3 回答
TA贡献1772条经验 获得超6个赞
您不需要 Bouncycastle 来读取 PKCS12,基本的 Java 加密就可以做到这一点。Bouncycastle 确实提供了完整且(大部分)方便的 PEM 函数,基本的 Java 没有这些函数,但是您在这里需要的特定函数并不难合成:
static void SO57695413PKCS12ToPEM (String[] args) throws Exception {
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream(args[0]), args[1].toCharArray());
// should close but I'm being lazy here
PrivateKey pkey = (PrivateKey) ks.getKey(args[2], args[1].toCharArray());
Certificate cert = ks.getCertificate(args[2]);
// or loop over/look at aliases if desired
System.out.print("-----BEGIN PRIVATE KEY-----\r\n"
+ Base64.getMimeEncoder().encodeToString(pkey.getEncoded())
+ "\r\n-----END PRIVATE KEY-----\r\n");
System.out.print("-----BEGIN CERTIFICATE-----\r\n"
+ Base64.getMimeEncoder().encodeToString(cert.getEncoded())
+ "\r\n-----END CERTIFICATE-----\r\n");
// or put in a String etc as desired
}
TA贡献1804条经验 获得超3个赞
我发现将 p12 的字节数组转换为 pem 并获取 PlatformPrincipal 和 PlatformCredential 进行注册的解决方法:
def registerApnsApp(p12cert: Array[Byte], password: String, appName: String): Future[String] = {
val p12 = fromP12(new ByteArrayInputStream(p12cert), password).get
val attributes = Map("PlatformPrincipal" -> fromPem(p12.certificate), "PlatformCredential" -> fromPem(p12.privateKey))
val attributesMap = mapAsJavaMap(attributes)
val request = new CreatePlatformApplicationRequest()
.withPlatform("APNS")
.withName(appName)
.withAttributes(attributesMap)
Future(amazonSnsClient.createPlatformApplicationAsync(request).get().getPlatformApplicationArn)
}
获取在 SNS 中用作 PlatformPrincipal 的证书以及 PlatformPrincipal 的密钥。
def fromP12(stream: InputStream, password: String): Option[Pkcs12] = {
val pkcs12 = KeyStore.getInstance("pkcs12", new BouncyCastleProvider())
pkcs12.load(stream, password.toCharArray)
while(pkcs12.aliases().hasMoreElements) {
val alias = pkcs12.aliases().nextElement()
if (pkcs12.isKeyEntry(alias)) {
val certificate = pkcs12.getCertificate(alias)
val privateKey = pkcs12.getKey(alias, password.toCharArray).asInstanceOf[PrivateKey]
if (privateKey != null && certificate != null) {
Option(new Pkcs12(certificate, privateKey, alias))
}
}
}
None
}
}
def fromPem(obj: Object): String = {
val out = new StringWriter
val pem = new PEMWriter(out)
pem.writeObject(obj)
pem.close()
out.getBuffer.toString
}
需要重构/美化,但希望这能帮助某人正确转换 p12 并注册 APNS 应用程序。
使用了进口:
import java.io.{InputStream, StringWriter}
import java.security.{KeyStore, PrivateKey}
import java.security.cert.Certificate
import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.bouncycastle.openssl.PEMWriter
添加回答
举报