generateKey();
ks.setKeyEntry(alias, secKey, "123456".toCharArray(),null);
OutputStream out = new FileOutputStream(
new File("d:/test.keystore"));
ks.store(out, "123456".toCharArray());
} catch (Exception e) {
e.printStackTrace();
}
}
@Test
/**
* 關於p7b的操作未實現
*/
public void testGeneratePKCS7KeyStore() {
try {
/*ContentInfo info = new ContentInfo(arg0);
//PKCS7 pkcs7 = new PKCS7()
String rootAlias = "test";
String subjectStr = "[email protected],L=PU Dong,ST=Shang Hai,O=Jiangdatech,OU=ENTERPRISE APP,C=China,STREET=ZuChongZhi Road";
String alg = "DES";
String storeType = "JKS";
int keySize = 1024;
String keyPass = "123456";
String rootKeyPass = "123456";
String storePass = "123456";
String alias = "test";
KeyStore ks = this.createKeyStore("123456", "PKCS7");
KeyGenerator keygen = KeyGenerator.getInstance("RSA");
//SecretKey secKey = keygen.generateKey();
//ks.setKeyEntry(alias, secKey, "123456".toCharArray(),null);
OutputStream out = new FileOutputStream(
new File("d:/test.keystore"));
ks.store(out, "123456".toCharArray());*/
} catch (Exception e) {
e.printStackTrace();
}
}
@Test
public void testReadJCEKS() throws Exception{
KeyStore ks = this.loadKeyStore("D:/test.keystore","123456", "JCEKS");
Enumeration<string> aliasEnum = ks.aliases();
while(aliasEnum.hasMoreElements()){
String alias = aliasEnum.nextElement();
SecretKeySpec secKey = (SecretKeySpec) ks.getKey(alias, "123456".toCharArray());
System.out.println(ks.getCertificate(alias));
//System.out.println(ks.);
System.out.println(secKey.getClass());
System.out.println(secKey.getFormat());
System.out.println(secKey.getEncoded());
}
}
public PKCS10 readCsr() throws Exception {
File f = new File("D:/test.csr");
InputStream in = new FileInputStream(f);
ByteArrayOutputStream out = new ByteArrayOutputStream(1024);
byte[] bytes = new byte[(int) f.length()];
in.read(bytes);
String base64String = new String(bytes, "ISO-8859-1");
System.out.println(base64String);
Pattern p = Pattern
.compile("-----BEGIN NEW CERTIFICATE REQUEST-----([\\s\\S]*?)-----END NEW CERTIFICATE REQUEST-----([\\s\\S]*)");
BASE64Decoder decoder = new BASE64Decoder();
Matcher m = p.matcher(base64String);
if (m.find()) {
String s = m.group(1);
System.out.println(s.trim());
byte[] bArray = decoder.decodeBuffer(s);
PKCS10 csr = new PKCS10(bArray);
System.out.println(csr);
return csr;
}
throw new Exception("檔案錯誤，無法讀取csr");
}
@Test
public void testReadCsr() throws Exception {
PKCS10 csr = readCsr();
}
@Test
public void createCsr() throws Exception {
String storePass = "123456";
String alias = "test";
String alg = null;
KeyStore ks = this.loadKeyStore("d:/test.keystore", storePass, "JKS");
Certificate cert = ks.getCertificate(alias);
PrivateKey priKey = (PrivateKey) ks.getKey(alias,
"123456".toCharArray());
PublicKey pubKey = cert.getPublicKey();
PKCS10 csr = new PKCS10(pubKey);
String signAlg = null;
if (alg == null) {
alg = priKey.getAlgorithm();
if (("DSA".equalsIgnoreCase(alg)) || ("DSS".equalsIgnoreCase(alg)))
signAlg = "SHA1WithDSA";
else if ("RSA".equalsIgnoreCase((String) alg))
signAlg = "SHA1WithRSA";
else
throw new Exception("Cannot derive signature algorithm");
}
Signature signature = Signature.getInstance(signAlg);
signature.initSign(priKey);
X500Name x500Name = new X500Name(((X509Certificate) cert)
.getSubjectDN().toString());
X500Signer x500Signer = new X500Signer(signature, x500Name);
((PKCS10) csr).encodeAndSign(x500Signer);
File f = new File("D:/test.csr");
if (f.exists()) {
f.delete();
}
((PKCS10) csr).print(new PrintStream(new File("D:/test.csr")));
}
/**
* 簽名
*
* @throws Exception
*/
@Test
public void testSignature() throws Exception {
KeyStore rootStore = this.loadKeyStore("d:/root.keystore", "123456",
"JKS");
PrivateKey rootKey = (PrivateKey) rootStore.getKey("root",
"123456".toCharArray());
X509CertImpl rootX509Cert = (X509CertImpl) rootStore
.getCertificate("root");
X500Name issuerX500Name = (X500Name) rootX509Cert.get(X509CertImpl.NAME
+ "." + X509CertImpl.INFO + "." + X509CertInfo.SUBJECT + "."
+ CertificateSubjectName.DN_NAME);
// 有效期設定
Calendar calendar = Calendar.getInstance();
Date startDate = calendar.getTime();
calendar.add(Calendar.DATE, 85);
Date endDate = calendar.getTime();
CertificateValidity certificateValidity = new CertificateValidity(
startDate, endDate);
// 序列號
CertificateSerialNumber sn = new CertificateSerialNumber(
(int) (startDate.getTime() / 1000L));
PKCS10 csr = this.readCsr();
PublicKey pubKey = csr.getSubjectPublicKeyInfo();
X500Name subjectX500Name = csr.getSubjectName();
// TODO 未實現
Signature signature = Signature.getInstance("Sha1WithRSA");
X500Signer signer = new X500Signer(signature, subjectX500Name);
AlgorithmId algorithmId = signer.getAlgorithmId();
X509CertInfo info = new X509CertInfo();
info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(
algorithmId));
info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(
subjectX500Name));
info.set(X509CertInfo.ISSUER, new CertificateIssuerName(issuerX500Name));
info.set(X509CertInfo.KEY, new CertificateX509Key(pubKey));
info.set(X509CertInfo.VERSION, new CertificateVersion(
CertificateVersion.V3));
info.set(X509CertInfo.VALIDITY, certificateValidity);
info.set(X509CertInfo.SERIAL_NUMBER, sn);
X509CertImpl newCert = new X509CertImpl(info);
newCert.sign(rootKey, "SHA1WithRSA");
OutputStream out = new FileOutputStream("d:/test.cer");
out.write(newCert.getEncoded());
out.write(rootX509Cert.getEncoded());
out.close();
}
}

