构造EncryptedPrivateKeyInfo时发生异常 [英] Exception when Constructing EncryptedPrivateKeyInfo

查看：198 发布时间：2021/5/4 19:26:23 java encryption openssl ssl-certificate private-key

本文介绍了构造EncryptedPrivateKeyInfo时发生异常的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我已经生成了一个私钥，并使用密码对其进行了加密.现在，我想将其加载到EncryptedPrivateKeyInfo，以便可以构造并将其导出为PEM格式文件.下面是我使用的代码，

I have generated a private key and encrypted it with a password. Now I want to load it to EncryptedPrivateKeyInfo, so that I can construct and export it into a PEM format file. Below is the code I use,

final CertAndKeyGen keypair = new CertAndKeyGen("RSA", "SHA1WithRSA", null);
final X500Name x500Name =
    new X500Name("IN", "AP", "HYD", "TEST", "TEST_ORG", "test@xyz.com");
keypair.generate(1024);
final PrivateKey privKey = keypair.getPrivateKey();
final X509Certificate[] chain = new X509Certificate[1];
long validity = 123;
chain[0] = keypair.getSelfCertificate(x500Name, new Date(), 
    validity * 24 * 60 * 60);
Key key =  new SecretKeySpec(password.getBytes(), ALGO);
Cipher c = Cipher.getInstance(ALGO);
c.init(Cipher.ENCRYPT_MODE, key);
byte[] encVal = c.doFinal(privKey.getEncoded());
AlgorithmParameters params = AlgorithmParameters.getInstance("DES");
params.init(encVal); // <--- exception thrown here
EncryptedPrivateKeyInfo encinfo = new EncryptedPrivateKeyInfo(params, encVal);

// displaying encrypting value
String encryptedValue = Base64.encodeBase64String(encinfo.getEncoded());
System.out.println(encryptedValue);

但是在执行上面的代码时，我得到了下面的异常

But while executing the above code, I get the below exception

java.io.IOException: DER input not an octet string
  at sun.security.util.DerInputStream.getOctetString(DerInputStream.java:233)
  at com.sun.crypto.provider.SunJCE_t.a(DashoA13*..)
  at com.sun.crypto.provider.DESParameters.engineInit(DashoA13*..)
  at java.security.AlgorithmParameters.init(AlgorithmParameters.java:260)

在 params.init(encVal); 行中的

.我没有从异常中了解到什么地方出了问题.任何帮助或建议，将不胜感激.预先感谢.

in the line params.init(encVal);. I don't get what's going wrong from the exception. Any help or suggestion will be really appreciated. Thanks in advance.

推荐答案

包含加密的私钥的PKCS#8文件具有以下ASN.1结构:

A PKCS #8 file containing an encrypted private key has the following ASN.1 structure:

EncryptedPrivateKeyInfo ::= SEQUENCE {
  encryptionAlgorithm EncryptionAlgorithmIdentifier,
  encryptedData EncryptedData }

请注意，加密数据仅是总数据包的一部分.您需要按顺序将这些数据与加密算法标识符一起包括在内.上面的代码仅生成 encryptedData 部分.

Notice how the encrypted data is only part of the total data package. You need to include this data in a sequence along with the encryption algorithm identifier. Your code above produces only the encryptedData part.

我建议您考虑使用BouncyCastle.看来他们最近改进了对PKCS#8的支持.这是一些示例代码:

I would suggest you consider using BouncyCastle. It looks like they may have improved support for PKCS#8 recently. Here's some sample code:

KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
KeyPair keyPair = generator.generateKeyPair();

final PrivateKey privKey = keyPair.getPrivate();

JceOpenSSLPKCS8EncryptorBuilder builder =
    new JceOpenSSLPKCS8EncryptorBuilder(PKCS8Generator.PBE_SHA1_3DES);

builder.setIterationCount(10000);
builder.setPasssword("Hello, World!".toCharArray());

OutputEncryptor outputEncryptor = builder.build();    
PKCS8Generator pkcs8Generator =
    new JcaPKCS8Generator(privKey, outputEncryptor);

try (PemWriter writer = new PemWriter(new PrintWriter(System.out))) {
  writer.writeObject(pkcs8Generator);
}

这将输出加密的私钥:

这篇关于构造EncryptedPrivateKeyInfo时发生异常的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

构造EncryptedPrivateKeyInfo时发生异常 [英] Exception when Constructing EncryptedPrivateKeyInfo

问题描述

推荐答案

相关文章

Java开发最新文章

热门教程

热门工具

登录关闭

构造EncryptedPrivateKeyInfo时发生异常 [英] Exception when Constructing EncryptedPrivateKeyInfo

问题描述

推荐答案

相关文章

Java开发最新文章

热门教程

热门工具

登录 关闭

登录关闭