1.用Java keytool這個密鑰和證書管理工具,創建一個密鑰並存入.keystore文件中,如下圖,默認會存在一個別名爲"mykey"的條目,也可以自己創建。
2.創建KeyStore實例,從.keystore文件中加密密鑰庫,而後通過別名來獲取對應的條目,一定要制定正確的密碼。
public class KeyStoreTest {
public static void main(String[] args) throws Exception{
// 加載密鑰庫文件
FileInputStream in = new FileInputStream("C:\\data\\.keystore");
System.out.println(KeyStore.getDefaultType());
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
// 加載密鑰庫,使用正確的密碼
//否則java.io.IOException: Keystore was tampered with, or password was incorrect
ks.load(in, "vonzhou".toCharArray());
// 獲得別名"mykey"對應的私鑰
PrivateKey key = (PrivateKey)ks.getKey("mykey", "vonzhou".toCharArray());
//或者這樣
ProtectionParameter protection = new KeyStore.PasswordProtection("vonzhou".toCharArray());
KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)ks.getEntry("mykey", protection);
PrivateKey key2 = pkEntry.getPrivateKey();
System.out.println(Arrays.toString(key.getEncoded()));
System.out.println(Arrays.toString(key2.getEncoded()));
in.close();
}
}
參考: