字符串转私钥 Ed25519
String to PrivateKey Ed25519
我有一个字符串形式的私钥,我想将其转换为 PrivateKey
String privateKey = "Y2E3YjYwYzRjMDRjMjk1ZDQ5ZTQzM2RlMTdjZjVkNGE0NGFjYzJmM2IzOWExNWZhMjViNGE4ZWJiZDBiMDVkYTIwNGU4MWE3ZWZmMTQ0NGE2ZmM2NjExNzRmNTY4M2I0YmYyMTk5YTkyY2UzOWRkZjdmMzhkNTFjYTNmM2Q3ZDU";
byte[] pkcs8EncodedBytes = Base64.getDecoder().decode(privateKey);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(pkcs8EncodedBytes);
PrivateKey pkey = KeyFactory.getInstance("Ed25519") //NoSuchAlgorithmException
.generatePrivate(keySpec);
但是我得到这个错误:
java.security.NoSuchAlgorithmException: Ed25519 KeyFactory not available
在 KeyFactory.getInstance("Ed25519")
我正在使用 Java-10
发布的密钥经过双重编码,首先是十六进制,然后是 Base64。请注意,双重编码不是必需的。如果密钥是 Base64 和十六进制解码,结果是一个 64 字节的密钥。
从这个 64 字节的密钥开始,前 32 个字节是密钥,接下来的 32 个字节是 public 密钥。有关此格式的更多详细信息,请参见 here.
可以使用 Ed25519PrivateKeyParameters
、Ed25519PublicKeyParameters
和 Ed25519Signer
使用 BouncyCastle 进行导入、签名和验证 类:
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import org.bouncycastle.crypto.Signer;
import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
import org.bouncycastle.crypto.signers.Ed25519Signer;
import org.bouncycastle.util.encoders.Hex;
// Base64, hex decode
String keyHexBase64 ="Y2E3YjYwYzRjMDRjMjk1ZDQ5ZTQzM2RlMTdjZjVkNGE0NGFjYzJmM2IzOWExNWZhMjViNGE4ZWJiZDBiMDVkYTIwNGU4MWE3ZWZmMTQ0NGE2ZmM2NjExNzRmNTY4M2I0YmYyMTk5YTkyY2UzOWRkZjdmMzhkNTFjYTNmM2Q3ZDU";
byte[] key = Hex.decode(new String(Base64.getDecoder().decode(keyHexBase64), StandardCharsets.UTF_8));
// Separate secret and public key
ByteBuffer keyBuffer = ByteBuffer.wrap(key);
byte[] secretKey = new byte[32];
keyBuffer.get(secretKey);
byte[] publicKey = new byte[keyBuffer.remaining()];
keyBuffer.get(publicKey);
// Signing
byte[] message = "The quick brown fox jumps over the lazy dog".getBytes(StandardCharsets.UTF_8);
Ed25519PrivateKeyParameters secretKeyParameters = new Ed25519PrivateKeyParameters(secretKey, 0);
Signer signer = new Ed25519Signer();
signer.init(true, secretKeyParameters);
signer.update(message, 0, message.length);
byte[] signature = signer.generateSignature();
System.out.println("Signature (hex): " + Hex.toHexString(signature));
// Verification
Ed25519PublicKeyParameters publicKeyParameters = new Ed25519PublicKeyParameters(publicKey, 0);
Signer verifier = new Ed25519Signer();
verifier.init(false, publicKeyParameters);
verifier.update(message, 0, message.length);
boolean verified = verifier.verifySignature(signature); // Signature (hex): 2aa31bb14799a00ac1129bdd6773a8481f0fd7e829d59f6fccc81021bf21e397dc5d17362d342615a5500598542586cad8891f984bdb90ec0c80b48eb638df07
System.out.println("Verification: " + verified); // Verification: true
关于BouncyCastle,需要bcprov-jdk15on,可以从Maven repository or from the BouncyCastle website.
