通过 openSSL API 加载从 java 生成的公钥

发布于 2024-09-30 05:14:03 字数 1049 浏览 3 评论 0原文

应该使用 JCE 实施解决方案我有一个使用 KeyPairGenerator 生成的公钥字符串。

如何使用 PEM_read_bio_RSAPublicKey 在 openSSL Api 调用中加载它？或者这将具有 x509 规范编码，我们如何删除和生成与 openssl api 调用兼容的公共？

try {
    // Get the public/private key pair
    KeyPairGenerator keyGen = KeyPairGenerator
        .getInstance(keyAlgorithm);
    keyGen.initialize(numBits);
    KeyPair keyPair = keyGen.genKeyPair();
    PrivateKey privateKey = keyPair.getPrivate();
    PublicKey publicKey = keyPair.getPublic();

    System.out.println("\n" + "Generating key/value pair using "
        + privateKey.getAlgorithm() + " algorithm");

    // Get the bytes of the public and private keys
    privateKeyBytes = privateKey.getEncoded();
    publicKeyBytes = publicKey.getEncoded();
    try {
        rsa_publickey = new 
            BASE64Encoder().encodeBuffer((keyPair.getPublic()).getEncoded());
    }
    catch(Exception e1)
    {
        e1.printStackTrace();
    }
    System.out.println("PublicKey :"+rsa_publickey);
}
catch(Exception e1)
{
    e1.printStackTrace();
}

原文

Should implement the solution with JCE
I Have a Public Key String generated using the KeyPairGenerator.

How do I load this in openSSL Api call using PEM_read_bio_RSAPublicKey? Or this will have the x509 spec encoded how do we remove and generate the public which is compatible with the openssl api call?

try {
    // Get the public/private key pair
    KeyPairGenerator keyGen = KeyPairGenerator
        .getInstance(keyAlgorithm);
    keyGen.initialize(numBits);
    KeyPair keyPair = keyGen.genKeyPair();
    PrivateKey privateKey = keyPair.getPrivate();
    PublicKey publicKey = keyPair.getPublic();

    System.out.println("\n" + "Generating key/value pair using "
        + privateKey.getAlgorithm() + " algorithm");

    // Get the bytes of the public and private keys
    privateKeyBytes = privateKey.getEncoded();
    publicKeyBytes = publicKey.getEncoded();
    try {
        rsa_publickey = new 
            BASE64Encoder().encodeBuffer((keyPair.getPublic()).getEncoded());
    }
    catch(Exception e1)
    {
        e1.printStackTrace();
    }
    System.out.println("PublicKey :"+rsa_publickey);
}
catch(Exception e1)
{
    e1.printStackTrace();
}

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

甜嗑 2024-10-07 05:14:03

也许您可以尝试使用 Bouncycastle 的 Bouncycastle 将其从 Java 导出为 OpenSSL 可以读取的 PEM 格式="http://www.bouncycastle.org/docs/docs1.6/org/bouncycastle/openssl/PEMWriter.html" rel="nofollow">PEMWriter。

编辑： 例如，以下代码：

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(2048);
KeyPair keyPair = keyGen.genKeyPair();
PrivateKey privateKey = keyPair.getPrivate();
PublicKey publicKey = keyPair.getPublic();

// Solution 1: using BouncyCastle's PEMWriter
PEMWriter pemWriter = new PEMWriter(new PrintWriter(System.out));
pemWriter.writeObject(publicKey);
pemWriter.flush();

// Solution 2: using sun.misc.BASE64Encoder
// (and possibly naive 64-character line split)
sun.misc.BASE64Encoder encoder = new sun.misc.BASE64Encoder();
String encoded = encoder.encode(publicKey.getEncoded());
encoded = encoded.replace("\n", "");
StringBuilder builder = new StringBuilder();
builder.append("-----BEGIN PUBLIC KEY-----");
builder.append("\n");
int i = 0;
while (i < encoded.length()) {
    builder.append(encoded.substring(i,
            Math.min(i + 64, encoded.length())));
    builder.append("\n");
    i += 64;
}
builder.append("-----END PUBLIC KEY-----");
System.out.println(builder);

