How to use certificates from a java PKCS#12 keystore for encrypting and decrypting files?(如何使用来自 java PKCS#12 密钥库的证书来加密和解密文件?)
问题描述
谁能解释如何使用存储在 java 'PKCS#12` 密钥库中的证书来加密和解密文件?
Can anyone explain how to encrypt and decrypt files using certificates stored in a java 'PKCS#12` keystore?
推荐答案
正如提到 Eugene Mayevski,您的问题是错误的,无法以原始形式回答.但我会试着为你澄清一下.PKCS#12 - 加密格式用于存储证书和私钥.当您加密或解密数据时,您使用 PKCS#12 容器的密码实现和 content.
As mention Eugene Mayevski, your question is wrong and cannot be answered in its original form. But I'll try to clarify it for you a bit. PKCS#12 - cryptographic format is for storing cerificates and private keys. When you encrypt or decrypt data, you use cipher implementation and content of PKCS#12 container.
Java 内置支持使用 PKCS#12 密钥库,使用此容器与标准 JKS 密钥库没有太大区别.
Java has build-in support for work with PKCS#12 keystores, work with this containers doesn't much differ than standart JKS keystore.
例如,加载 JKS 密钥库的代码
For example, code to load JKS keystore
KeyStore store = KeyStore.getInstance(KeyStore.getDefaultType());
store.load(is, password.toCharArray());
以及加载 PKCS#12 密钥库的代码
and code to load PKCS#12 keystore
KeyStore store = KeyStore.getInstance("PKCS12");
store.load(is, password.toCharArray());
之后,您可以无限制地访问密钥库内容.您可以获取存储在密钥库中的证书和密钥,而无需在 Firefox 中使用导入/导出进行奇怪的操作.
After that you have unlimited accsess to keystore content. You can get certificates and keys, stored in keystore, without that strange actions with import/export in Firefox.
Key key = store.getKey("alias_for_key", password.toCharArray());
接下来,当您拥有密钥和证书时,就是加密.用于加密.你需要 Cipher 类的实例.
Next thing, when you have keys and certificates, is encryption. For encryption. you need instance of Cipher class.
Cipher c = Cipher.getInstance(key.getAlgorithm());
c.init(Cipher.ENCRYPT_MODE, key);
准备加密的密码.如果加密数据比较小,可以使用update()方法,其他方法是创建CipherOutputStream.
Cipher ready to encrypt. If encryption data is relativily small, you can use update() method, other way is to create CipherOutputStream.
要解密,只需使用不同的模式初始化密码,并且取决于加密算法,密钥.对称算法的密钥相同,非对称算法加密使用公钥,解密使用私钥.
To decrypt, simply init cipher with different mode and, depends of encryption algorithm, key. For symmetric algorithm key will the same, for asymmetric algorithm for encryption uses public key, and for decryption private key.
在这篇文章中,您可以了解有关密码学的更多信息.
In this article you can learn more about cryptography.
这篇关于如何使用来自 java PKCS#12 密钥库的证书来加密和解密文件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:如何使用来自 java PKCS#12 密钥库的证书来加密和解密
- 将log4j 1.2配置转换为log4j 2配置 2022-01-01
- value & 是什么意思?0xff 在 Java 中做什么? 2022-01-01
- Eclipse 插件更新错误日志在哪里? 2022-01-01
- Safepoint+stats 日志,输出 JDK12 中没有 vmop 操作 2022-01-01
- 如何使用WebFilter实现授权头检查 2022-01-01
- Spring Boot连接到使用仲裁器运行的MongoDB副本集 2022-01-01
- Jersey REST 客户端:发布多部分数据 2022-01-01
- C++ 和 Java 进程之间的共享内存 2022-01-01
- Java包名称中单词分隔符的约定是什么? 2022-01-01
- 从 finally 块返回时 Java 的奇怪行为 2022-01-01
