Here you can find the source of getPemKeyStore(File file)
private static KeyStore getPemKeyStore(File file) throws KeyStoreException, IOException, InvalidKeySpecException, NoSuchAlgorithmException, CertificateException
//package com.java2s; //License from project: Apache License import java.io.ByteArrayInputStream; import java.io.File; import java.io.IOException; import java.nio.file.Files; import java.security.KeyFactory; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import javax.xml.bind.DatatypeConverter; public class Main { public static final String PEM_PWD = "changeit"; private static KeyStore getPemKeyStore(File file) throws KeyStoreException, IOException, InvalidKeySpecException, NoSuchAlgorithmException, CertificateException { KeyStore store = KeyStore.getInstance(KeyStore.getDefaultType()); store.load(null);/*ww w. j av a2 s. c o m*/ if (file != null) { byte[] certAndKey = Files.readAllBytes(file.toPath()); byte[] certBytes = parseDERFromPEM(certAndKey, "-----BEGIN .*CERTIFICATE-----", "-----END .*CERTIFICATE-----"); byte[] pvtKeyBytes = parseDERFromPEM(certAndKey, "-----BEGIN .*PRIVATE KEY-----", "-----END .*PRIVATE KEY-----"); byte[] pubKeyBytes = parseDERFromPEM(certAndKey, "-----BEGIN .*PUBLIC KEY-----", "-----END .*PUBLIC KEY-----"); X509Certificate cert = null; if (certBytes != null) { cert = generateCertFromDER(certBytes); String alias = cert.getSubjectX500Principal().getName(); store.setCertificateEntry(alias, cert); } Certificate[] chain = cert == null ? new Certificate[] {} : new Certificate[] { cert }; if (pvtKeyBytes != null) { RSAPrivateKey key = generatePvtKeyFromDER(pvtKeyBytes); store.setKeyEntry("key-alias", key, PEM_PWD.toCharArray(), chain); } if (pubKeyBytes != null) { RSAPublicKey key = generatePubKeyFromDER(pubKeyBytes); store.setKeyEntry("pubkey-alias", key, PEM_PWD.toCharArray(), null); } } return store; } protected static byte[] parseDERFromPEM(byte[] pem, String beginDelimiter, String endDelimiter) { String data = new String(pem); String[] tokens = data.split(beginDelimiter); if (tokens.length < 2) { // no results found! return null; } tokens = tokens[1].split(endDelimiter); if (tokens.length < 2) { // no results found! return null; } return DatatypeConverter.parseBase64Binary(tokens[0]); } protected static X509Certificate generateCertFromDER(byte[] certBytes) throws CertificateException { CertificateFactory factory = CertificateFactory.getInstance("X.509"); return (X509Certificate) factory.generateCertificate(new ByteArrayInputStream(certBytes)); } protected static RSAPrivateKey generatePvtKeyFromDER(byte[] keyBytes) throws InvalidKeySpecException, NoSuchAlgorithmException { PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes); KeyFactory factory = KeyFactory.getInstance("RSA"); return (RSAPrivateKey) factory.generatePrivate(spec); } protected static RSAPublicKey generatePubKeyFromDER(byte[] keyBytes) throws InvalidKeySpecException, NoSuchAlgorithmException { X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes); KeyFactory factory = KeyFactory.getInstance("RSA"); return (RSAPublicKey) factory.generatePublic(spec); } }