产生此输出：（

如果您想在没有 BouncyCastle 的情况下执行此操作，您可能需要使用另一个 Base 64 编码器，因为通常不建议使用 sun.* 软件包可能不会在所有 JRE 上公开或可用。）

我没有尝试使用 OpenSSL 的 API 加载，但是在命令行上使用 OpenSSL，当您粘贴上面的密钥时，您会得到这个（请注意，BEGIN/END 分隔符之间的内容是标准输入，粘贴在此处的终端上）：

$ openssl rsa -inform PEM -pubin -text -noout
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CCQ5fdVEEm8u1CrbMXa
FK35/d5MxNjCg7EQZwKsydRhfGhbK+u+iTUiv9rkqhcCucqrMi9eXtqt/QNGreFF
oR5auneeCMgqnXxoX7wjuZ5DBt6qN6ZSe+sAPqSKbvvLUmpBUK9pdOvxegQFGG2d
OUCcQLg2o6vLr9r7ZJDSxdyzCb14i+TEt0TnLjFTkR846dmX41gfU7eacoPxYWoo
Pvhq2huyH0cP8rNJ2/+2BcInjyv5TpLT+m0lYjMar6exgonqRetIJF0Gi7unM+0V
RsBoaBMAsLeqoR5OrCrSKepWbjixjHRMmjBaTYM5wP8DAbjVupUQ9kUwqRTzHTti
XQIDAQAB
-----END PUBLIC KEY-----
Modulus (2048 bit):
    00:d0:20:90:e5:f7:55:10:49:bc:bb:50:ab:6c:c5:
    da:14:ad:f9:fd:de:4c:c4:d8:c2:83:b1:10:67:02:
    ac:c9:d4:61:7c:68:5b:2b:eb:be:89:35:22:bf:da:
    e4:aa:17:02:b9:ca:ab:32:2f:5e:5e:da:ad:fd:03:
    46:ad:e1:45:a1:1e:5a:ba:77:9e:08:c8:2a:9d:7c:
    68:5f:bc:23:b9:9e:43:06:de:aa:37:a6:52:7b:eb:
    00:3e:a4:8a:6e:fb:cb:52:6a:41:50:af:69:74:eb:
    f1:7a:04:05:18:6d:9d:39:40:9c:40:b8:36:a3:ab:
    cb:af:da:fb:64:90:d2:c5:dc:b3:09:bd:78:8b:e4:
    c4:b7:44:e7:2e:31:53:91:1f:38:e9:d9:97:e3:58:
    1f:53:b7:9a:72:83:f1:61:6a:28:3e:f8:6a:da:1b:
    b2:1f:47:0f:f2:b3:49:db:ff:b6:05:c2:27:8f:2b:
    f9:4e:92:d3:fa:6d:25:62:33:1a:af:a7:b1:82:89:
    ea:45:eb:48:24:5d:06:8b:bb:a7:33:ed:15:46:c0:
    68:68:13:00:b0:b7:aa:a1:1e:4e:ac:2a:d2:29:ea:
    56:6e:38:b1:8c:74:4c:9a:30:5a:4d:83:39:c0:ff:
    03:01:b8:d5:ba:95:10:f6:45:30:a9:14:f3:1d:3b:
    62:5d
Exponent: 65537 (0x10001)

编辑：
如果您想导出 BEGIN RSA PUBLIC KEY 中的某些内容，您可以尝试如下操作：

RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
RSAPublicKeyStructure pubkeyStruct = new RSAPublicKeyStructure(
    rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent());
pubkeyStruct.getDEREncoded(); // base64-encode this between the delimiters

Perhaps you could try to export it from Java to the PEM format OpenSSL can read, using Bouncycastle's PEMWriter.