java實現安全證書相關操作

package test; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException

java實現樹的一般操作

表示 rom class ado span .get poll() tno 2層樹是數據結構中最基本的結構，今天的博客更新一下樹的基本操作：樹的節點結構： package tree; /** * TreeNode: 普通的樹節點 *

Java實現oracle資料批量操作

java事務處理 TestDemo：結合位於java.sql下面的介面 PreparedStatement和oracle事務實現批量刪除常用方法： int [] executeBatch()：將一批命令提交給資料庫來執行，如果全部命令執行成功，則返回更新計陣列成的陣列。 vo

java實現棧的簡單操作

public class stract { public static void main(String[] args) { MyStack stack = new MyStack(20); stack.push(10);

Java 實現 HDFS 檔案基本操作

1. pom <hadoop.version>2.7.3</hadoop.version> <dependency> <groupId>org.apache.hadoop</grou

Java實現對cookie的操作(增刪改查)

/** * 讀取所有cookie * 注意二、從客戶端讀取Cookie時，包括maxAge在內的其他屬性都是不可讀的，也不會被提交。瀏覽器提交Cookie時只會提交name與value屬性。maxAge屬性只被瀏覽器用來判斷Cookie是

JAVA：安全證書-公鑰加密，私鑰解密示例程式

import java.io.FileInputStream; import java.security.KeyStore;import java.security.PrivateKey;import java.security.PublicKey;import java.security.cert.Cer

