亲宝软件园·资讯

展开

Java获取X509证书里的指纹(SHA-1)从pxf文件里面

阿迪di 人气:0
直接通过流去获取pxf后缀文件的内容,指纹通过X509才能获取。

String keyStorefile = "pfx文件地址";
String strPassword = "密码";

如果只需要获得pxf的公钥或者私钥
 1     try {
 2             FileInputStream fis = new FileInputStream("pxf文件地址");
 3             //密码处理  strPassword=密码
 4             char[] nPassword = null;
 5             if ((strPassword == null) || strPassword.trim().equals("")){
 6                 nPassword = null;
 7             } else {
 8                 nPassword = strPassword.toCharArray();
 9             }
10             //加载读取PFX文件
11             KeyStore ks = KeyStore.getInstance("PKCS12");
12             ks.load(fis, nPassword);
13             fis.close();
14             Enumeration enumas = ks.aliases();
15             //从文件中获取秘钥
16             String keyPFXFile = null;
17             if (enumas.hasMoreElements()) {
18                 keyPFXFile = (String)enumas.nextElement();
19                 System.out.println("keyPFXFile////:"+keyPFXFile);
20             }
21             PrivateKey prikey = (PrivateKey) ks.getKey(keyPFXFile, nPassword);
22             Certificate cert = ks.getCertificate(keyPFXFile);
23             PublicKey pubkey = cert.getPublicKey();
24             System.out.println("cert class = " + cert.getClass().getName());
25             System.out.println("cert = " + cert);
26             System.out.println("public key = " + pubkey);
27             System.out.println("private key = " + prikey);
28             BASE64Encoder bse = new BASE64Encoder();
29             System.out.println("private encode = " + bse.encode(prikey.getEncoded()));
30             return prikey;
31         } catch (Exception e) {
32             e.printStackTrace();
33         }
34         return null;    

如果要获得指纹

 1 public static void main(String args[]){
 2         String keyStorefile = "pfx地址";
 3         String keyPassword = "密码";
 4         //getPvkformPfx(keyStorefile,keyPassword);
 5         try {
 6             FileInputStream fis = new FileInputStream(keyStorefile);
 7             //密码处理
 8             char[] nPassword = null;
 9             if ((keyPassword == null) || keyPassword.trim().equals("")){
10                 nPassword = null;
11             } else {
12                 nPassword = keyPassword.toCharArray();
13             }
14             //加载读取PFX文件
15             KeyStore ks = KeyStore.getInstance("PKCS12");
16             ks.load(fis, nPassword);
17             fis.close();
18             //从文件中获取秘钥
19             String keyPFXFile = null;
20             Enumeration enumas = ks.aliases();
21             if (enumas.hasMoreElements()) {
22                 keyPFXFile = (String)enumas.nextElement();
23             }
24             X509Certificate x509Certificate = (X509Certificate)ks.getCertificate(keyPFXFile);
25 
26             Principal principal = x509Certificate.getSubjectDN();
27             String str = principal.toString();
28             str = str.substring(str.indexOf("\"")+1);
29             str = str.substring(0,str.indexOf("\""));
30             System.out.println("账号:"+str);
31             String thumbprint = getThumbprint(x509Certificate);
32             System.out.println(thumbprint);
33         }catch (Exception e){
34             e.printStackTrace();
35         }
36     }
37     private static String getThumbprint(X509Certificate cert) {
38         try {
39             MessageDigest md = MessageDigest.getInstance("SHA-1");
40             byte[] der = cert.getEncoded();
41             md.update(der);
42             byte[] digest = md.digest();
43             String digestHex = DatatypeConverter.printHexBinary(digest);
44             return digestHex.toLowerCase();
45         }catch (Exception e){
46             e.printStackTrace();
47         }
48         return null;
49     }

FX本身不是证书,而是密钥库。

要获取证书,您必须将pfx加载到密钥库中,然后获取证书,再强转成X509Certificate去获得指纹。

注意:这个获得也不是直接获得,而是通过指纹的算法算出来指纹的参数,一般证书的信息里面会说明指纹的算法,如果没有说明,就是默认SHA-1。

 

加载全部内容

相关教程
猜你喜欢
用户评论