java.security.Key.getEncoded() 是否以 DER 编码格式返回数据?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2931390/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Do java.security.Key.getEncoded() return data in DER encoded format?
提问by Tom Brito
采纳答案by ZZ Coder
Depending on the type of key. Most symmetric keys return raw bytes with no encoding. Most public keys uses ASN.1/DER encoding.
取决于钥匙的类型。大多数对称密钥返回没有编码的原始字节。大多数公钥使用 ASN.1/DER 编码。
You shouldn't care about how the key is encoded. Treat getEncoded as serialization function. It returns byte-stream representation of the key, which can be saved and converted back into the key later.
您不应该关心密钥的编码方式。将 getEncoded 视为序列化函数。它返回密钥的字节流表示,可以保存并稍后转换回密钥。
For RSA private keys, it's may be encoded as PKCS#1 or PKCS#8. PKCS#1 is the preferred encoding because it contains extra CRT parameters which speed up private key operations.
对于 RSA 私钥,它可能被编码为 PKCS#1 或 PKCS#8。PKCS#1 是首选编码,因为它包含可加速私钥操作的额外 CRT 参数。
Sun JCE always generates key pairs in PKCS#1 encoding so the private key is always encoded in this format defined in PKCS#1,
Sun JCE 始终以 PKCS#1 编码生成密钥对,因此私钥始终以 PKCS#1 中定义的这种格式进行编码,
--
-- Representation of RSA private key with information for the CRT algorithm.
--
RSAPrivateKey ::= SEQUENCE {
version Version,
modulus INTEGER, -- n
publicExponent INTEGER, -- e
privateExponent INTEGER, -- d
prime1 INTEGER, -- p
prime2 INTEGER, -- q
exponent1 INTEGER, -- d mod (p-1)
exponent2 INTEGER, -- d mod (q-1)
coefficient INTEGER, -- (inverse of q) mod p
otherPrimeInfos OtherPrimeInfos OPTIONAL
}
Version ::= INTEGER { two-prime(0), multi(1) }
(CONSTRAINED BY {-- version must be multi if otherPrimeInfos present --})
OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo
OtherPrimeInfo ::= SEQUENCE {
prime INTEGER, -- ri
exponent INTEGER, -- di
coefficient INTEGER -- ti
}
