从文件加载 RSA 公钥 [英] Load RSA public key from file
问题描述
我已经生成了一个私钥:
I've generated a private key with:
openssl genrsa [-out file] –des3
在此之后,我生成了一个公钥:
After this I've generated a public key with:
openssl rsa –pubout -in private.key [-out file]
我想用我的私钥对一些消息进行签名,并用我的公钥验证一些其他消息,使用如下代码:
I want to sign some messages with my private key, and verify some other messages with my public key, using code like this:
public String sign(String message) throws SignatureException{
try {
Signature sign = Signature.getInstance("SHA1withRSA");
sign.initSign(privateKey);
sign.update(message.getBytes("UTF-8"));
return new String(Base64.encodeBase64(sign.sign()),"UTF-8");
} catch (Exception ex) {
throw new SignatureException(ex);
}
}
public boolean verify(String message, String signature) throws SignatureException{
try {
Signature sign = Signature.getInstance("SHA1withRSA");
sign.initVerify(publicKey);
sign.update(message.getBytes("UTF-8"));
return sign.verify(Base64.decodeBase64(signature.getBytes("UTF-8")));
} catch (Exception ex) {
throw new SignatureException(ex);
}
}
我找到了将我的私钥转换为 PKCS8 格式并加载它的解决方案.它适用于这样的一些代码:
I found a solution to convert my private key to PKCS8 format and load it. It works with some code like this:
public PrivateKey getPrivateKey(String filename) throws Exception {
File f = new File(filename);
FileInputStream fis = new FileInputStream(f);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int) f.length()];
dis.readFully(keyBytes);
dis.close();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf =
KeyFactory.getInstance("RSA");
return kf.generatePrivate(spec);
}
最后我的问题是:如何从文件中加载我的 RSA 公钥?
我想也许我需要将我的公钥文件转换为 x509 格式,并使用 X509EncodedKeySpec
.但是我该怎么做呢?
I think maybe I need to convert my public key file to x509 format, and use X509EncodedKeySpec
. But how can I do this?
推荐答案
以下相关信息来自Zaki 提供的链接.
Below is the relevant information from the link which Zaki provided.
生成 2048 位 RSA 私钥
Generate a 2048-bit RSA private key
$ openssl genrsa -out private_key.pem 2048
将私钥转换为 PKCS#8 格式(以便 Java 可以读取它)
Convert private Key to PKCS#8 format (so Java can read it)
$ openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt
以DER格式输出公钥部分(以便Java可以读取)
Output public key portion in DER format (so Java can read it)
$ openssl rsa -in private_key.pem -pubout -outform DER -out public_key.der
私钥
import java.nio.file.*;
import java.security.*;
import java.security.spec.*;
public class PrivateKeyReader {
public static PrivateKey get(String filename)
throws Exception {
byte[] keyBytes = Files.readAllBytes(Paths.get(filename));
PKCS8EncodedKeySpec spec =
new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePrivate(spec);
}
}
公钥
import java.nio.file.*;
import java.security.*;
import java.security.spec.*;
public class PublicKeyReader {
public static PublicKey get(String filename)
throws Exception {
byte[] keyBytes = Files.readAllBytes(Paths.get(filename));
X509EncodedKeySpec spec =
new X509EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePublic(spec);
}
}
这篇关于从文件加载 RSA 公钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!