Java以编程方式从密钥/证书中读取信息 [英] Java Programmatically read informations from a Key/Certificate
问题描述
我正在尝试构建证书/密钥管理工具,但我不明白如何获取证书/密钥的md5指纹。
I'm tryin to build a certificate/key management tool, but i don't understand how to obtain md5 fingerprint of a certificate/key.
例如,如果我在密钥库上使用keytool命令,我获得
For example if i use keytool command on a keystore i obtain the
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: myname
Creation date: 21-Aug-2011
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=bla bla, L=bla, ST=bla
Issuer: CN=bla bla, L=bla, ST=bla
Serial number: 123w3qa
Valid from: Sun Aug 21 00:12:31 CEST 2011 until: Mon Jul 28 00:12:31 CEST 2110
Certificate fingerprints:
MD5: 1A:DE:60:21:DE:B1:BF:C3:D1:AD:11:F1:21:22:D7:9E
SHA1: 72:3A:D9:2E:1A:DE:60:21:DE:B1:BF:C3:D1:AD:11:F1:21:22:D7:9E
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AA EA FA FE 34 DA 6E C6 FC 8B 6C DE S9 21 S9 S4 ......^...l.I!.D
0010: S3 33 29 SD .S..
]
]
*******************************************
*******************************************
现在我想通过java获得以下信息:
1. MD5指纹
2. KeyIdentifier
Now i want to obtain via java the following informations: 1. MD5 fingerprint 2. KeyIdentifier
我使用X500Certificate对象获取了一些信息X500Principal(例如,所有者,发行人,别名的日期),但我没有找到我可以获得其他信息的地方。有人能帮我吗?
I obtained some informations using X500Certificate object and X500Principal(for example date from and to, owner, issuer, alias name), but i didn't found where i can obtain other informations. Can someone help me?
推荐答案
如果你查看 keytool 的security / tools / KeyTool.java.htmlrel =nofollow>源代码您可以看到以下内容:
If you check the source code for keytool
you can see the following:
2830 getCertFingerPrint("MD5", cert),
调用:
3167 /**
3168 * Gets the requested finger print of the certificate.
3169 */
3170 private String getCertFingerPrint(String mdAlg, Certificate cert)
3171 throws Exception
3172 {
3173 byte[] encCertInfo = cert.getEncoded();
3174 MessageDigest md = MessageDigest.getInstance(mdAlg);
3175 byte[] digest = md.digest(encCertInfo);
3176 return toHexString(digest);
3177 }
这篇关于Java以编程方式从密钥/证书中读取信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!