加载
我有一个字符串形式的私钥,我想将其转换为 PrivateKey
String privateKey = "Y2E3YjYwYzRjMDRjMjk1ZDQ5ZTQzM2RlMTdjZjVkNGE0NGFjYzJmM2IzOWExNWZhMjViNGE4ZWJiZDBiMDVkYTIwNGU4MWE3ZWZmMTQ0NGE2ZmM2NjExNzRmNTY4M2I0YmYyMTk5YTkyY2UzOWRkZjdmMzhkNTFjYTNmM2Q3ZDU";
byte[] pkcs8EncodedBytes = Base64.getDecoder().decode(privateKey);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(pkcs8EncodedBytes);
PrivateKey pkey = KeyFactory.getInstance("Ed25519") //NoSuchAlgorithmException
.generatePrivate(keySpec);
但是我得到这个错误:
java.security.NoSuchAlgorithmException: Ed25519 KeyFactory not available
在 KeyFactory.getInstance("Ed25519")
我正在使用 Java-10
发布的密钥经过双重编码,首先是十六进制,然后是 Base64。请注意,双重编码不是必需的。如果密钥是 Base64 和十六进制解码,结果是一个 64 字节的密钥。
从这个 64 字节的密钥开始,前 32 个字节是密钥,接下来的 32 个字节是 public 密钥。有关此格式的更多详细信息,请参见 here.
可以使用 Ed25519PrivateKeyParameters
、Ed25519PublicKeyParameters
和 Ed25519Signer
使用 BouncyCastle 进行导入、签名和验证 类:
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import org.bouncycastle.crypto.Signer;
import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
import org.bouncycastle.crypto.signers.Ed25519Signer;
import org.bouncycastle.util.encoders.Hex;
// Base64, hex decode
String keyHexBase64 ="Y2E3YjYwYzRjMDRjMjk1ZDQ5ZTQzM2RlMTdjZjVkNGE0NGFjYzJmM2IzOWExNWZhMjViNGE4ZWJiZDBiMDVkYTIwNGU4MWE3ZWZmMTQ0NGE2ZmM2NjExNzRmNTY4M2I0YmYyMTk5YTkyY2UzOWRkZjdmMzhkNTFjYTNmM2Q3ZDU";
byte[] key = Hex.decode(new String(Base64.getDecoder().decode(keyHexBase64), StandardCharsets.UTF_8));
// Separate secret and public key
ByteBuffer keyBuffer = ByteBuffer.wrap(key);
byte[] secretKey = new byte[32];
keyBuffer.get(secretKey);
byte[] publicKey = new byte[keyBuffer.remaining()];
keyBuffer.get(publicKey);
// Signing
byte[] message = "The quick brown fox jumps over the lazy dog".getBytes(StandardCharsets.UTF_8);
Ed25519PrivateKeyParameters secretKeyParameters = new Ed25519PrivateKeyParameters(secretKey, 0);
Signer signer = new Ed25519Signer();
signer.init(true, secretKeyParameters);
signer.update(message, 0, message.length);
byte[] signature = signer.generateSignature();
System.out.println("Signature (hex): " + Hex.toHexString(signature));
// Verification
Ed25519PublicKeyParameters publicKeyParameters = new Ed25519PublicKeyParameters(publicKey, 0);
Signer verifier = new Ed25519Signer();
verifier.init(false, publicKeyParameters);
verifier.update(message, 0, message.length);
boolean verified = verifier.verifySignature(signature); // Signature (hex): 2aa31bb14799a00ac1129bdd6773a8481f0fd7e829d59f6fccc81021bf21e397dc5d17362d342615a5500598542586cad8891f984bdb90ec0c80b48eb638df07
System.out.println("Verification: " + verified); // Verification: true
关于BouncyCastle,需要bcprov-jdk15on,可以从Maven repository or from the BouncyCastle website.
加载