从Java中的.p12文件获取PrivateKey对象 [英] Getting a PrivateKey object from a .p12 file in Java

问题描述

正如标题所暗示的，我有用于Google服务帐户API访问的.p12文件。为了获得凭证连接到api，有一个字段.setServiceAccountPrivateKey（PrivateKey privateKey）。那么，我可以做到这一点的最简单方法是什么？我有一个资源文件夹在我的类路径中，所以如果我在那里添加p12文件，我可以从getClass（）。getResource（）获取资源作为inputStream或URL。我试过URL方法，但它不起作用（我从URL.toURI（））中创建一个File对象时，出现URI不分层错误）。

解决方案

您可以使用 ClassLoader.getResourceAsStream（String）加载.p12文件方法，将其加载到KeyStore中，并从KeyStore中获取密钥。

  KeyStore keystore = KeyStore.getInstance PKCS12）; 
 keystore.load（this.getClass（）。getClassLoader（）。getResourceAsStream（keyFile.p12），p12Password.toCharArray（））; 
 PrivateKey key =（PrivateKey）keystore.getKey（keyAlias，p12Password.toCharArray（））; 
  

ClassLoader.getResourceAsStream（String）加载资源从任何位置，只要它们已经在类路径中，就没有必要指定文件的路径。

keyAlias 是p12文件中与私钥对应的条目的名称。 PKCS12文件可以包含多个条目，因此您需要某种方式来指示要访问的条目。如果您不确定私钥的别名是什么，那么您可以使用 keytool <<$ p
$ b / code>实用程序从命令行列出您的p12文件的内容。

  keytool -list -keystore keyFile.p12 -storepass password -storetype PKCS12 
  

输出



 密钥库类型：PKCS12 
密钥库提供者：SunJSSE 
 
您的密钥库包含1个条目
 
 yourKeyAlias，2013年9月4日，PrivateKeyEntry，
证书指纹（MD5）：48：A8：C4：12：8E：4A：8A：AD：58：81：26：90：E7：3D：C8：04 
  




As the title suggests, I have .p12 file required for google service account api access. In order to get the credential to connect to the api, there's a field .setServiceAccountPrivateKey(PrivateKey privateKey). So, what's the easiest way in which I can do this? I have a resources folder which is in my classpath so if I add the p12 file there, I can get the resource from getClass().getResource() as either an inputStream or a URL. I've tried the URL method but it doesn't work (I get a "URI is not hierarchical" error trying to create a File object from URL.toURI()).

解决方案

You can load your .p12 file using the ClassLoader.getResourceAsStream(String) method, load it to a KeyStore and them get the key from the KeyStore.

KeyStore keystore = KeyStore.getInstance("PKCS12");
keystore.load(this.getClass().getClassLoader().getResourceAsStream("keyFile.p12"), p12Password.toCharArray());
PrivateKey key = (PrivateKey)keystore.getKey(keyAlias, p12Password.toCharArray());

ClassLoader.getResourceAsStream(String) loads resources from any location provided they're already on the classpath, there's no need to specify a path to the file.

keyAlias is the name of the entry in your p12 file that corresponds to the private key. PKCS12 files can contain multiple entries, so you need some way to indicate which entry you want to access. The alias is how this is achieved.

If you're not sure what the alias for your private key is, you can use the keytool utility from the command line to list the contents of your p12 file. This tool is included with all JRE and JDK installations.

keytool -list -keystore keyFile.p12 -storepass password -storetype PKCS12

Output

Keystore type: PKCS12
Keystore provider: SunJSSE

Your keystore contains 1 entry

yourKeyAlias, Sep 4, 2013, PrivateKeyEntry,
Certificate fingerprint (MD5): 48:A8:C4:12:8E:4A:8A:AD:58:81:26:90:E7:3D:C8:04

这篇关于从Java中的.p12文件获取PrivateKey对象的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！