SpringBoot:java實現Repository統一介面操作MongoDB

一. Spring如何操作MongoDB? 1.Spring data jpa for MongoDB 2.使用Google的Morphia框架操作MongoDB 3.使用MongoDB原生的驅動,類似JDBC的原生驅動這裡針對第一種方式. 二.如何

java實現模擬滑鼠鍵盤操作

用java寫指令碼，首先需要用到Robot類，也就是機器人類。先new一個Robot物件然後呼叫裡面的方法，keyPress方法是按下鍵盤上的某個鍵，比如下面程式碼裡面寫的keyPress(KeyEvevt.VK_Y); 括號裡面VK後面的字母就是要按下的鍵，然後按下了

JAVA實現圖的基本操作——生成鄰接表結構的圖、輸出鄰接矩陣、深度優先遍歷

1、定義的圖的資料結構，對於有向圖和無向圖是通用的。 2、在資料結構中定義了遍歷標誌，方便深度優先遍歷的實現。 3、遇到最大的bug就是： //weight=edgs[i].charAt(2); //這裡特別容易出處，每次獲取int數值的時候都要特別注意。 //wei

java虛擬機器棧相關操作

針對JVM虛擬棧和棧幀的操作虛擬機器棧：　　棧元素是棧幀。方法呼叫，棧幀入棧，反之出棧。棧幀：一個方法的執行空間。　　1、區域性變量表：方法定義的區域性變數、方法的引數存在該表。　　　　例項方法中有個隱含引數“this”，所以例項方法可以訪問該類的例項變數和其他例項

Java實現單鏈表及相關操作

單鏈表是一種鏈式存取的資料結構，用一組地址任意的儲存單元存放線性表中的資料元素。連結串列中的資料是以結點來表示的。每個結點的構成：元素(資料元素的映象) + 指標(指示後繼元素儲存位置)，元素就是儲存資料的儲存單元，指標就是連線每個結點的地址資料。

JFrame實現批量獲取Android安裝包安全證書MD5

null direct true edr 結果安全全部 src cert 今天遇到一個需求。獲取全部apk的簽名的MD5。以下是我使用Java SE實現的一個工具。貼出核心源碼。希望給有須要的朋友有所幫助。界面例如以下：僅僅須要制定.apk文件所在的文件夾就可以，核心

如何把安全證書導入到java中的cacerts證書庫

環境變量 jdk1 hang wcc alias 空格命令行 1.8 安全證書每一步：進入某個https://www.xxx.com開頭的網站,把要導入的證書下載，　　　　在該網頁上右鍵 >> 屬性 >> 點擊"證書" >>　　　　再

【java反射】Class類型的相關操作演練

div gif display 演練 esp arguments 接口 hid col 【一】獲取範型接口的實現類的範型類型（1）範型接口 package org.springframework.context; import java.util.EventList

Java實現雙向循環鏈表的基本操作

scrip ide head ring 鏈表的基本操作 print static count out 1 package Eric.ADT; 2 3 /** 4 * <p> 5 * Title:doubleLinkedList 6

利用JAVA API遠程進行HDFS的相關操作

測試 call 文件重命名 spa getname created ces 一段時間 action 學習HDFS有一段時間了，現在把自己總結的HDFS的相關操作代碼展示給大家。主要有HDFS的增刪改查，文件的追加，windows本地文件的上傳，hdfs文件的下載，文件重命

求較大整數n的階乘，因為n較大時n的階乘超出了正常類型的表示範圍，采用數組進行操作（java實現）

階乘大數字package net.yk.mlgorithm; /** * 求較大數的階乘 * @author Administrator * * @param <T> */ public class ArraysMul<T> { public static void

Java實現兩分彩源碼搭建操作

繼承否則接口普通避免偶數 index 必須 this 一：兩分彩源碼搭建介紹：企娥:217 1793 408 為了避免插入和刪除的線性開銷，就需要保證表可以不連續存儲，否則表的每部分可能都需要整體移動。Java語言中包含一些普通數據結構的實現，這部分叫做Coll

新手小白Linux（Centos6.5）部署java web項目（mysql5.7安裝及相關操作）

UNC cancel linux系統安裝 temporary tran sch statement current datadir 一、安裝　　參考：https://dev.mysql.com/doc/refman/5.7/en/linux-installation-yu

java實現安全證書相關操作

相關推薦