使用BouncyCastle使用密码加密私钥 [英] Encrypt a private key with Password using BouncyCastle

问题描述

我是BouncyCastle的新手。我有一个使用以下代码生成的私钥。

I am new to BouncyCastle. I have a private key generated using the below code.

     final CertAndKeyGen keypair = new CertAndKeyGen("RSA", "SHA1WithRSA", null);
     keypair.generate(1024);
     final PrivateKey privKey = keypair.getPrivateKey();

我会使用AES或使用BouncyCastle的openssl支持的算法使用密码对其进行加密。有人可以帮我入门的地方，但是我找不到关于它的任何好教程。请帮帮我。

I would to encrypt it with a password using AES or some openssl supported algorithm using BouncyCastle. Can some one help me out how to start, where I am not able to find any good tutorial on this. Please help me out. Thanks in advance.

推荐答案

如果您只想将自己的私钥输出到密码短语 12345受保护的PEM格式，并且将文件您可以使用此BC代码：

If you just want to output your private key to a passphrase "12345" protected PEM formatted and file "privatekey.pem" you can use this BC code:

    JceOpenSSLPKCS8EncryptorBuilder encryptorBuilder = new JceOpenSSLPKCS8EncryptorBuilder(PKCS8Generator.PBE_SHA1_3DES);
    encryptorBuilder.setRandom(EntropySource.getSecureRandom());
    encryptorBuilder.setPasssword("12345".toCharArray());
    OutputEncryptor oe = encryptorBuilder.build();
    JcaPKCS8Generator gen = new JcaPKCS8Generator(privKey,oe);
    PemObject obj = gen.generate();

    PEMWriter pemWrt = new PEMWriter( new FileWriter("privatekey.pem"));
    pemWrt.writeObject(obj);
    pemWrt.close();

然后，您可以使用openssl并通过

then afterwards you can get at the private key with openssl with

$ openssl rsa -in privatekey.pem -check
Enter pass phrase for privatekey.pem:
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
.....
-----END RSA PRIVATE KEY-----

PEMWriter的标准用法不会密码保护您的私钥：（

The "standard" use of PEMWriter will not passphrase protect your private key:(

这篇关于使用BouncyCastle使用密码加密私钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！