如何在Java中將pkcs8轉換爲pkcs12

Question

我知道openssl可以做到這一點。 但我想知道在Java中使用任何庫是否有PKCS轉換的可能性（pkcs8到12）。

Answer 1

首先你讀PKCS＃8編碼鍵作爲文件，並創建PrivateKey對象

public PrivateKey loadPrivateKey(String keyFile) 
    throws Exception { 

    File f = new File(keyFile); 
    FileInputStream fis = new FileInputStream(f); 
    DataInputStream dis = new DataInputStream(fis); 
    byte[] keyBytes = new byte[(int) f.length()]; 
    dis.readFully(keyBytes); 
    dis.close(); 
    PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes); 
    KeyFactory kf = KeyFactory.getInstance("RSA"); 
    return kf.generatePrivate(spec); 
} 

那麼這個鍵被保存到PKCS＃12密鑰存儲

public void createKeyStore(String keyStorePwd, String keyStoreFile, 
    PrivateKey privateKey, X509Certificate certificate) 
    throws Exception { 

    char[] pwd = keyStorePwd.toCharArray(); 

    KeyStore ks = KeyStore.getInstance("PKCS12"); 
    ks.load(null, pwd); 

    KeyStore.ProtectionParameter protParam = 
     new KeyStore.PasswordProtection(pwd); 
    Certificate[] certChain = 
     new Certificate[]{ certificate }; 
    KeyStore.PrivateKeyEntry pkEntry = 
     new KeyStore.PrivateKeyEntry(privateKey, certChain); 
    ks.setEntry("keypair", pkEntry, protParam); 

    FileOutputStream fos = new FileOutputStream(keyStoreFile); 
    ks.store(fos, pwd); 
    fos.close(); 
}