Java: Security Certificate-example program for public key encryption and Private Key decryption

Import java. Io. fileinputstream;

Import java. Security. keystore;
Import java. Security. privatekey;
Import java. Security. publickey;
Import java. Security. cert. Certificate;
Import java. Security. cert. certificatefactory;

Import javax. crypto. cipher;

 

// Example of public key encryption and Private Key decryptionProgram
Public Class {
Public static void main (string [] ARGs) throws exception {

// Prerequisites: JDK is installed and environment variables are correctly configured.
// Create the directory mykeystore on drive C to store the certificate library and export the Certificate file, and then execute the following two statements on the command line:
// Meaning: Create the teststore key library, Database Password aaaaaa, and certificate testkey2 in the current directory: Asymmetric Key, RSAAlgorithmThe key password is bbbbbb and is stored in teststore.
// C:/mykeystore> keytool-genkey-alias testkey2-dname "cn = test222"-keyalg RSA-keystore teststore-storepass aaaaaa-keypass bbbbbb
// Meaning: Export testkey2 from the teststore database as the certificate file testkey2.cer. You may need to change the export to exportcert.
// C:/mykeystore> keytool-export-alias testkey2-file testkey2.cer-keystore teststore-storepass aaaaaa
// The certificate store certificate stores the public/private key of the certificate. The exported Certificate file only carries the public key.

 

Byte [] MSG = "Whoever commits an attack, although far from success! ". Getbytes (" utf8 ");   // The message to be decrypted

// Use the public key of the certificate for encryption
Certificatefactory CFF = certificatefactory. getinstance ("X.509 ");
Fileinputstream fis1 = new fileinputstream ("C: // mykeystore // testkey2.cer "); // Certificate file
Certificate cf = CFF. generatecertificate (fis1 );
Publickey PK1 = Cf. getpublickey (); // Obtain the Public Key carried by the certificate file
Cipher C1 = cipher. getinstance ("RSA/ECB/pkcs1padding "); // Define the algorithm: RSA
C1.init (Cipher. encrypt_mode, PK1 );
Byte [] msg1 = c1.dofinal (MSG ); // Encrypted data

// Use the private key of the certificate for decryption-the private key exists in the keystore that generates the certificate
Fileinputstream fis2 = new fileinputstream ("C: // mykeystore // teststore ");
Keystore Ks = keystore. getinstance ("jks "); // Load the certificate library
Char [] kspwd = "aaaaaa". tochararray (); // Certificate library Password
Char [] keypwd = "bbbbbb". tochararray (); // Certificate Password
KS. Load (fis2, kspwd ); // Load the certificate
Privatekey PK2 = (privatekey) ks. getkey ("testkey2", keypwd ); // Obtain the certificate Private Key
Fis2.close ();
Cipher C2 = cipher. getinstance ("RSA/ECB/pkcs1padding ");
C2.init (Cipher. decrypt_mode, PK2 );
Byte [] msg2 = c2.dofinal (msg1 ); // Decrypted data

// Print the decryption string-the attacker must be shown, although the attacker is far from !
System. Out. println (new string (msg2, "utf8 ")); // Convert the decrypted data into a string
}
}

// Appendix: DES algorithm: des/CBC/pkcs5padding