Java Tutorial/Security/Keystore

Материал из Java эксперт
Перейти к: навигация, поиск

Adding a Certificate to a Key Store

   <source lang="java">

import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.security.Key; import java.security.KeyStore; import java.security.cert.Certificate; public class Main { 

 public static void main(String[] argv) throws Exception {
   FileInputStream is = new FileInputStream("your.keystore");
   KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
   keystore.load(is, "my-keystore-password".toCharArray());
   String alias = "myalias";
   char[] password = "password".toCharArray();
   Certificate cert = keystore.getCertificate(alias);
   File keystoreFile = new File("your.keystore");
   // Load the keystore contents
   FileInputStream in = new FileInputStream(keystoreFile);
   keystore.load(in, password);
   in.close();
   // Add the certificate
   keystore.setCertificateEntry(alias, cert);
   // Save the new keystore contents
   FileOutputStream out = new FileOutputStream(keystoreFile);
   keystore.store(out, password);
   out.close();
 }

}</source>





Create a keystore with a self-signed certificate, using the keytool command

   <source lang="java">

keytool -keystore mySrvKeystore -keypasswd 123456 -genkey -keyalg RSA -alias mycert</source>





Listing the Aliases in a Key Store: A key store is a collection of keys and certificates.

   <source lang="java">

import java.io.FileInputStream; import java.security.KeyStore; import java.util.Enumeration; public class Main { 

 public static void main(String[] argv) throws Exception {
   FileInputStream is = new FileInputStream("yourfile"+".keystore");
   KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
   String password = "my-keystore-password";
   keystore.load(is, password.toCharArray());
   Enumeration e = keystore.aliases();
   for (; e.hasMoreElements();) {
     String alias = (String) e.nextElement();
     boolean b = keystore.isKeyEntry(alias);
     b = keystore.isCertificateEntry(alias);
   }
   is.close();
 }

}</source>





Listing the Aliases in a Key Store using keytool:

   <source lang="java">

keytool -list -storepass my-keystore-password</source>





Retrieving a Certificate from a Key Store

   <source lang="java">

import java.io.FileInputStream; import java.security.KeyStore; public class Main { 

 public static void main(String[] argv) throws Exception {
   FileInputStream is = new FileInputStream("your.keystore");
   KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
   keystore.load(is, "my-keystore-password".toCharArray());
   // Get certificate
   java.security.cert.Certificate cert = keystore.getCertificate("myalias");
 }

}</source>





Retrieving a Key Pair from a Key Store

   <source lang="java">

import java.io.FileInputStream; import java.security.Key; import java.security.KeyPair; import java.security.KeyStore; import java.security.PrivateKey; import java.security.PublicKey; import java.security.cert.Certificate; public class Main { 

 public static void main(String[] argv) throws Exception {
   FileInputStream is = new FileInputStream("your.keystore");
   KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
   keystore.load(is, "my-keystore-password".toCharArray());
   String alias = "myalias";
   Key key = keystore.getKey(alias, "password".toCharArray());
   if (key instanceof PrivateKey) {
     // Get certificate of public key
     Certificate cert = keystore.getCertificate(alias);
     // Get public key
     PublicKey publicKey = cert.getPublicKey();
     // Return a key pair
     new KeyPair(publicKey, (PrivateKey) key);
   }
 }

}</source>





Specify the keystore of certificates using the javax.net.ssl.keyStore system property:

   <source lang="java">

java -Djavax.net.ssl.keyStore=mySrvKeystore -Djavax.net.ssl.keyStorePassword=123456 MyServer</source>


Источник — «http://www.jexp.ru/index.php?title=Java_Tutorial/Security/Keystore&oldid=4280»