RSA 密钥对生成并存储到密钥库

发布于 2024-10-21 04:01:13 字数 737 浏览 2 评论 0原文

我正在尝试生成 RSA 密钥对并将其存储在 HSM 密钥库中。我现在的代码如下所示：

String configName = "C:\\eTokenConfig.cfg";
    Provider p = new sun.security.pkcs11.SunPKCS11(configName);
    Security.addProvider(p);
    // Read the keystore form the smart card
    char[] pin = { 'p', '4', 's', 's', 'w', '0', 'r', 'd' };
    KeyStore keyStore = KeyStore.getInstance("PKCS11",p);
    keyStore.load(null, pin);
    //generate keys
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA",p);
    kpg.initialize(512);
    KeyPair pair = kpg.generateKeyPair();

    PrivateKey privateKey = pair.getPrivate();
    PublicKey publicKey = pair.getPublic();
    // Save Keys How ???

我尝试使用 keyStore.setEntry 方法，但问题是它需要证书链，而且我不知道如何获取此证书？

原文

I am tryng to generate RSA keypair and to store it on the HSM keystore. The code i have right now looks like this:

String configName = "C:\\eTokenConfig.cfg";
    Provider p = new sun.security.pkcs11.SunPKCS11(configName);
    Security.addProvider(p);
    // Read the keystore form the smart card
    char[] pin = { 'p', '4', 's', 's', 'w', '0', 'r', 'd' };
    KeyStore keyStore = KeyStore.getInstance("PKCS11",p);
    keyStore.load(null, pin);
    //generate keys
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA",p);
    kpg.initialize(512);
    KeyPair pair = kpg.generateKeyPair();

    PrivateKey privateKey = pair.getPrivate();
    PublicKey publicKey = pair.getPublic();
    // Save Keys How ???

I tried to use the keyStore.setEntry method but the problem is it requires a Certificate chain and I don't know how to get this certificate ??

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

﹎☆浅夏丿初晴 2024-10-28 04:01:13

请参阅 http://docs.oracle.com/javase/tutorial/security/ apisign/vstep2.html

保存公钥：

    X509EncodedKeySpec x509ks = new X509EncodedKeySpec(
            publicKey.getEncoded());
    FileOutputStream fos = new FileOutputStream(strPathFilePubKey);
    fos.write(x509ks.getEncoded());

加载公钥：

    byte[] encodedKey = IOUtils.toByteArray(new FileInputStream(strPathFilePubKey));
    KeyFactory keyFactory = KeyFactory.getInstance("RSA", p);
    X509EncodedKeySpec pkSpec = new X509EncodedKeySpec(
            encodedKey);
    PublicKey publicKey = keyFactory.generatePublic(pkSpec);

保存私钥：

    PKCS8EncodedKeySpec pkcsKeySpec = new PKCS8EncodedKeySpec(
            privateKey.getEncoded());
    FileOutputStream fos = new FileOutputStream(strPathFilePrivbKey);
    fos.write(pkcsKeySpec.getEncoded());

加载私钥：

    byte[] encodedKey = IOUtils.toByteArray(new FileInputStream(strPathFilePrivKey));
    KeyFactory keyFactory = KeyFactory.getInstance("RSA", p);
    PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(
            encodedKey);
    PrivateKey privateKey = keyFactory.generatePrivate(privKeySpec);

See http://docs.oracle.com/javase/tutorial/security/apisign/vstep2.html

Save Public Key:

    X509EncodedKeySpec x509ks = new X509EncodedKeySpec(
            publicKey.getEncoded());
    FileOutputStream fos = new FileOutputStream(strPathFilePubKey);
    fos.write(x509ks.getEncoded());

Load Public Key:

    byte[] encodedKey = IOUtils.toByteArray(new FileInputStream(strPathFilePubKey));
    KeyFactory keyFactory = KeyFactory.getInstance("RSA", p);
    X509EncodedKeySpec pkSpec = new X509EncodedKeySpec(
            encodedKey);
    PublicKey publicKey = keyFactory.generatePublic(pkSpec);

Save Private Key:

    PKCS8EncodedKeySpec pkcsKeySpec = new PKCS8EncodedKeySpec(
            privateKey.getEncoded());
    FileOutputStream fos = new FileOutputStream(strPathFilePrivbKey);
    fos.write(pkcsKeySpec.getEncoded());

Load Private Key:

    byte[] encodedKey = IOUtils.toByteArray(new FileInputStream(strPathFilePrivKey));
    KeyFactory keyFactory = KeyFactory.getInstance("RSA", p);
    PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(
            encodedKey);
    PrivateKey privateKey = keyFactory.generatePrivate(privKeySpec);

回复收藏 0 原文