热门标签
热门文章
- 1云端之上的边缘:解读云计算与边缘计算的战略融合_云端 边缘端
- 22024全国危险化学品生产单位安全管理人员在线模拟_《危险化学品生产企业安全生产许可证实施办法》规定,危险化学品生产企业,无论规模
- 3将安全信息应用到以下对象时发生错误 拒绝访问_Windows访问令牌窃取攻防技术研究...
- 4c/c++ fast_dfs上传、下载图片
- 5【小红书矩阵引流神器】一台电脑,小红书无限多开,独立IP独立账号独立指纹设备,做矩阵自热引流,日引100+_小红书黑科技引流推广神器
- 6PMP证书是不是烂大街了?_pmp贬值了嘛
- 7Stable Diffusion【写实模型】:逼真,逼真,超级逼真的国产超写实摄影大模型万享XL_跪求absoluterealityv1.8.1大模型
- 82.1 Android界面View及ViewGroup
- 9android icloud 短信备份,教你怎么从Android访问iCloud
- 10从零开始入门 K8s | 调度器的调度流程和算法介绍_schedulerpolicy
当前位置: article > 正文
https证书认证-java_java generateprivatekeyfromder rsa
作者:很楠不爱3 | 2024-06-17 20:24:17
赞
踩
java generateprivatekeyfromder rsa
1.首先要确认是双向认证还是单向认证,如果是只需要对服务端的单向认证,则只需要用到根证书,应该就是这里的ca.crt。如果是双向认证,三个都需要用到。如果是java代码作为客户端连接
2.单向认证是客户端根据ca根证书验证服务端提供的服务端证书和私钥
- public static String httpGET(String url, String pemPath, String keypath) {
- // 加载证书
- try {
- SSLConnectionSocketFactory sslsf =getSocketFactoryPEM(pemPath, keypath);
- httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
- } catch (Exception e) {
- logger.error(e);
- }
- String result = null;
- HttpGet httpGet = new HttpGet(url);
- // 得指明使用UTF-8编码,否则到API服务器XML的中文不能被成功识别
- // httpGet.addHeader("Content-Type", "text/xml");
- // 根据默认超时限制初始化requestConfig
- requestConfig = RequestConfig.custom().setSocketTimeout(socketTimeout).setConnectTimeout(connectTimeout).build();
- // 设置请求器的配置
- httpGet.setConfig(requestConfig);
- try {
- HttpResponse response = null;
- try {
- response = httpClient.execute(httpGet);
- } catch (IOException e) {
- e.printStackTrace();
- }
- HttpEntity entity = response.getEntity();
- try {
- result = EntityUtils.toString(entity, "UTF-8");
- } catch (IOException e) {
- e.printStackTrace();
- logger.error(e);
- }
- } finally {
- httpGet.abort();
- }
- return result;
- }
- protected static SSLConnectionSocketFactory getSocketFactoryPEM(String pemPath,String keypath) throws Exception {
- byte[] pem = fileToBytes(pemPath);
- byte[] pemKey = fileToBytes(keypath);
-
- byte[] certBytes = parseDERFromPEM(pem, "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----");
- byte[] keyBytes = parseDERFromPEM(pemKey, "-----BEGIN PRIVATE KEY-----", "-----END PRIVATE KEY-----");
-
- X509Certificate cert = generateCertificateFromDER(certBytes);
- RSAPrivateKey key = generatePrivateKeyFromDER(keyBytes);
-
- KeyStore keystore = KeyStore.getInstance("JKS");
- keystore.load(null);
- keystore.setCertificateEntry("cert-alias", cert);
- keystore.setKeyEntry("key-alias", key, "123".toCharArray(), new Certificate[] {cert});
-
- KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
- kmf.init(keystore, "123".toCharArray());
-
- KeyManager[] km = kmf.getKeyManagers();
-
- SSLContext context = SSLContext.getInstance("TLS");
- context.init(km, null, null);
- SSLConnectionSocketFactory sslsf =
- new SSLConnectionSocketFactory(context,null, null,
- SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
- return sslsf;
- }
-
- public static byte[] parseDERFromPEM(byte[] pem, String beginDelimiter, String endDelimiter) {
- String data = new String(pem);
- String[] tokens = data.split(beginDelimiter);
- tokens = tokens[1].split(endDelimiter);
- return DatatypeConverter.parseBase64Binary(tokens[0]);
- }
-
- public static RSAPrivateKey generatePrivateKeyFromDER(byte[] keyBytes) throws InvalidKeySpecException, NoSuchAlgorithmException {
- PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
-
- KeyFactory factory = KeyFactory.getInstance("RSA");
-
- return (RSAPrivateKey)factory.generatePrivate(spec);
- }
-
- public static X509Certificate generateCertificateFromDER(byte[] certBytes) throws CertificateException {
- CertificateFactory factory = CertificateFactory.getInstance("X.509");
-
- return (X509Certificate)factory.generateCertificate(new ByteArrayInputStream(certBytes));
- }
- public static byte[] fileToBytes(String filePath) {
- byte[] buffer = null;
- File file = new File(filePath);
-
- FileInputStream fis = null;
- ByteArrayOutputStream bos = null;
-
- try {
- fis = new FileInputStream(file);
- bos = new ByteArrayOutputStream();
-
- byte[] b = new byte[1024];
-
- int n;
-
- while ((n = fis.read(b)) != -1) {
- bos.write(b, 0, n);
- }
-
- buffer = bos.toByteArray();
- } catch (FileNotFoundException ex) {
- ex.printStackTrace();
- } catch (IOException ex) {
- ex.printStackTrace();
- } finally {
- try {
- if (null != bos) {
- bos.close();
- }
- } catch (IOException ex) {
- } finally{
- try {
- if(null!=fis){
- fis.close();
- }
- } catch (IOException ex) {
- ex.printStackTrace();
- }
- }
- }
-
- return buffer;
- }
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/很楠不爱3/article/detail/732685
推荐阅读
相关标签
