windows 环境下,使用keytool 生产keystore文件
keytool -genkeypair -keyalg rsa -keysize 1024 -sigalg sha1withrsa -validity 36000 -alias www.kunlunsoft.com -storepass abcdefg -keystore zlex.keystore -dname "cn=localhost, ou=zlex,o=zlex, l=bj, st=bj, c=cn"
-sigalg:指定签名算法;
-storepass:指定key的密码
注意:keystore 密码和主密码必须相同
操作结果如下:
![](https://img.laitimes.com/img/_0nNw4CM6IyYiwiM6ICdiwiInBnauMjM3MTNxgTOmZTZz0CMkBTOtITM0MTLyImZy0SZ0UGM2QzM18CXwUDN28CXwkDMw8CX05WZth2YhRHdh9CXkF2bsBXdvwVbvNmLllXZ0lmLywGZvw1LcpDc0RHaiojIsJye.jpg)
上述命令会生产一个文件zlex.keystore
keystore文件中既包含公钥,也包含私钥。
用于保存私钥和公钥的bean:
package com.common.bean;
import java.io.serializable;
import java.security.privatekey;
import java.security.publickey;
/***
*
* @author huangwei
* @since 2013-10-28
*/
public class privpubkeybean implements serializable {
private static final long serialversionuid = 1888415926054715509l;
/***
* 私钥
*/
private privatekey privkey;
* 公钥
private publickey publkey;
* 签名算法
private string sigalgname;
public privatekey getprivkey() {
return privkey;
}
public void setprivkey(privatekey privkey) {
this.privkey = privkey;
public publickey getpublkey() {
return publkey;
public void setpublkey(publickey publkey) {
this.publkey = publkey;
public string getsigalgname() {
return sigalgname;
public void setsigalgname(string sigalgname) {
this.sigalgname = sigalgname;
}
读取keystore文件获取私钥和公钥:
*
* @param keystorepath
* @param password
* @param alias
* @return
* @throws exception
public static privpubkeybean getprivpubkeybean(string keystorepath,string password,string alias) throws exception{
privpubkeybean privpubkeybean=new privpubkeybean();
// 获得密钥库
keystore ks =systemutil. getkeystore(keystorepath, password);
// 获得私钥
privatekey privatekey = (privatekey) ks.getkey(alias, password.tochararray());
privpubkeybean.setprivkey(privatekey);
// 获得证书
x509certificate x509certificate = (x509certificate) ks.getcertificate(alias);
publickey pubkey=x509certificate.getpublickey();
privpubkeybean.setpublkey(pubkey);
privpubkeybean.setsigalgname(x509certificate.getsigalgname());
return privpubkeybean;
测试:
@test
public void test_03() {
try {
string message = "whuang";
string keystorepath = "d:\\temp\\a\\a\\ca\\zlex.keystore";
string password = "abcdefg";
string alias = "www.kunlunsoft.com";
privpubkeybean privpubkeybean = systemutil.getprivpubkeybean(
keystorepath, password, alias);
byte[] result = systemutil.encrypt(message,
privpubkeybean.getpublkey());
byte[] deresult = systemutil.decrypt(result,
privpubkeybean.getprivkey());
system.out.println(new string(deresult));
} catch (exception e) {
e.printstacktrace();
}
运行结果:whuang
systemutil 见附件,路径:src\main\java\com\common\util\systemutil.java