This article takes an Android-signed certificate in JKS format as an example:
Package com.test;
Import Java.io.FileInputStream;
Import Java.security.Key;
Import Java.security.KeyStore;
Import Java.security.PrivateKey;
Import Java.security.PublicKey;
Import Javax.crypto.Cipher; public class Signtest {public static void main (string[] args) {try {//decrypted with the private key of the certificate-the private key exists F in the KeyStore that generated the certificate
Ileinputstream Fis2 = new FileInputStream ("G:\\shanhytest.keystore"); KeyStore KS = keystore.getinstance ("JKS"); Load Certificate Library char[] kspwd = "Shanhytest". ToCharArray (); Certificate store password char[] keypwd = "Shanhytest". ToCharArray (); Certificate Password String alias = "shanhytest";//Alias Ks.load (Fis2, kspwd); Load certificate Privatekey privatekey = (privatekey) ks.getkey (alias, keypwd);
Gets the certificate private key PublicKey PublicKey = Ks.getcertificate (alias). Getpublickey ()//Obtain Certificate public key Fis2.close ();
System.out.println ("Privatekey =" + getkeystring (Privatekey));
System.out.println ("PublicKey =" + getkeystring (PublicKey)); Test Cryptographic decryption String Srccontent = "The weather is nice today."
";
After the string is encrypted with the public key and decrypted with the private key, verify that the restore is normal. Because the asymmetric encryption algorithm is suitable for encrypting and decrypting the data with small data amount, and performance is poor, so in the actual operation process, we usually use the way is: the use of asymmetric encryption algorithm to manage the symmetric algorithm of the key, and then use the symmetric encryption algorithm to encrypt the data, so that we have integrated the advantages of two types of encryption algorithm
, not only realizes the advantage of fast encryption, but also realizes the advantage of safe and convenient management key.
byte[] D1 = Crypt (PublicKey, Srccontent.getbytes (), Cipher.encrypt_mode);
byte[] D2 = Crypt (Privatekey, D1, Cipher.decrypt_mode);
System.out.println (New String (D2));
catch (Exception e) {e.printstacktrace (); }/** * Converts key to String * @param key * @return * @author shanhy/private static string Getkeys
Tring (key key) {byte[] keybytes = key.getencoded ();
string s = new String (Org.apache.commons.codec.binary.Base64.encodeBase64 (keybytes));
return s;
/** * Encrypt/decrypt * * @param key * Private key is packaged into byte[] form * @param data * @param opmode to decrypt * Operation type (Cipher.decrypt_mode for decryption, Cipher.encrypt_mode for encryption) * @return decryption Data/public static byte[] Crypt (key key, b yte[] data, int OPMOde) {try {long starttime = System.currenttimemillis (); Cipher Cipher = cipher.getinstance ("rsa/ecb/pkcs1padding");//jdk default standard//Cipher Cipher = cipher.getinstance ("rsa/ecb/no
Padding ")//Android default standard Cipher.init (Opmode, key);
Byte[] result = cipher.dofinal (data); System.out.println (Cipher.decrypt_mode==opmode?)
Decryption ": Encryption") + "time Consuming:" + (System.currenttimemillis ()-starttime));
return result;
catch (Exception e) {e.printstacktrace ();
return null;
}
}
The above to obtain the Android signature certificate of the public key and private key example is a small series to share all the content, I hope to give you a reference, but also hope that we support the cloud habitat community.