org.bouncycastle.openssl.PEMReader 可以读取 java.security.PrivateKey 吗？

发布于 2024-12-18 01:25:21 字数 851 浏览 2 评论 0原文

我有以下代码：

PrivateKey key = null;
X509Certificate cert = null;
KeyPair keyPair = null;

final Reader reader = new StringReader(pem);
try {
    final PEMReader pemReader = new PEMReader(reader, new PasswordFinder() {
        @Override
        public char[] getPassword() {
            return password == null ? null : password.toCharArray();
        }
    });

    Object obj;
    while ((obj = pemReader.readObject()) != null) {
        if (obj instanceof X509Certificate) {
            cert = (X509Certificate) obj;
        } else if (obj instanceof PrivateKey) {
            key = (PrivateKey) obj;
        } else if (obj instanceof KeyPair) {
            keyPair = (KeyPair) obj;
        }
    }
} finally {
    reader.close();
}

它会读取 PrivateKey 吗？换句话说，任何PEM文件都可以只包含纯私钥吗？如果是的话，您能给我提供一个 PEM 文件样本吗？

提前致谢。

原文

I have following code:

PrivateKey key = null;
X509Certificate cert = null;
KeyPair keyPair = null;

final Reader reader = new StringReader(pem);
try {
    final PEMReader pemReader = new PEMReader(reader, new PasswordFinder() {
        @Override
        public char[] getPassword() {
            return password == null ? null : password.toCharArray();
        }
    });

    Object obj;
    while ((obj = pemReader.readObject()) != null) {
        if (obj instanceof X509Certificate) {
            cert = (X509Certificate) obj;
        } else if (obj instanceof PrivateKey) {
            key = (PrivateKey) obj;
        } else if (obj instanceof KeyPair) {
            keyPair = (KeyPair) obj;
        }
    }
} finally {
    reader.close();
}

Will it ever read PrivateKey? In other words, can any PEM file contain pure private key only? If yes, could you provide me a sample PEM file?

Thanks in advace.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

我不会写诗 2024-12-25 01:25:21

文件可以仅包含私钥，并且可以是加密的或明文的。 OpenSSL 一直这样做。

然而，我查看了 PEMReader 的代码，看起来它将从 RSA 私钥返回一个 KeyPair （私钥文件包含相应密钥的所有必要信息）公钥）。看起来它永远不会从 readObject() 返回一个 PrivateKey。

这是来自 OpenSSL 的未加密 1024 RSA 私钥。

下面是相应的公钥：

KeyStore 用于在 Java 应用程序中携带公钥、私钥和对称密钥。大多数 Java 应用程序以 PKCS #8 编码（与 OpenSSL 格式不同）存储私钥，并且将公钥存储在公共密钥中。密钥用 SubjectPublicKeyInfo 结构表示（与 OpenSSL 相同）。

A file can contain only a private key, and it can be encrypted or clear text. OpenSSL does this all the time.

I reviewed the code for PEMReader, however, and it looks like it will return a KeyPair from an RSA private key (the private key file contains all the necessary information for the corresponding public key). It looks like it will never return simply a PrivateKey from readObject().

Here's an unencrypted 1024 RSA private key from OpenSSL.

Here's the corresponding public key:

A KeyStore is meant to be used to carry public, private, and symmetric keys in a Java application. Most Java applications store private keys in a PKCS #8 encoding (which is not the same as the OpenSSL format), and public keys are represented with a SubjectPublicKeyInfo structure (which is the same as OpenSSL).

回复收藏 0 原文

~没有更多了~