将私钥导入Java时出错
更新:解决了我的问题 我使用OpenSSL创建了一个私钥,并获得了相应的公共证书。我使用以下命令创建了私钥:将私钥导入Java时出错,java,ssl,openssl,certificate,java-security,Java,Ssl,Openssl,Certificate,Java Security,更新:解决了我的问题 我使用OpenSSL创建了一个私钥,并获得了相应的公共证书。我使用以下命令创建了私钥: openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key 私钥和公共证书都是Base64编码的 PEM编码私钥的格式如下: -----BEGIN ENCRYPTED PRIVATE KEY----- ... -----END ENCRYPTED PRIVATE KEY----- 公共证书的
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
-----BEGIN ENCRYPTED PRIVATE KEY-----
...
-----END ENCRYPTED PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
- 使用Java密钥库(或.jks)
- 使用BouncyCastle
byte[] certBytes = convertFileToBytes(new File("public.cer"));
byte[] keyBytes = convertFileToBytes(new File("private.key"));
private static X509Certificate generatePublicCert(byte[] certBytes) {
CertificateFactory factory = CertificateFactory.getInstance("X.509");
return (X509Certificate)factory.generateCertificate(new ByteArrayInputStream(certBytes));
}
private static PrivateKey generatePrivateKey(byte[] keyBytes) {
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory factory = KeyFactory.getInstance("RSA");
return factory.generatePrivate(spec);
}
private static SSLContext getContext() {
X509Certificate cert = generatePublicCert(certBytes);
PrivateKey key = generatePrivateKey(keyBytes);
KeyStore keyStore = KeyStore.getInstance("JKS"); // Do I still need this?
keyStore.load(null);
keyStore.setCertificateEntry("cert-alias", cert);
keyStore.setKeyEntry("key-alias", key, "MyPassphrase".toCharArray(), new Certificate[] {cert});
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(keyStore, "MyPassphrase".toCharArray());
KeyManager[] km = kmf.getKeyManagers();
context.init(km, null, null);
return context;
}
byte[] certBytes = convertFileToBytes(new File("public.cer"));
byte[] keyBytes = convertFileToBytes(new File("private.key"));
private static X509Certificate generatePublicCert(byte[] certBytes) {
CertificateFactory factory = CertificateFactory.getInstance("X.509");
return (X509Certificate)factory.generateCertificate(new ByteArrayInputStream(certBytes));
}
private static PrivateKey generatePrivateKey(byte[] keyBytes) {
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory factory = KeyFactory.getInstance("RSA");
return factory.generatePrivate(spec);
}
private static SSLContext getContext() {
X509Certificate cert = generatePublicCert(certBytes);
PrivateKey key = generatePrivateKey(keyBytes);
KeyStore keyStore = KeyStore.getInstance("JKS"); // Do I still need this?
keyStore.load(null);
keyStore.setCertificateEntry("cert-alias", cert);
keyStore.setKeyEntry("key-alias", key, "MyPassphrase".toCharArray(), new Certificate[] {cert});
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(keyStore, "MyPassphrase".toCharArray());
KeyManager[] km = kmf.getKeyManagers();
context.init(km, null, null);
return context;
}
byte[] certBytes = convertFileToBytes(new File("public.cer"));
byte[] keyBytes = convertFileToBytes(new File("private.key"));
private static X509Certificate generatePublicCert(byte[] certBytes) {
CertificateFactory factory = CertificateFactory.getInstance("X.509");
return (X509Certificate)factory.generateCertificate(new ByteArrayInputStream(certBytes));
}
private static PrivateKey generatePrivateKey(byte[] keyBytes) {
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory factory = KeyFactory.getInstance("RSA");
return factory.generatePrivate(spec);
}
private static SSLContext getContext() {
X509Certificate cert = generatePublicCert(certBytes);
PrivateKey key = generatePrivateKey(keyBytes);
KeyStore keyStore = KeyStore.getInstance("JKS"); // Do I still need this?
keyStore.load(null);
keyStore.setCertificateEntry("cert-alias", cert);
keyStore.setKeyEntry("key-alias", key, "MyPassphrase".toCharArray(), new Certificate[] {cert});
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(keyStore, "MyPassphrase".toCharArray());
KeyManager[] km = kmf.getKeyManagers();
context.init(km, null, null);
return context;
}
byte[] certBytes = convertFileToBytes(new File("public.cer"));
byte[] keyBytes = convertFileToBytes(new File("private.key"));
private static X509Certificate generatePublicCert(byte[] certBytes) {
CertificateFactory factory = CertificateFactory.getInstance("X.509");
return (X509Certificate)factory.generateCertificate(new ByteArrayInputStream(certBytes));
}
private static PrivateKey generatePrivateKey(byte[] keyBytes) {
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory factory = KeyFactory.getInstance("RSA");
return factory.generatePrivate(spec);
}
private static SSLContext getContext() {
X509Certificate cert = generatePublicCert(certBytes);
PrivateKey key = generatePrivateKey(keyBytes);
KeyStore keyStore = KeyStore.getInstance("JKS"); // Do I still need this?
keyStore.load(null);
keyStore.setCertificateEntry("cert-alias", cert);
keyStore.setKeyEntry("key-alias", key, "MyPassphrase".toCharArray(), new Certificate[] {cert});
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(keyStore, "MyPassphrase".toCharArray());
KeyManager[] km = kmf.getKeyManagers();
context.init(km, null, null);
return context;
}
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format
at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(Unknown Source)
at java.security.KeyFactory.generatePrivate(Unknown Source)
我做错了什么?您确定您的密钥格式正确吗
尝试从密钥和证书文件中删除以
---