java 从字节数组创建私钥
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4600106/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Create PrivateKey from byte array
提问by Vuk
Is there a way to generate PrivateKey from byte array? I got this byte array using getEncoded() method, but now I have to convert it back to PrivateKey.
有没有办法从字节数组生成私钥?我使用 getEncoded() 方法获得了这个字节数组,但现在我必须将它转换回 PrivateKey。
Thanks, Vuk
谢谢,武克
回答by marchica
I was looking for this answer too and finally found it. keyBytes is a byte array originally created with getEncoded().
我也在寻找这个答案,终于找到了。keyBytes 是最初使用 getEncoded() 创建的字节数组。
//add BouncyCastle as a provider if you want
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
//create a keyfactory - use whichever algorithm and provider
KeyFactory kf = KeyFactory.getInstance("DSA", "BC");
//for private keys use PKCS8EncodedKeySpec; for public keys use X509EncodedKeySpec
PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(keyBytes);
PrivateKey pk = kf.generatePrivate(ks);
I've never done anything for JavaCard but from this post, it looks like you can use the KeyFactory class. You'll probably need to download the BouncyCastle library.
我从来没有为 JavaCard 做过任何事情,但是从这篇文章来看,您似乎可以使用 KeyFactory 类。您可能需要下载 BouncyCastle 库。
回答by Patrick
As stated on the Java docs
Keys are generally obtained through key generators, certificates, or various Identity classes used to manage keys. Keys may also be obtained from key specifications (transparent representations of the underlying key material) through the use of a key factory.
密钥通常通过密钥生成器、证书或用于管理密钥的各种身份类获得。还可以通过使用密钥工厂从密钥规范(底层密钥材料的透明表示)中获得密钥。
The KeyFactoryclass can help you out with this.
该的KeyFactory类可以帮你出这一点。
回答by Robert
Throw away the encoded byte array. On JavaCard there is AFAIR no way to decode it directly - you have to set the different key components separately.
扔掉编码的字节数组。在 JavaCard 上,AFAIR 无法直接对其进行解码 - 您必须分别设置不同的关键组件。
For example an RSAPrivateKey needs to be initialized with the exponent and the modulus:
例如,需要使用指数和模数初始化 RSAPrivateKey:
rsaPrivate = (RSAPrivateKey) javacard.security.KeyBuilder.buildKey
(javacard.security.KeyBuilder.TYPE_RSA_PRIVATE,
javacard.security.KeyBuilder.LENGTH_RSA_512, false);
byte[] exponent = {(byte) 7};
byte[] modulus = {(byte) 33};
rsaPrivate.setExponent(exponent, (short) 0, (short) exponent.length);
rsaPrivate.setModulus(modulus, (short) 0, (short) modulus.length);
BTW: For JavaCard questions I recommend the JavaCard Forumin the Oracle forums. If you search there for RSAPrivateKey you will find some interesting posts.
顺便说一句:对于 JavaCard 问题,我推荐Oracle 论坛中的JavaCard论坛。如果您在那里搜索 RSAPrivateKey,您会发现一些有趣的帖子。
回答by Maarten Bodewes
Either you have to decode the PKCS#8 encoded blob yourself (ASN.1 BER parsing) and set the components, or you can get the components from the private key (at least the private exponent and modulus) as Java BigIntegers, convert those to unsigned byte arrays and set them in the Java Card API as explained by Robert. PKCS#8 parsing can be done on Java Card but it's a pretty horrendous excercise.
您必须自己解码 PKCS#8 编码的 blob(ASN.1 BER 解析)并设置组件,或者您可以从私钥(至少是私有指数和模数)中获取组件作为 Java BigIntegers,将它们转换为无符号字节数组,并按照罗伯特的解释在 Java Card API 中设置它们。PKCS#8 解析可以在 Java Card 上完成,但这是一个非常可怕的练习。
回答by Amal Kallel
//ECDSA algo of signature type prime256 of key
Security.addProvider(new BouncyCastleProvider());
KeyFactory factory = KeyFactory.getInstance("ECDSA", "BC");
ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("prime256v1");
ECPrivateKeySpec ecPrivateKeySpec = new ECPrivateKeySpec(new BigInteger(1, privKey), spec);
PrivateKey privateKey = factory.generatePrivate(ecPrivateKeySpec);
