RSA 私钥仅支持 RSAPrivate (Crt) KeySpec 和 PKCS8EncodedKeySpec
Only RSAPrivate (Crt) KeySpec and PKCS8EncodedKeySpec supported for RSA private keys
我遵循 link 中的步骤:How to read .pem file to get private and public key。我执行了以下三个命令:
1. $openssl genrsa -out mykey.pem 2048
2. $openssl pkcs8 -topk8 -inform PEM -outform PEM -in mykey.pem -out private_key.pem -nocrypt
3. $ openssl rsa -in mykey.pem -pubout -outform DER -out public_key.der
这创建了三个文件,但是当我试图通过 Java 代码读取这些文件时,我开始遇到以下错误:
PUBLIC KEY EXPO : 65537
Only RSAPrivate(Crt)KeySpec and PKCS8EncodedKeySpec supported for RSA private keys
我的参考代码:
public class PublicPrivateKeyDemo {
private static File privateKeyFile = null;
private static File publicKeyFile = null;
public static void main(String[] args) {
String path = "C:/Users/test898/keys";
privateKeyFile = new File(path + "/" + "private.pem");
publicKeyFile = new File(path + "/" + "public.der");
try {
loadkeys();
} catch (IOException | GeneralSecurityException e) {
System.out.println(e.getMessage());
}
}
private static void loadkeys() throws IOException, GeneralSecurityException {
byte[] publicKeyBytes = new byte[(int) publicKeyFile.length()];
FileInputStream publicFis = null;
publicFis = new FileInputStream(publicKeyFile);
if (publicFis.read(publicKeyBytes) > 0) {
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyBytes);
KeyFactory factory = KeyFactory.getInstance("RSA");
RSAPublicKey pubKey = (RSAPublicKey) factory.generatePublic(publicKeySpec);
BigInteger pKeyModulus = pubKey.getModulus();
BigInteger pKeyExponent = pubKey.getPublicExponent();
System.out.println("PUBLIC KEY EXPO : "+pKeyExponent);
}
byte[] privateKeyBytes = new byte[(int) privateKeyFile.length()];
FileInputStream privateFis = null;
privateFis = new FileInputStream(privateKeyFile);
if (privateFis.read(privateKeyBytes) > 0) {
//PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(privateKeyBytes);
X509EncodedKeySpec spec = new X509EncodedKeySpec(privateKeyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
RSAPrivateKey privKey = (RSAPrivateKey) keyFactory.generatePrivate(spec);
BigInteger pKeyModulus = privKey.getModulus();
BigInteger pKeyExponent = privKey.getPrivateExponent();
System.out.println("PRIVATE KEY : "+pKeyExponent);
}
}
}
请帮我看看这是怎么回事?我假设 Private Key 应该给出类似于下面的值":
21150549370950609585296765828149303178265715265804890679831411170495636016527926323370428466362501818569080118374307191403222367256185274427528812911191842330928112748042350818573390540259857225467392220170770506599589136056049534085562156615813126185240565396115577449461468695709719589257257375788267753694280485882595576829517086782992300102288858453543505912425724874212273830247789870669315715724390578125469483751830964757980799543436412647956770560679365767737577100276745456138533646455249170660612983618544127693626739283128573829732806886889896396374650462743743148634276240986662548043510018342217214342529
根据 link :http://codeartisan.blogspot.in/2009/05/public-key-cryptography-in-java.html
您应该尝试以下
生成 2048 位 RSA 私钥
$ openssl genrsa -out private_key.pem 2048
将私钥转换为 PKCS#8 格式(以便 Java 可以读取)
$ openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt
以DER格式输出public关键部分(这样Java可以读取)
$ openssl rsa -in private_key.pem -pubout -outform DER -out public_key.der
您可以阅读如下 java 代码:
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
public class Demo {
public static final String PRIVATE_KEY="/home/user/private.der";
public static final String PUBLIC_KEY="/home/user/public.der";
public static void main(String[] args) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
//get the private key
File file = new File(PRIVATE_KEY);
FileInputStream fis = new FileInputStream(file);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int) file.length()];
dis.readFully(keyBytes);
dis.close();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
RSAPrivateKey privKey = (RSAPrivateKey) kf.generatePrivate(spec);
System.out.println("Exponent :" + privKey.getPrivateExponent());
System.out.println("Modulus" + privKey.getModulus());
//get the public key
File file1 = new File(PUBLIC_KEY);
FileInputStream fis1 = new FileInputStream(file1);
DataInputStream dis1 = new DataInputStream(fis1);
byte[] keyBytes1 = new byte[(int) file1.length()];
dis1.readFully(keyBytes1);
dis1.close();
X509EncodedKeySpec spec1 = new X509EncodedKeySpec(keyBytes1);
KeyFactory kf1 = KeyFactory.getInstance("RSA");
RSAPublicKey pubKey = (RSAPublicKey) kf1.generatePublic(spec1);
System.out.println("Exponent :" + pubKey.getPublicExponent());
System.out.println("Modulus" + pubKey.getModulus());
}
}
程序输出:
PUBLIC KEY EXPO : 65537
PRIVATE KEY : 16540425323481903232154296082061217323015064904150073221896716535825697862890781586244035403066600439504989225032100277459509106847714925918656002207273016950425690931486784061794302602299415224979080443644674838230854689682941689891752703570749249869153966528967635783430367525635094847999700308350727275663213969614628360232440655477057807291869565586695953970804798770095849408924111596670565606097668752646013504502815936286143578191877967720393294592625997337105475883689954727277867955887242546330469781268095607005541678733388864537898085207735975487415418212440417692928205650585590564551063589766600954407329
