如何从RSA Privatekey.pem文件中获取java.security.PrivateKey对象? [英] How to get the java.security.PrivateKey object from RSA Privatekey.pem file?
问题描述
我有一个RSA私钥文件(OCkey.pem)。使用java我必须从这个文件中获取私钥。使用下面的openssl命令生成此密钥。
注意:我无法在下面的openssl命令中更改任何内容。
openssl> req -newkey rsa:1024 -sha1 -keyout OCkey.pem -out OCreq.pem -subj/ C = country / L = city / O = OC / OU = myLab / CN = OCserverName / - config req.conf
证书如下所示。
////////////////////////////////////////// /////////////////
bash-3.00 $ less OCkey.pem
----- BEGIN RSA PRIVATE KEY-- ---
Proc-Type:4,ENCRYPTED
DEK-Info:DES-EDE3-CBC,EA1DBF8D142621BF
BYyZuqyqq9 + L0UT8UxwkDHX7P7YxpKugTXE8NCLQWhdS3EksMsv4xNQsZSVrJxE3
Ft9veWuk + PlFVQG2utZlWxTYsUVIJg4KF7EgCbyPbN1cyjsi9FMfmlPXQyCJ72rd
...
...
cBlG80PT4t27h01gcCFRCBGHxiidh5LAATkApZMSfe6BBv4hYjkCmg ==
----- END RSA PRIVATE KEY -----
////////////////////////////////////////// ////////////////////
以下是我的尝试
byte [] privKeyBytes = new byte [(int)new File(C:/OCkey.pem)。length()] ;
PublicKey publicKey = KeyFactory.getInstance(RSA)。generatePublic(new X509EncodedKeySpec(privKeyBytes));
但是获得
java.security.spec.InvalidKeySpecException:
java.security.InvalidKeyException:无效的密钥格式
请帮助。
确保私钥是DER格式,并且您正在使用正确的keyspec。我相信你应该在这里使用PKCS8作为privkeybytes
首先,你需要将私钥转换为二进制DER格式。
下面是如何使用 OpenSSL 来实现的:
openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt
最后,
public static PrivateKey getPrivateKey(String filename抛出异常{
文件f =新文件(文件名);
FileInputStream fis = new FileInputStream(f);
DataInputStream dis = new DataInputStream(fis);
byte [] keyBytes = new byte [(int)f.length()];
dis.readFully(keyBytes);
dis.close();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance(RSA);
返回kf.generatePrivate(spec);
}
I have a RSA private key file (OCkey.pem). Using java i have to get the private key from this file. this key is generated using the below openssl command. Note : I can't change anything on this openssl command below.
openssl> req -newkey rsa:1024 -sha1 -keyout OCkey.pem -out OCreq.pem -subj "/C=country/L=city/O=OC/OU=myLab/CN=OCserverName/" -config req.conf
The certificate looks like below.
///////////////////////////////////////////////////////////
bash-3.00$ less OCkey.pem
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,EA1DBF8D142621BFBYyZuqyqq9+L0UT8UxwkDHX7P7YxpKugTXE8NCLQWhdS3EksMsv4xNQsZSVrJxE3
Ft9veWuk+PlFVQG2utZlWxTYsUVIJg4KF7EgCbyPbN1cyjsi9FMfmlPXQyCJ72rd
...
...
cBlG80PT4t27h01gcCFRCBGHxiidh5LAATkApZMSfe6BBv4hYjkCmg==
-----END RSA PRIVATE KEY-----
//////////////////////////////////////////////////////////////
Following is what I tried
byte[] privKeyBytes = new byte[(int)new File("C:/OCkey.pem").length()];
PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(privKeyBytes));
but getting
"java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format"
Please help.
Make sure the privatekey is in DER format and you're using the correct keyspec. I believe you should be using PKCS8 here for the privkeybytes
Firstly, you need to convert the private key to binary DER format.
Heres how you would do it using OpenSSL:
openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt
Finally,
public static PrivateKey getPrivateKey(String filename) throws Exception {
File f = new File(filename);
FileInputStream fis = new FileInputStream(f);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int) f.length()];
dis.readFully(keyBytes);
dis.close();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePrivate(spec);
}
这篇关于如何从RSA Privatekey.pem文件中获取java.security.PrivateKey对象?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
