在使用Java的BouncyCastle中加载以前存储的密钥失败_Java_Rsa_Bouncycastle

在使用Java的BouncyCastle中加载以前存储的密钥失败

java

在使用Java的BouncyCastle中加载以前存储的密钥失败,java,rsa,bouncycastle,Java,Rsa,Bouncycastle,我正在用Bouncy Castle用Java生成RSA密钥。我正在将此密钥存储到PKCS1文件中，并希望将此文件加载到程序的另一部分，并将其加载回密钥文件对象。我的钥匙存储是 public static void writeKey(PemObject obj, String filename) throws IOException { try (JcaPEMWriter pemWriter = new JcaPEMWriter(new FileWriter(filename)))

我正在用Bouncy Castle用Java生成RSA密钥。我正在将此密钥存储到PKCS1文件中，并希望将此文件加载到程序的另一部分，并将其加载回密钥文件对象。我的钥匙存储是

public static void writeKey(PemObject obj, String filename) throws IOException { 
    try (JcaPEMWriter pemWriter = new JcaPEMWriter(new FileWriter(filename)))
    {
        pemWriter.writeObject(obj);
        pemWriter.close();
    } catch (IOException ex) {
        Logger.getLogger(Conversion.class.getName()).log(Level.SEVERE, null, ex);
    }         
}

我使用

public static PemObject createPrivateObject(KeyPair key) throws Exception {
    return new PemObject("RSA PRIVATE KEY", key.getPrivate().getEncoded());
}

这将导出到一个文件中，一开始看起来不错。OpenSSL能够读取此文件并显示有关密钥值的信息。然而，lateron我尝试用

public static KeyPair readKeyPair(String path)
{
File privateKeyFile = new File(path);
    try (PEMParser pemParser = new PEMParser(new FileReader(privateKeyFile))){


        Object object = pemParser.readObject();
        KeyPair kp;
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
        kp = converter.getKeyPair((PEMKeyPair) object);
        pemParser.close();
        return kp;

    } catch (FileNotFoundException ex) {
        Logger.getLogger(Crypto.class.getName()).log(Level.SEVERE, null, ex);
    } catch (PEMException ex) {
        Logger.getLogger(Crypto.class.getName()).log(Level.SEVERE, null, ex);
    } catch (IOException ex) {
        Logger.getLogger(Crypto.class.getName()).log(Level.SEVERE, null, ex);
    } 
return null;

}

当我尝试此操作时，会收到一条错误消息

org.bouncycastle.openssl.PEMException: malformed sequence in RSA private key

（全文后接正文）

当我再看一眼OpenSSl时，我看到OpenSSl在末尾打印了同一密钥的不同值，文件中的密钥以开头

-----BEGIN RSA PRIVATE KEY-----
MIIEugIBADAN[...]

OpenSSL输出

openssl rsa -text -in Userkey.pem

Private-Key: (2048 bit)
modulus:
[...]
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIIEoAIBAAKC[...]

用于如上所述生成和存储的密钥文件。如果我尝试手动将OpenSSL的输出复制到文件中并将其与我的程序一起加载，那么一切似乎都正常工作。因此，我假设writeKey子例程中存在错误，但我无法找出这其中的错误。有人知道吗