我遵循 link 中的步骤:How to read .pem file to get private and public key。我执行了以下三个命令:
1. $openssl genrsa -out mykey.pem 2048
2. $openssl pkcs8 -topk8 -inform PEM -outform PEM -in mykey.pem -out private_key.pem -nocrypt
3. $ openssl rsa -in mykey.pem -pubout -outform DER -out public_key.der
这创建了三个文件,但是当我试图通过 Java 代码读取这些文件时,我开始遇到以下错误:
PUBLIC KEY EXPO : 65537
Only RSAPrivate(Crt)KeySpec and PKCS8EncodedKeySpec supported for RSA private keys
我的参考代码:
public class PublicPrivateKeyDemo {
private static File privateKeyFile = null;
private static File publicKeyFile = null;
public static void main(String[] args) {
String path = "C:/Users/test898/keys";
privateKeyFile = new File(path + "/" + "private.pem");
publicKeyFile = new File(path + "/" + "public.der");
try {
loadkeys();
} catch (IOException | GeneralSecurityException e) {
System.out.println(e.getMessage());
}
}
private static void loadkeys() throws IOException, GeneralSecurityException {
byte[] publicKeyBytes = new byte[(int) publicKeyFile.length()];
FileInputStream publicFis = null;
publicFis = new FileInputStream(publicKeyFile);
if (publicFis.read(publicKeyBytes) > 0) {
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyBytes);
KeyFactory factory = KeyFactory.getInstance("RSA");
RSAPublicKey pubKey = (RSAPublicKey) factory.generatePublic(publicKeySpec);
BigInteger pKeyModulus = pubKey.getModulus();
BigInteger pKeyExponent = pubKey.getPublicExponent();
System.out.println("PUBLIC KEY EXPO : "+pKeyExponent);
}
byte[] privateKeyBytes = new byte[(int) privateKeyFile.length()];
FileInputStream privateFis = null;
privateFis = new FileInputStream(privateKeyFile);
if (privateFis.read(privateKeyBytes) > 0) {
//PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(privateKeyBytes);
X509EncodedKeySpec spec = new X509EncodedKeySpec(privateKeyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
RSAPrivateKey privKey = (RSAPrivateKey) keyFactory.generatePrivate(spec);
BigInteger pKeyModulus = privKey.getModulus();
BigInteger pKeyExponent = privKey.getPrivateExponent();
System.out.println("PRIVATE KEY : "+pKeyExponent);
}
}
}
请帮我看看这是怎么回事?我假设 Private Key 应该给出类似于下面的值":
21150549370950609585296765828149303178265715265804890679831411170495636016527926323370428466362501818569080118374307191403222367256185274427528812911191842330928112748042350818573390540259857225467392220170770506599589136056049534085562156615813126185240565396115577449461468695709719589257257375788267753694280485882595576829517086782992300102288858453543505912425724874212273830247789870669315715724390578125469483751830964757980799543436412647956770560679365767737577100276745456138533646455249170660612983618544127693626739283128573829732806886889896396374650462743743148634276240986662548043510018342217214342529
根据 link :http://codeartisan.blogspot.in/2009/05/public-key-cryptography-in-java.html 您应该尝试以下
生成 2048 位 RSA 私钥
$ openssl genrsa -out private_key.pem 2048
将私钥转换为 PKCS#8 格式(以便 Java 可以读取)
$ openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt
以DER格式输出public关键部分(这样Java可以读取)
$ openssl rsa -in private_key.pem -pubout -outform DER -out public_key.der
您可以阅读如下 java 代码:
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
public class Demo {
public static final String PRIVATE_KEY="/home/user/private.der";
public static final String PUBLIC_KEY="/home/user/public.der";
public static void main(String[] args) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
//get the private key
File file = new File(PRIVATE_KEY);
FileInputStream fis = new FileInputStream(file);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int) file.length()];
dis.readFully(keyBytes);
dis.close();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
RSAPrivateKey privKey = (RSAPrivateKey) kf.generatePrivate(spec);
System.out.println("Exponent :" + privKey.getPrivateExponent());
System.out.println("Modulus" + privKey.getModulus());
//get the public key
File file1 = new File(PUBLIC_KEY);
FileInputStream fis1 = new FileInputStream(file1);
DataInputStream dis1 = new DataInputStream(fis1);
byte[] keyBytes1 = new byte[(int) file1.length()];
dis1.readFully(keyBytes1);
dis1.close();
X509EncodedKeySpec spec1 = new X509EncodedKeySpec(keyBytes1);
KeyFactory kf1 = KeyFactory.getInstance("RSA");
RSAPublicKey pubKey = (RSAPublicKey) kf1.generatePublic(spec1);
System.out.println("Exponent :" + pubKey.getPublicExponent());
System.out.println("Modulus" + pubKey.getModulus());
}
}
程序输出:
PUBLIC KEY EXPO : 65537
PRIVATE KEY : 16540425323481903232154296082061217323015064904150073221896716535825697862890781586244035403066600439504989225032100277459509106847714925918656002207273016950425690931486784061794302602299415224979080443644674838230854689682941689891752703570749249869153966528967635783430367525635094847999700308350727275663213969614628360232440655477057807291869565586695953970804798770095849408924111596670565606097668752646013504502815936286143578191877967720393294592625997337105475883689954727277867955887242546330469781268095607005541678733388864537898085207735975487415418212440417692928205650585590564551063589766600954407329