EDIT: For example, the following code:

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(2048);
KeyPair keyPair = keyGen.genKeyPair();
PrivateKey privateKey = keyPair.getPrivate();
PublicKey publicKey = keyPair.getPublic();

// Solution 1: using BouncyCastle's PEMWriter
PEMWriter pemWriter = new PEMWriter(new PrintWriter(System.out));
pemWriter.writeObject(publicKey);
pemWriter.flush();

// Solution 2: using sun.misc.BASE64Encoder
// (and possibly naive 64-character line split)
sun.misc.BASE64Encoder encoder = new sun.misc.BASE64Encoder();
String encoded = encoder.encode(publicKey.getEncoded());
encoded = encoded.replace("\n", "");
StringBuilder builder = new StringBuilder();
builder.append("-----BEGIN PUBLIC KEY-----");
builder.append("\n");
int i = 0;
while (i < encoded.length()) {
    builder.append(encoded.substring(i,
            Math.min(i + 64, encoded.length())));
    builder.append("\n");
    i += 64;
}
builder.append("-----END PUBLIC KEY-----");
System.out.println(builder);

produces this output:

(If you want to do it without BouncyCastle, you might want to use another base 64 encoder, since it's usually not recommended to use sun.* packages that may not be exposed or available on all JREs.)

I haven't tried to load in using OpenSSL's API, but with OpenSSL on the command line, when you paste the above key, you get this (note that what's between the BEGIN/END delimiters is stdin, pasted on the terminal here):

$ openssl rsa -inform PEM -pubin -text -noout
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CCQ5fdVEEm8u1CrbMXa
FK35/d5MxNjCg7EQZwKsydRhfGhbK+u+iTUiv9rkqhcCucqrMi9eXtqt/QNGreFF
oR5auneeCMgqnXxoX7wjuZ5DBt6qN6ZSe+sAPqSKbvvLUmpBUK9pdOvxegQFGG2d
OUCcQLg2o6vLr9r7ZJDSxdyzCb14i+TEt0TnLjFTkR846dmX41gfU7eacoPxYWoo
Pvhq2huyH0cP8rNJ2/+2BcInjyv5TpLT+m0lYjMar6exgonqRetIJF0Gi7unM+0V
RsBoaBMAsLeqoR5OrCrSKepWbjixjHRMmjBaTYM5wP8DAbjVupUQ9kUwqRTzHTti
XQIDAQAB
-----END PUBLIC KEY-----
Modulus (2048 bit):
    00:d0:20:90:e5:f7:55:10:49:bc:bb:50:ab:6c:c5:
    da:14:ad:f9:fd:de:4c:c4:d8:c2:83:b1:10:67:02:
    ac:c9:d4:61:7c:68:5b:2b:eb:be:89:35:22:bf:da:
    e4:aa:17:02:b9:ca:ab:32:2f:5e:5e:da:ad:fd:03:
    46:ad:e1:45:a1:1e:5a:ba:77:9e:08:c8:2a:9d:7c:
    68:5f:bc:23:b9:9e:43:06:de:aa:37:a6:52:7b:eb:
    00:3e:a4:8a:6e:fb:cb:52:6a:41:50:af:69:74:eb:
    f1:7a:04:05:18:6d:9d:39:40:9c:40:b8:36:a3:ab:
    cb:af:da:fb:64:90:d2:c5:dc:b3:09:bd:78:8b:e4:
    c4:b7:44:e7:2e:31:53:91:1f:38:e9:d9:97:e3:58:
    1f:53:b7:9a:72:83:f1:61:6a:28:3e:f8:6a:da:1b:
    b2:1f:47:0f:f2:b3:49:db:ff:b6:05:c2:27:8f:2b:
    f9:4e:92:d3:fa:6d:25:62:33:1a:af:a7:b1:82:89:
    ea:45:eb:48:24:5d:06:8b:bb:a7:33:ed:15:46:c0:
    68:68:13:00:b0:b7:aa:a1:1e:4e:ac:2a:d2:29:ea:
    56:6e:38:b1:8c:74:4c:9a:30:5a:4d:83:39:c0:ff:
    03:01:b8:d5:ba:95:10:f6:45:30:a9:14:f3:1d:3b:
    62:5d
Exponent: 65537 (0x10001)

EDIT:
If you want to export something within the BEGIN RSA PUBLIC KEY instead, you can try something like this:

RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
RSAPublicKeyStructure pubkeyStruct = new RSAPublicKeyStructure(
    rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent());
pubkeyStruct.getDEREncoded(); // base64-encode this between the delimiters

回复收藏 0 原文

~没有更多了~