您保存的pem文件包含有关私钥和公钥的信息,因此您可以自己获取这些信息。
这里记录了有关私钥验证的信息,基本上是以下单行命令:
openssl rsa -in PATH_TO_PEM_FILE -pubout -outform DER | openssl sha256 -binary | openssl base64
为了在Java中获得这些信息,您可以使用bouncycastle库,它执行与上面相同的操作链。
public static String getFingerprint(final String pemContent) throws IOException {
// openssl rsa -in PATH_TO_PEM_FILE -pubout -outform DER
final PEMParser parser = new PEMParser(new StringReader(pemContent));
final Object object = (PEMKeyPair) parser.readObject();
final PEMKeyPair pemKeyPair = (PEMKeyPair) object;
final SubjectPublicKeyInfo publicKeyInfo = pemKeyPair.getPublicKeyInfo();
final ASN1Primitive asn1Primitive = publicKeyInfo.toASN1Primitive();
final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
asn1Primitive.encodeTo(outputStream, "DER");
final byte[] derBytes = outputStream.toByteArray();
// openssl sha256 -binary
MessageDigest instance = MessageDigest.getInstance("SHA-256");
instance.update(derBytes);
byte[] sha256bytes = instance.digest();
// openssl base64
return Base64.getEncoder().encodeToString(sha256bytes);
}