- 분류 전체보기 (7307)
- 공지사항 (18)
- Format&Encrypt (10)
- Java (356)
- C (50)
- C++ (52)
- C샵 (NET) (143)
- Python (150)
- Kotlin (533)
- Swift (216)
- Objective-C (175)
- Android (898)
- IOS (560)
- Flutter (364)
- FrontEnd (109)
- JavaScript (362)
- Jquery (102)
- Http & Api (82)
- VueJs (51)
- AngularJs (10)
- ReactJs (16)
- SE & OS & HW (52)
- DataBase (103)
- OracleDB (202)
- MySqlDB (103)
- MsSqlDB (107)
- Network (113)
- Spring (118)
- NodeJs (222)
- Redis (RDS) (31)
- Go Lang (Go 언어) (107)
- ADB (cmd) (45)
- MacOs (cmd) (21)
- Linux (cmd) (146)
- Window (cmd) (24)
- Office (10)
- 비트버킷 & Git (72)
- Library & F.W (106)
- 참고 사이트 (151)
- IT정보 & IT소식 (174)
- IT기술 & IT용어 (263)
- 투케이2K 에러관리 (285)
- 투케이2K 업무정리 (118)
- 투케이2K 유틸파일 (143)
- 투케이2K 알고리즘 (105)
- 투케이2K 로직정리 (122)
- 투케이2K 학습정리 (74)
- 투케이2K 일상&생활 (33)
Notice
Recent Posts
Recent Comments
Link
투케이2K
468. (Android/Java) X.509 Certificate 인증서 정보를 base64 로 변경 및 base64 를 X509Certificate 인증서로 변경 실시 본문
Android
468. (Android/Java) X.509 Certificate 인증서 정보를 base64 로 변경 및 base64 를 X509Certificate 인증서로 변경 실시
투케이2K 2023. 1. 27. 20:45[개발 환경 설정]
개발 툴 : AndroidStudio
[소스 코드]
// -------------------------------------
// [로직 처리 실시]
// -------------------------------------
try {
// [생성할 인증서 정보 및 유효 일자 정의 실시]
String KEY_ALIAS = "PrivateKeyTwok";
String AndroidKeyStore = "AndroidKeyStore";
Calendar start = Calendar.getInstance();
Calendar end = Calendar.getInstance();
end.add(Calendar.YEAR, 20);
// [AlgorithmParameterSpec 사용해 인증서 정보 정의]
AlgorithmParameterSpec spec = null;
if (Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.M){
spec = new KeyGenParameterSpec.Builder(KEY_ALIAS, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setCertificateSubject(new X500Principal("CN=" + KEY_ALIAS + " CA Certificate"))
.setCertificateSerialNumber(BigInteger.ONE)
.setCertificateNotBefore(start.getTime())
.setCertificateNotAfter(end.getTime())
.setBlockModes(KeyProperties.BLOCK_MODE_ECB)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
.build();
}
else {
spec = new KeyPairGeneratorSpec.Builder(getApplicationContext())
.setAlias(KEY_ALIAS)
.setSubject(new X500Principal("CN=" + KEY_ALIAS + " CA Certificate"))
.setSerialNumber(BigInteger.ONE)
.setStartDate(start.getTime())
.setEndDate(end.getTime())
.build();
}
// [비대칭 암호화 새 개인 키 생성 및 KeyStore 에 저장 실시]
KeyPairGenerator kpg = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, AndroidKeyStore);
kpg.initialize(spec);
KeyPair kp = kpg.generateKeyPair();
// [Keystore 로드]
KeyStore keyStore = KeyStore.getInstance(AndroidKeyStore);
keyStore.load(null);
// [인증서 로드 : X.509]
Certificate originCertificate = keyStore.getCertificate(KEY_ALIAS);
// -------------------------------------
// [인증서 정보를 base64 로 변경 실시]
StringBuffer base64Encode = new StringBuffer();
base64Encode.append("-----BEGIN CERTIFICATE-----\n");
base64Encode.append(Base64.encodeToString(originCertificate.getEncoded(), Base64.DEFAULT).trim());
base64Encode.append("\n-----END CERTIFICATE-----");
// -------------------------------------
// [base64 데이터를 다시 인증서로 변경]
String certData = base64Encode.toString();
certData = certData.replaceAll("-----BEGIN CERTIFICATE-----", "");
certData = certData.replaceAll("-----END CERTIFICATE-----", "");
certData = certData.replaceAll(" ", "");
byte encodedCert[] = Base64.decode(certData, Base64.DEFAULT);
ByteArrayInputStream inputStream = new ByteArrayInputStream(encodedCert);
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
X509Certificate convertCertificate = (X509Certificate)certFactory.generateCertificate(inputStream);
// -------------------------------------
// [로그 출력 실시]
S_Log.ltd("================================================");
