用java代码加密私钥
我用java代码生成了一个私钥,并将其保存为:用java代码加密私钥,java,encryption,private-key,ejbca,Java,Encryption,Private Key,Ejbca,我用java代码生成了一个私钥,并将其保存为: KeyPair keys; try { keys = KeyTools.genKeys("2048", AlgorithmConstants.KEYALGORITHM_RSA); //SAVE PRIVKEY //PrivateKey privKey = keys.getPrivate(); //byte[] privateKeyBytes = privKey.getEncod
KeyPair keys;
try {
keys = KeyTools.genKeys("2048", AlgorithmConstants.KEYALGORITHM_RSA);
//SAVE PRIVKEY
//PrivateKey privKey = keys.getPrivate();
//byte[] privateKeyBytes = privKey.getEncoded();
PKCS10CertificationRequest pkcs10 = new PKCS10CertificationRequest("SHA256WithRSA",
CertTools.stringToBcX509Name("CN=NOUSED"), keys.getPublic(), null, keys.getPrivate());
//Save Privatekey
String privateKeyFilename = "C:/Users/l.calicchio/Downloads/privateKey.key";
String password="prismaPrivateKey";
byte[] start="-----BEGIN PRIVATE KEY-----\n".getBytes();
byte[] end="\n-----END PRIVATE KEY-----".getBytes();
byte[] privateKeyBytes = keys.getPrivate().getEncoded();
byte[] encryptedPrivateKeyBytes = passwordEncrypt(password.toCharArray(), privateKeyBytes);
File f=new File(privateKeyFilename);
if (f.exists()){
f.delete();
}
FileOutputStream fos = new FileOutputStream(f,true);
fos.write(start);
fos.write(Base64.encode(encryptedPrivateKeyBytes));
fos.write(end);
fos.close();
现在我想将密码短语添加到私钥中。
所以我找到了这个代码:
private static byte[] passwordEncrypt(char[] password, byte[] plaintext) throws Exception {
String MYPBEALG = "PBEWithSHA1AndDESede";
int count = 20;// hash iteration count
SecureRandom random = new SecureRandom();
byte[] salt = new byte[8];
random.nextBytes(salt);
// Create PBE parameter set
PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, count);
PBEKeySpec pbeKeySpec = new PBEKeySpec(password);
SecretKeyFactory keyFac = SecretKeyFactory.getInstance(MYPBEALG);
SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
Cipher pbeCipher = Cipher.getInstance(MYPBEALG);
// Initialize PBE Cipher with key and parameters
pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
// Encrypt the encoded Private Key with the PBE key
byte[] ciphertext = pbeCipher.doFinal(plaintext);
// Now construct PKCS #8 EncryptedPrivateKeyInfo object
AlgorithmParameters algparms = AlgorithmParameters.getInstance(MYPBEALG);
algparms.init(pbeParamSpec);
EncryptedPrivateKeyInfo encinfo = new EncryptedPrivateKeyInfo(algparms, ciphertext);
// and here we have it! a DER encoded PKCS#8 encrypted key!
return encinfo.getEncoded();
但是当我使用这个openssl命令时
openssl asn1parse-在privateKey.key中
我没有错误,但当我尝试以下操作时:
openssl rsa-noout-module-in privatekey.it
我有一个错误:
无法加载私钥9964:错误:0D0680A8:asn1编码
例程:ASN1\u检查\u TLEN:错误的标记:.\crypto\as n1\tasn\u dec.c:1319:
9964:错误:0D06C03A:asn1编码
例程:ASN1\U D2I\U EX\U原语:嵌套ASN1 err
或:。\crypto\asn1\tasn_dec.c:831:9964:错误:0D08303A:asn1编码
例程:ASN1\U模板\U NOEXP\U D2I:嵌套ASN1 e
错误:.\crypto\asn1\tasn\u dec.c:751:Field=version,
Type=PKCS8_PRIV_KEY_INFO 9964:错误:0907B00D:PEM
例程:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:。\crypto\PEM\p
em_pkey.c:132:
我认为私钥缺少以下行:
进程类型:4,加密
“DEK信息:”+“AES-256-CBC”。。。。。。
但是我如何添加这些信息(从哪里获得这些信息?)?
tnx请阅读手册,
man rsa
提供以下详细信息:
注意:此命令使用
用于私钥加密的传统SSLeay兼容格式:
较新的应用程序应使用更安全的PKCS#8格式,使用
pkcs8实用程序
我的回答有什么遗漏吗,卢卡?