Java 使用 bouncycastle/spongycastle 读取加密的私钥
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/22920131/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Read an encrypted private key with bouncycastle/spongycastle
提问by user3507885
I have a password protected, encrypted RSA private key, which was created with PyCrypto (2.6.1) and has according to their docs the following format: PrivateKeyInfo, PKCS#8 (DER SEQUENCE), PEM (RFC1423), see
[https://www.dlitz.net/software/pycrypto/api/current/Crypto.PublicKey.RSA._RSAobj-class.html#exportKey].
我有一个受密码保护的加密 RSA 私钥,它是用 PyCrypto (2.6.1) 创建的,根据他们的文档具有以下格式:PrivateKeyInfo, PKCS#8 (DER SEQUENCE), PEM (RFC1423),请参阅 [ https://www.dlitz.net/software/pycrypto/api/ current/Crypto.PublicKey.RSA._RSAobj-class.html#exportKey]。
How can I decrypt this RSA key with Bouncycastle/Spongycastle?
如何使用 Bouncycastle/Spongycastle 解密此 RSA 密钥?
I've searched Google for quite a long time and only came up with results, that either won't work with version 1.50 (because PEMReader was deprecated and got removed) or with examples of PEMParser who seems to could not read this format. BTW: Is there any documentation on Bouncycastle I missed?
我已经在 Google 上搜索了很长时间,但只得到了一些结果,该结果要么不适用于 1.50 版(因为 PEMReader 已被弃用并已被删除),要么使用似乎无法读取这种格式的 PEMParser 示例。顺便说一句:我错过了有关 Bouncycastle 的任何文档吗?
This is the header of my encrypted private key:
这是我加密的私钥的标题:
-----BEGIN PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,68949227DD8A502D
xyz...
I would really be thankful, if anyone could help me out!
我真的很感激,如果有人能帮助我!
回答by monim
Using the answer for this questionyou should do the following
使用此问题的答案,您应该执行以下操作
File privateKeyFile = new File(privateKeyFileName); // private key file in PEM format
PEMParser pemParser = new PEMParser(new FileReader(privateKeyFile));
Object object = pemParser.readObject();
PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(password.toCharArray());
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
KeyPair kp;
if (object instanceof PEMEncryptedKeyPair) {
kp = converter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv));
}
Then you can say
那你可以说
PrivateKey key = kp.getPrivateKey();
回答by Bludwarf
To sum up what I found on this topic hereand there:
Here is the final code if you want to get the modulus for example :
例如,如果您想获得模数,这是最终代码:
// For JcaPEMKeyConverter().setProvider("BC")
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
// Using bcpkix-jdk14-1.48
PEMParser pemParser = new PEMParser(new FileReader(file));
Object object = pemParser.readObject();
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
KeyPair kp;
if (object instanceof PEMEncryptedKeyPair)
{
// Encrypted key - we will use provided password
PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) object;
PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(password.toCharArray());
kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
}
else
{
// Unencrypted key - no password needed
PEMKeyPair ukp = (PEMKeyPair) object;
kp = converter.getKeyPair(ukp);
}
// RSA
KeyFactory keyFac = KeyFactory.getInstance("RSA");
RSAPrivateCrtKeySpec privateKey = keyFac.getKeySpec(kp.getPrivate(), RSAPrivateCrtKeySpec.class);
return privateKey;
And then you can call for example :
然后你可以调用例如:
privateKey.getModulus();
