Java获取X509证书里的指纹(SHA-1)从pxf文件里面
阿迪di 人气:0直接通过流去获取pxf后缀文件的内容,指纹通过X509才能获取。
String keyStorefile = "pfx文件地址";
String strPassword = "密码";
如果只需要获得pxf的公钥或者私钥
1 try {
2 FileInputStream fis = new FileInputStream("pxf文件地址");
3 //密码处理 strPassword=密码
4 char[] nPassword = null;
5 if ((strPassword == null) || strPassword.trim().equals("")){
6 nPassword = null;
7 } else {
8 nPassword = strPassword.toCharArray();
9 }
10 //加载读取PFX文件
11 KeyStore ks = KeyStore.getInstance("PKCS12");
12 ks.load(fis, nPassword);
13 fis.close();
14 Enumeration enumas = ks.aliases();
15 //从文件中获取秘钥
16 String keyPFXFile = null;
17 if (enumas.hasMoreElements()) {
18 keyPFXFile = (String)enumas.nextElement();
19 System.out.println("keyPFXFile////:"+keyPFXFile);
20 }
21 PrivateKey prikey = (PrivateKey) ks.getKey(keyPFXFile, nPassword);
22 Certificate cert = ks.getCertificate(keyPFXFile);
23 PublicKey pubkey = cert.getPublicKey();
24 System.out.println("cert class = " + cert.getClass().getName());
25 System.out.println("cert = " + cert);
26 System.out.println("public key = " + pubkey);
27 System.out.println("private key = " + prikey);
28 BASE64Encoder bse = new BASE64Encoder();
29 System.out.println("private encode = " + bse.encode(prikey.getEncoded()));
30 return prikey;
31 } catch (Exception e) {
32 e.printStackTrace();
33 }
34 return null;
如果要获得指纹
1 public static void main(String args[]){
2 String keyStorefile = "pfx地址";
3 String keyPassword = "密码";
4 //getPvkformPfx(keyStorefile,keyPassword);
5 try {
6 FileInputStream fis = new FileInputStream(keyStorefile);
7 //密码处理
8 char[] nPassword = null;
9 if ((keyPassword == null) || keyPassword.trim().equals("")){
10 nPassword = null;
11 } else {
12 nPassword = keyPassword.toCharArray();
13 }
14 //加载读取PFX文件
15 KeyStore ks = KeyStore.getInstance("PKCS12");
16 ks.load(fis, nPassword);
17 fis.close();
18 //从文件中获取秘钥
19 String keyPFXFile = null;
20 Enumeration enumas = ks.aliases();
21 if (enumas.hasMoreElements()) {
22 keyPFXFile = (String)enumas.nextElement();
23 }
24 X509Certificate x509Certificate = (X509Certificate)ks.getCertificate(keyPFXFile);
25
26 Principal principal = x509Certificate.getSubjectDN();
27 String str = principal.toString();
28 str = str.substring(str.indexOf("\"")+1);
29 str = str.substring(0,str.indexOf("\""));
30 System.out.println("账号:"+str);
31 String thumbprint = getThumbprint(x509Certificate);
32 System.out.println(thumbprint);
33 }catch (Exception e){
34 e.printStackTrace();
35 }
36 }
37 private static String getThumbprint(X509Certificate cert) {
38 try {
39 MessageDigest md = MessageDigest.getInstance("SHA-1");
40 byte[] der = cert.getEncoded();
41 md.update(der);
42 byte[] digest = md.digest();
43 String digestHex = DatatypeConverter.printHexBinary(digest);
44 return digestHex.toLowerCase();
45 }catch (Exception e){
46 e.printStackTrace();
47 }
48 return null;
49 }
FX本身不是证书,而是密钥库。
要获取证书,您必须将pfx加载到密钥库中,然后获取证书,再强转成X509Certificate去获得指纹。
注意:这个获得也不是直接获得,而是通过指纹的算法算出来指纹的参数,一般证书的信息里面会说明指纹的算法,如果没有说明,就是默认SHA-1。
加载全部内容