如何从 RSA Privatekey.pem 文件中获取 java.security.PrivateKey 对象?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7525679/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to get the java.security.PrivateKey object from RSA Privatekey.pem file?
提问by Kanagavelu Sugumar
I have a RSA private key file (OCkey.pem). Using java i have to get the private key from this file. this key is generated using the below openssl command. Note : I can't change anything on this openssl command below.
我有一个 RSA 私钥文件 (OCkey.pem)。使用 java 我必须从这个文件中获取私钥。此密钥是使用以下 openssl 命令生成的。注意:我无法对下面的 openssl 命令进行任何更改。
openssl> req -newkey rsa:1024 -sha1 -keyout OCkey.pem -out OCreq.pem -subj "/C=country/L=city/O=OC/OU=myLab/CN=OCserverName/" -config req.conf
The certificate looks like below.
证书如下所示。
///////////////////////////////////////////////////////////
bash-3.00$ less OCkey.pem
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,EA1DBF8D142621BFBYyZuqyqq9+L0UT8UxwkDHX7P7YxpKugTXE8NCLQWhdS3EksMsv4xNQsZSVrJxE3
Ft9veWuk+PlFVQG2utZlWxTYsUVIJg4KF7EgCbyPbN1cyjsi9FMfmlPXQyCJ72rd
...
...
cBlG80PT4t27h01gcCFRCBGHxiidh5LAATkApZMSfe6BBv4hYjkCmg==
-----END RSA PRIVATE KEY-----
//////////////////////////////////////////////////////////////
////////////////////////////////////////////////// /////////
bash-3.00$ 减去 OCkey.pem
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,EA1DBF8D142621BFBYyZuqyqq9 + L0UT8UxwkDHX7P7YxpKugTXE8NCLQWhdS3EksMsv4xNQsZSVrJxE3
Ft9veWuk + PlFVQG2utZlWxTYsUVIJg4KF7EgCbyPbN1cyjsi9FMfmlPXQyCJ72rd
...
...
cBlG80PT4t27h01gcCFRCBGHxiidh5LAATkApZMSfe6BBv4hYjkCmg ==
----- END RSA私钥-----
///////////////////// /////////////////////////////////////////
Following is what I tried
以下是我尝试过的
byte[] privKeyBytes = new byte[(int)new File("C:/OCkey.pem").length()];
PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(privKeyBytes));
but getting
但得到
"java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format"
“java.security.spec.InvalidKeySpecException:java.security.InvalidKeyException:密钥格式无效”
Please help.
请帮忙。
回答by Zaki
Make sure the privatekey is in DER format and you're using the correct keyspec. I believe you should be using PKCS8 here for the privkeybytes
确保私钥采用 DER 格式,并且您使用的是正确的密钥规范。我相信你应该在这里使用 PKCS8 来获取 privkeybytes
Firstly, you need to convert the private key to binary DER format.
Heres how you would do it using OpenSSL:
首先,您需要将私钥转换为二进制 DER 格式。以下是您将如何使用OpenSSL做到这一点:
openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt
Finally,
最后,
public static PrivateKey getPrivateKey(String filename) throws Exception {
File f = new File(filename);
FileInputStream fis = new FileInputStream(f);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int) f.length()];
dis.readFully(keyBytes);
dis.close();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePrivate(spec);
}
