从文件加载RSA公钥 [英] Load RSA public key from file

查看:122
本文介绍了从文件加载RSA公钥的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我已经生成了一个私钥:

I've generated a private key with:

openssl genrsa [-out file] –des3

在此之后我生成了一个公钥:

After this I've generated a public key with:

openssl rsa –pubout -in private.key [-out file]

我想用我的私钥签署一些邮件,并使用我的公钥验证其他一些邮件,使用如下代码:

I want to sign some messages with my private key, and verify some other messages with my public key, using code like this:

public String sign(String message) throws SignatureException{
    try {
        Signature sign = Signature.getInstance("SHA1withRSA");
        sign.initSign(privateKey);
        sign.update(message.getBytes("UTF-8"));
        return new String(Base64.encodeBase64(sign.sign()),"UTF-8");
    } catch (Exception ex) {
        throw new SignatureException(ex);
    }
}

public boolean verify(String message, String signature) throws SignatureException{
    try {
        Signature sign = Signature.getInstance("SHA1withRSA");
        sign.initVerify(publicKey);
        sign.update(message.getBytes("UTF-8"));
        return sign.verify(Base64.decodeBase64(signature.getBytes("UTF-8")));
    } catch (Exception ex) {
        throw new SignatureException(ex);
    }
}

我找到了将私钥转换为PKCS8的解决方案格式并加载它。它适用于以下代码:

I found a solution to convert my private key to PKCS8 format and load it. It works with some code like this:

public PrivateKey getPrivateKey(String filename) throws Exception {

    File f = new File(filename);
    FileInputStream fis = new FileInputStream(f);
    DataInputStream dis = new DataInputStream(fis);
    byte[] keyBytes = new byte[(int) f.length()];
    dis.readFully(keyBytes);
    dis.close();
    PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
    KeyFactory kf =
            KeyFactory.getInstance("RSA");
    return kf.generatePrivate(spec);
}

最后我的问题是:如何加载我的RSA Public来自文件的密钥?

我想我可能需要将公钥文件转换为x509格式,并使用 X509EncodedKeySpec 。但是我怎么能这样做?

I think maybe I need to convert my public key file to x509 format, and use X509EncodedKeySpec. But how can I do this?

推荐答案

以下是来自链接 Zaki 提供。


生成2048位RSA私钥

Generate a 2048-bit RSA private key

$ openssl genrsa -out private_key.pem 2048

将私钥转换为PKCS#8格式(所以Java可以读取它)

Convert private Key to PKCS#8 format (so Java can read it)

$ openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt

以DER格式输出公钥部分(因此Java可以读取它)

Output public key portion in DER format (so Java can read it)

$ openssl rsa -in private_key.pem -poutout -outform DER -out public_key.der



私钥



Private key

import java.io.*;
import java.nio.*;
import java.security.*;
import java.security.spec.*;

public class PrivateKeyReader {

  public static PrivateKey get(String filename)
  throws Exception {

    byte[] keyBytes = Files.readAllBytes(Paths.get(filename));

    PKCS8EncodedKeySpec spec =
      new PKCS8EncodedKeySpec(keyBytes);
    KeyFactory kf = KeyFactory.getInstance("RSA");
    return kf.generatePrivate(spec);
  }
}



公钥



Public key

import java.io.*;
import java.nio.*;
import java.security.*;
import java.security.spec.*;

public class PublicKeyReader {

  public static PublicKey get(String filename)
    throws Exception {

    byte[] keyBytes = Files.readAllBytes(Paths.get(filename));

    X509EncodedKeySpec spec =
      new X509EncodedKeySpec(keyBytes);
    KeyFactory kf = KeyFactory.getInstance("RSA");
    return kf.generatePublic(spec);
  }
}

这篇关于从文件加载RSA公钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