Home > Developer > Java

"Java Security Technology Exploration Road Series: Java Extensible Security Architecture" Ten: JCP (iii): JCP programming model

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Guo Jia
Email: [Email protected]
Blog: http://blog.csdn.net/allenwells
Github:https://github.com/allenwell

The following demonstrates the process of creating a certificate chain and validating a certificate chain under the JCP API.

 PackageCom.allenwells.jce;ImportJava.io.FileInputStream;ImportJava.security.KeyStore;ImportJava.security.PrivateKey;ImportJava.security.PublicKey;ImportJava.security.Signature;ImportJava.security.cert.Certificate;ImportJava.security.cert.CertificateFactory;ImportJava.security.cert.X509Certificate;ImportJavax.crypto.Cipher;/** * Certificate Component * * @author allenwells * @version 1.0 * * Public Abstract  class certificateencryptor{    /** * Type Certificate X509 * /     Public Static FinalString Cert_type =" the";/** * Get private key by KeyStore * * @param keystorepath * KeyStore path * @param Alias * Alias * @param Password * password * @return privatekey private key * @thro WS Exception * /    Private StaticPrivatekeyGetprivatekeybykeystore(string Keystorepath, string alias, string password)throwsException {//Get KeyStoreKeyStore ks = Getkeystore (keystorepath, password);//Get private key        return(Privatekey) Ks.getkey (alias, Password.tochararray ()); }/** * obtained public key by certificate * * @param Certificatepath * Certificate path * @return P Ublickey Public Key * @throws Exception */    Private StaticPublicKeygetpublickeybycertificate(String Certificatepath)throwsException {//Get a certificateCertificate Certificate = getcertificate (Certificatepath);//Get public key        returnCertificate.getpublickey (); }/** * Get certificate * * @param Certificatepath * Certificate path * @return Cert Ificate certificate * @throws Exception * /    Private StaticCertificategetcertificate(String Certificatepath)throwsException {//Instantiate certificate factoryCertificatefactory certificatefactory = certificatefactory. getinstance (Cert_type);//Get certificate file streamFileInputStream in =NewFileInputStream (Certificatepath);//Generate CertificatesCertificate Certificate = Certificatefactory.generatecertificate (in);//Close certificate file streamIn.close ();returnCertificate }/** * Get certificate * * @param keystorepath * KeyStore path * @param Alias * Alias * @param Password * password * @return Certificate certificate * @th Rows Exception * /    Private StaticCertificategetcertificate(string Keystorepath, string alias, string password)throwsException {//Get KeyStoreKeyStore ks = Getkeystore (keystorepath, password);//Get a certificate        returnKs.getcertificate (alias); }/** * Get keystore * * @param keystorepath * KeyStore path * @param Password * Password * @return KeyStore keystore * @throws Exception */    Private StaticKeyStoreGetkeystore(string Keystorepath, string password)throwsException {//Instantiate KeyStoreKeyStore ks = Keystore.getinstance (Keystore.getdefaulttype ());//Get KeyStore file streamFileInputStream is =NewFileInputStream (Keystorepath);//Load KeyStoreKs.load (IS, Password.tochararray ());//close KeyStore file streamIs.close ();returnks }/** * Private key encryption * * @param Data * Pending encryption * @param Keystorepath * KeyStore path * @param alias * alias * @param Password * password * @ Return byte[] Encrypt data * @throws Exception */     Public Static byte[]Encryptbyprivatekey(byte[] Data, String Keystorepath, string alias, string password)throwsException {//Get the private keyPrivatekey Privatekey = Getprivatekeybykeystore (Keystorepath, alias, password);//Encryption of dataCipher Cipher = cipher.getinstance (Privatekey.getalgorithm ()); Cipher.init (Cipher.encrypt_mode, Privatekey);returnCipher.dofinal (data); }/** * Private Key decryption * * @param data * To be decrypted * @param Keystorepath * KeyStore path * @param alias * alias * @param Password * password * @ Return byte[] Decrypt data * @throws Exception * /     Public Static byte[]Decryptbyprivatekey(byte[] Data, String Keystorepath, string alias, string password)throwsException {//Get the private keyPrivatekey Privatekey = Getprivatekeybykeystore (Keystorepath, alias, password);//Encryption of dataCipher Cipher = cipher.getinstance (Privatekey.getalgorithm ()); Cipher.init (Cipher.decrypt_mode, Privatekey);returnCipher.dofinal (data); }/** * Public Key Encryption * * @param data * To be encrypted * @param Certificatepath * Certificate path * @return byte[] Encrypt data * @throws Exception */     Public Static byte[]Encryptbypublickey(byte[] data, String Certificatepath)throwsException {//Get public keyPublicKey PublicKey = getpublickeybycertificate (Certificatepath);//Encryption of dataCipher Cipher = cipher.getinstance (Publickey.getalgorithm ()); Cipher.init (Cipher.encrypt_mode, PublicKey);returnCipher.dofinal (data); }/** * Public Key decryption * * @param data * To be decrypted * @param Certificatepath * Certificate path * @return byte[] Decrypt data * @throws Exception */     Public Static byte[]Decryptbypublickey(byte[] data, String Certificatepath)throwsException {//Get public keyPublicKey PublicKey = getpublickeybycertificate (Certificatepath);//Encryption of dataCipher Cipher = cipher.getinstance (Publickey.getalgorithm ()); Cipher.init (Cipher.decrypt_mode, PublicKey);returnCipher.dofinal (data); }/** * Signature * * @param keystorepath * KeyStore path * @param alias * Alias * @param Password * password * @return byte[] Signature * @throws Excepti On * /     Public Static byte[] Sign(byte[] Sign, String Keystorepath, string alias, string password)throwsException {//Get a certificateX509Certificate x509certificate = (x509certificate) getcertificate (Keystorepath, alias, password);//Build signature, specify Signature algorithm by certificateSignature Signature = signature.getinstance (x509certificate. Getsigalgname ());//Get private keyPrivatekey Privatekey = Getprivatekeybykeystore (Keystorepath, alias, password);//Initialize signature, built by private keySignature.initsign (Privatekey); Signature.update (sign);returnSignature.sign (); }/** * Verify signature * * @param Data * * @param Sign * * @param Certificatepath * Certificate path * @return Boolean validation passed as True * @throws EXC Eption * *     Public Static Boolean Verify(byte[] Data,byte[] sign, String Certificatepath)throwsException {//Get a certificateX509Certificate x509certificate = (x509certificate) getcertificate (Certificatepath);//Build signature by CertificateSignature Signature = signature.getinstance (x509certificate. Getsigalgname ());//signed by certificate, actually using the public key in the certificateSignature.initverify (X509Certificate); Signature.update (data);returnSignature.verify (sign); }}

"Java Security Technology Exploration Road Series: Java Extensible Security Architecture" Ten: JCP (iii): JCP programming model

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More