S_Log.cnt("["+ACTIVITY_NAME+" >> "+C_Util.getNowMethod(1)+" :: 로그 출력 실시]");
S_Log.cnt("----------------------------------------");
S_Log.cnt("[keyStore isKeyEntry :: "+String.valueOf(keyStore.isKeyEntry(KEY_ALIAS))+"]");
S_Log.cnt("----------------------------------------");
S_Log.cnt("[originCertificate getType :: "+String.valueOf(originCertificate.getType())+"]");
S_Log.cnt("----------------------------------------");
S_Log.cnt("[originCertificate toString :: "+String.valueOf(originCertificate.toString())+"]");
S_Log.cnt("----------------------------------------");
S_Log.cnt("[base64Encode :: "+String.valueOf(base64Encode.toString())+"]");
S_Log.cnt("----------------------------------------");
S_Log.cnt("[certData :: "+String.valueOf(certData)+"]");
S_Log.cnt("----------------------------------------");
S_Log.cnt("[encodedCert :: "+String.valueOf(Arrays.toString(encodedCert))+"]");
S_Log.cnt("----------------------------------------");
S_Log.cnt("[convertCertificate getType :: "+String.valueOf(convertCertificate.getType())+"]");
S_Log.cnt("----------------------------------------");
S_Log.cnt("[convertCertificate toString :: "+String.valueOf(convertCertificate.toString())+"]");
S_Log.lbd("================================================");
}
catch (Exception e){
e.printStackTrace();
}[결과 출력]
D///===========//: ================================================
I/: [A_Intro >> onCreate :: 로그 출력 실시]
I/: ----------------------------------------
I/: [keyStore isKeyEntry :: true]
I/: ----------------------------------------
I/: [originCertificate getType :: X.509]
I/: ----------------------------------------
I/: [originCertificate toString :: Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=PrivateKeyTwok CA Certificate
Validity
Not Before: Jan 26 23:13:45 2023 GMT
Not After : Jan 26 23:13:45 2043 GMT
Subject: CN=PrivateKeyTwok CA Certificate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a2:fa:82:65:d9:db:27:b7:93:36:b6:96:38:07:
....
25:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
]
I/: ----------------------------------------
I/: [base64Encode :: -----BEGIN CERTIFICATE-----
MIIB2zCCAcWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1Qcml2YXRlS2V5VHdv
ayBDQSBDZXJ0aWZpY2F0ZTAeFw0yMzAxMjYyMzEzNDVaFw00MzAxMjYyMzEzNDVaMCgxJjAkBgNV
BAMTHVByaXZhdGVLZXlUd29rIENBIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
BAMCBDAwDQYJKoZIhvcNAQELBQADAQA=
-----END CERTIFICATE-----]
I/: ----------------------------------------
I/: [certData ::
MIIB2zCCAcWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1Qcml2YXRlS2V5VHdv
ayBDQSBDZXJ0aWZpY2F0ZTAeFw0yMzAxMjYyMzEzNDVaFw00MzAxMjYyMzEzNDVaMCgxJjAkBgNV
BAMTHVByaXZhdGVLZXlUd29rIENBIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
BAMCBDAwDQYJKoZIhvcNAQELBQADAQA=
]
I/: ----------------------------------------
I/: [encodedCert :: [48, -126, 1, -37, 48, -126, 1, -59, -96, 3, 2, 1, 2, 2, 1, 1, 48, 13, 6, 9, 42, -122, 72, ....... , 4, 48, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 11, 5, 0, 3, 1, 0]]
I/: ----------------------------------------
I/: [convertCertificate getType :: X.509]
I/: ----------------------------------------
I/: [convertCertificate toString :: Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=PrivateKeyTwok CA Certificate
Validity
Not Before: Jan 26 23:13:45 2023 GMT
Not After : Jan 26 23:13:45 2043 GMT
Subject: CN=PrivateKeyTwok CA Certificate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a2:fa:82:65:d9:db:27:b7:93:36:b6:96:38:07:
....
25:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
]
D///===========//: ================================================
반응형
'Android' 카테고리의 다른 글
'Android' Related Articles
more
Comments