完整错误消息：

   org.bouncycastle.openssl.PEMException: malformed sequence in RSA private key
at org.bouncycastle.openssl.PEMParser$KeyPairParser.parseObject(Unknown Source)
at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source)
at certificatemanagement.Crypto.readKeyPair(Crypto.java:257)
at certificatemanagement.GuiDesignController.CreateCertificatePressed(GuiDesignController.java:250)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at sun.reflect.misc.Trampoline.invoke(MethodUtil.java:71)
at sun.reflect.GeneratedMethodAccessor1.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at sun.reflect.misc.MethodUtil.invoke(MethodUtil.java:275)
at javafx.fxml.FXMLLoader$MethodHandler.invoke(FXMLLoader.java:1769)
at javafx.fxml.FXMLLoader$ControllerMethodEventHandler.handle(FXMLLoader.java:1657)
at com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(CompositeEventHandler.java:86)
at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:238)
at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:191)
at com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(CompositeEventDispatcher.java:59)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:58)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.EventUtil.fireEventImpl(EventUtil.java:74)
at com.sun.javafx.event.EventUtil.fireEvent(EventUtil.java:49)
at javafx.event.Event.fireEvent(Event.java:198)
at javafx.scene.Node.fireEvent(Node.java:8411)
at javafx.scene.control.Button.fire(Button.java:185)
at com.sun.javafx.scene.control.behavior.ButtonBehavior.mouseReleased(ButtonBehavior.java:182)
at com.sun.javafx.scene.control.skin.BehaviorSkinBase$1.handle(BehaviorSkinBase.java:96)
at com.sun.javafx.scene.control.skin.BehaviorSkinBase$1.handle(BehaviorSkinBase.java:89)
at com.sun.javafx.event.CompositeEventHandler$NormalEventHandlerRecord.handleBubblingEvent(CompositeEventHandler.java:218)
at com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(CompositeEventHandler.java:80)
at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:238)
at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:191)
at com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(CompositeEventDispatcher.java:59)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:58)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.EventUtil.fireEventImpl(EventUtil.java:74)
at com.sun.javafx.event.EventUtil.fireEvent(EventUtil.java:54)
at javafx.event.Event.fireEvent(Event.java:198)
at javafx.scene.Scene$MouseHandler.process(Scene.java:3757)
at javafx.scene.Scene$MouseHandler.access$1500(Scene.java:3485)
at javafx.scene.Scene.impl_processMouseEvent(Scene.java:1762)
at javafx.scene.Scene$ScenePeerListener.mouseEvent(Scene.java:2494)
at com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(GlassViewEventHandler.java:380)
at com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(GlassViewEventHandler.java:294)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.javafx.tk.quantum.GlassViewEventHandler.lambda$handleMouseEvent$354(GlassViewEventHandler.java:416)
at com.sun.javafx.tk.quantum.QuantumToolkit.runWithoutRenderLock(QuantumToolkit.java:389)
at com.sun.javafx.tk.quantum.GlassViewEventHandler.handleMouseEvent(GlassViewEventHandler.java:415)
at com.sun.glass.ui.View.handleMouseEvent(View.java:555)
at com.sun.glass.ui.View.notifyMouse(View.java:937)
at com.sun.glass.ui.win.WinApplication._runLoop(Native Method)
at com.sun.glass.ui.win.WinApplication.lambda$null$148(WinApplication.java:191)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.bouncycastle.openssl.PEMException: malformed sequence in RSA private key
at org.bouncycastle.openssl.PEMParser$RSAKeyPairParser.parse(Unknown Source)
... 70 more

Bouncy castle正在以PKCS8格式编写PEM文件，而不是PKCS1格式，它从不让您知道它没有达到您的预期

我不知道如何以PKCS1格式编写PEM文件。我很想知道，因为我会定期花一个下午的时间来尝试，然后再说服自己PCKS8是如此的优秀，没有人真的需要PKCS1，也没有人再跟我谈论PKCS1

因此，如果使用openssl命令：

opensslpkcs8-topk8-nocrypt-in private.pem

我想您尝试过的（

openssl rsa-in private.pem-check

），您将获得与bouncy castle编写的内容相同的内容。在这里，我们有一个命令，它只是有点聪明关于它做什么，不要告诉你，“是的，你告诉我读pcks1 RSA文件，但看，头总是撒谎，我确实看到它实际上是pkcs8，所以我将它读为pkcs8，每个人都很高兴，对吗？”

因此，您的代码应该进行调整，以将PCKS8读入如下内容（我从10y开始就没有使用Java，所以可能有一些小东西需要调整）：

同意诊断，但修复程序需要将写入端更改为

PemObject（“私钥”…getEncoded（））

，而不使用

RSA

，以便

PEMParser

将成功。您完全正确，而且是我们的意图！谢谢你注意到了！谢谢你对我的问题做了如此复杂的分析。正如你所解释的，我们意外地解决了这个问题，但现在我终于明白了哪里出了问题，以及为什么它现在起作用了。干得好！非常感谢。我不可能凭直觉就知道这一点。由于某些原因，我无法在IntelliJ中使用BouncyCastle代码，这使得调试几乎不可能。

public static PemObject createPrivateObject(KeyPair key) throws Exception {
  return new PemObject("PRIVATE KEY", key.getPrivate().getEncoded());
}

[...]

public static KeyPair readKeyPair(String path) {
  File privateKeyFile = new File(path);
  try (PEMParser pemParser = new PEMParser(new FileReader(privateKeyFile))){

    PrivateKeyInfo privkeyInfo = (PrivateKeyInfo)pemParser.readObject();
    PKCS8EncodedKeySpec keyspec = new PKCS8EncodedKeySpec(privkeyInfo.getEncoded);
    RSAPrivateKey privKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(keyspec)
    pemParser.close();
    return kp;

} catch { ....