Fatal编程技术网
  • openssl/
  • 通过openSSL API加载从java生成的公钥

通过openSSL API加载从java生成的公钥

openssl

通过openSSL API加载从java生成的公钥,openssl,jce,Openssl,Jce,应该使用JCE实现解决方案 我有一个使用KeyPairGenerator生成的公钥字符串 我如何使用PEM_read_bio_RSAPublicKey在openSSL Api调用中加载它?或者,这将对x509规范进行编码。我们如何删除并生成与openssl api调用兼容的public try { // Get the public/private key pair KeyPairGenerator keyGen = KeyPairGenerator .getIn

应该使用JCE实现解决方案 我有一个使用KeyPairGenerator生成的公钥字符串

我如何使用PEM_read_bio_RSAPublicKey在openSSL Api调用中加载它?或者,这将对x509规范进行编码。我们如何删除并生成与openssl api调用兼容的public

try {
    // Get the public/private key pair
    KeyPairGenerator keyGen = KeyPairGenerator
        .getInstance(keyAlgorithm);
    keyGen.initialize(numBits);
    KeyPair keyPair = keyGen.genKeyPair();
    PrivateKey privateKey = keyPair.getPrivate();
    PublicKey publicKey = keyPair.getPublic();

    System.out.println("\n" + "Generating key/value pair using "
        + privateKey.getAlgorithm() + " algorithm");

    // Get the bytes of the public and private keys
    privateKeyBytes = privateKey.getEncoded();
    publicKeyBytes = publicKey.getEncoded();
    try {
        rsa_publickey = new 
            BASE64Encoder().encodeBuffer((keyPair.getPublic()).getEncoded());
    }
    catch(Exception e1)
    {
        e1.printStackTrace();
    }
    System.out.println("PublicKey :"+rsa_publickey);
}
catch(Exception e1)
{
    e1.printStackTrace();
}
也许您可以尝试将它从Java导出到PEM格式,OpenSSL可以读取,使用的是

编辑:例如,以下代码:

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(2048);
KeyPair keyPair = keyGen.genKeyPair();
PrivateKey privateKey = keyPair.getPrivate();
PublicKey publicKey = keyPair.getPublic();

// Solution 1: using BouncyCastle's PEMWriter
PEMWriter pemWriter = new PEMWriter(new PrintWriter(System.out));
pemWriter.writeObject(publicKey);
pemWriter.flush();

// Solution 2: using sun.misc.BASE64Encoder
// (and possibly naive 64-character line split)
sun.misc.BASE64Encoder encoder = new sun.misc.BASE64Encoder();
String encoded = encoder.encode(publicKey.getEncoded());
encoded = encoded.replace("\n", "");
StringBuilder builder = new StringBuilder();
builder.append("-----BEGIN PUBLIC KEY-----");
builder.append("\n");
int i = 0;
while (i < encoded.length()) {
    builder.append(encoded.substring(i,
            Math.min(i + 64, encoded.length())));
    builder.append("\n");
    i += 64;
}
builder.append("-----END PUBLIC KEY-----");
System.out.println(builder);
(如果您想在不使用BouncyCastle的情况下使用它,您可能需要使用另一个base 64编码器,因为通常不建议使用
sun.*
包,这些包可能不会在所有JRE上公开或可用。)

我没有尝试使用OpenSSL的API加载,但是使用命令行上的OpenSSL,当您粘贴上述密钥时,您会得到以下结果(请注意,开始/结束分隔符之间是stdin,粘贴在终端上):

编辑: 如果您想在
开始RSA公钥
中导出某些内容,可以尝试以下方法:

RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
RSAPublicKeyStructure pubkeyStruct = new RSAPublicKeyStructure(
    rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent());
pubkeyStruct.getDEREncoded(); // base64-encode this between the delimiters
你能建议使用吗JCE@MSSV,我刚刚添加了一个示例,我不确定它是否是您要查找的。如果标题显示为BEGIN RSA PUBLIC KEY而不是BEGIN PUBLIC KEY,是否有编码更改?@MSSV,是的。它们是不同的,BEGIN RSA公钥中的是这个ASN.1结构中的“subjectPublicKey”
SubjectPublicKeyInfo:=序列{algorithm AlgorithmIdentifier,subjectPublicKey BIT STRING}
,而BEGIN公钥中的是整个结构(包括
AlgorithmIdentifier
)那我怎么用弹跳城堡来设定呢? 
$ openssl rsa -inform PEM -pubin -text -noout
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CCQ5fdVEEm8u1CrbMXa
FK35/d5MxNjCg7EQZwKsydRhfGhbK+u+iTUiv9rkqhcCucqrMi9eXtqt/QNGreFF
oR5auneeCMgqnXxoX7wjuZ5DBt6qN6ZSe+sAPqSKbvvLUmpBUK9pdOvxegQFGG2d
OUCcQLg2o6vLr9r7ZJDSxdyzCb14i+TEt0TnLjFTkR846dmX41gfU7eacoPxYWoo
Pvhq2huyH0cP8rNJ2/+2BcInjyv5TpLT+m0lYjMar6exgonqRetIJF0Gi7unM+0V
RsBoaBMAsLeqoR5OrCrSKepWbjixjHRMmjBaTYM5wP8DAbjVupUQ9kUwqRTzHTti
XQIDAQAB
-----END PUBLIC KEY-----
Modulus (2048 bit):
    00:d0:20:90:e5:f7:55:10:49:bc:bb:50:ab:6c:c5:
    da:14:ad:f9:fd:de:4c:c4:d8:c2:83:b1:10:67:02:
    ac:c9:d4:61:7c:68:5b:2b:eb:be:89:35:22:bf:da:
    e4:aa:17:02:b9:ca:ab:32:2f:5e:5e:da:ad:fd:03:
    46:ad:e1:45:a1:1e:5a:ba:77:9e:08:c8:2a:9d:7c:
    68:5f:bc:23:b9:9e:43:06:de:aa:37:a6:52:7b:eb:
    00:3e:a4:8a:6e:fb:cb:52:6a:41:50:af:69:74:eb:
    f1:7a:04:05:18:6d:9d:39:40:9c:40:b8:36:a3:ab:
    cb:af:da:fb:64:90:d2:c5:dc:b3:09:bd:78:8b:e4:
    c4:b7:44:e7:2e:31:53:91:1f:38:e9:d9:97:e3:58:
    1f:53:b7:9a:72:83:f1:61:6a:28:3e:f8:6a:da:1b:
    b2:1f:47:0f:f2:b3:49:db:ff:b6:05:c2:27:8f:2b:
    f9:4e:92:d3:fa:6d:25:62:33:1a:af:a7:b1:82:89:
    ea:45:eb:48:24:5d:06:8b:bb:a7:33:ed:15:46:c0:
    68:68:13:00:b0:b7:aa:a1:1e:4e:ac:2a:d2:29:ea:
    56:6e:38:b1:8c:74:4c:9a:30:5a:4d:83:39:c0:ff:
    03:01:b8:d5:ba:95:10:f6:45:30:a9:14:f3:1d:3b:
    62:5d
Exponent: 65537 (0x10001)

RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
RSAPublicKeyStructure pubkeyStruct = new RSAPublicKeyStructure(
    rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent());
pubkeyStruct.getDEREncoded(); // base64-encode this between the delimiters