How to convert pkcs8 to pkcs12 in Java

StackOverflow https://stackoverflow.com/questions/21832338

  •  12-10-2022
  •  | 
  •  

Question

I know this is possible with openssl. But I wonder if there are PKCS converting possibilities(pkcs8 to 12) in Java using any library.

Was it helpful?

Solution

First you read PKCS#8 encoded key as a file and create PrivateKey object

public PrivateKey loadPrivateKey(String keyFile)
    throws Exception {

    File f = new File(keyFile);
    FileInputStream fis = new FileInputStream(f);
    DataInputStream dis = new DataInputStream(fis);
    byte[] keyBytes = new byte[(int) f.length()];
    dis.readFully(keyBytes);
    dis.close();
    PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
    KeyFactory kf = KeyFactory.getInstance("RSA");
    return kf.generatePrivate(spec);
}

Then this key is being saved into PKCS#12 key store

public void createKeyStore(String keyStorePwd, String keyStoreFile,
    PrivateKey privateKey, X509Certificate certificate)
    throws Exception {

    char[] pwd = keyStorePwd.toCharArray();

    KeyStore ks = KeyStore.getInstance("PKCS12");
    ks.load(null, pwd);

    KeyStore.ProtectionParameter protParam =
        new KeyStore.PasswordProtection(pwd);
    Certificate[] certChain =
        new Certificate[]{ certificate };
    KeyStore.PrivateKeyEntry pkEntry =
        new KeyStore.PrivateKeyEntry(privateKey, certChain);
    ks.setEntry("keypair", pkEntry, protParam);

    FileOutputStream fos = new FileOutputStream(keyStoreFile);
    ks.store(fos, pwd);
    fos.close();
}
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top