如何在 Java 中获取 RSA 密钥的大小
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2922622/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to get the size of a RSA key in Java
提问by Tom Brito
Given an java.security.interfaces.RSAKey, how do I get it's size?
给定一个 java.security.interfaces.RSAKey,我如何获得它的大小?
回答by David M
You could try this:
你可以试试这个:
key.getModulus().bitLength();
回答by Jacob Mattison
The size of an RSA key is the number of bits in its modulus, so you want
myRSAKey.getModulus().bitLength().
RSA 密钥的大小是其模数中的位数,因此您需要
myRSAKey.getModulus().bitLength().
回答by John L
(EDIT: I wrote this response before I understood the restrictions placed on the prime integers that are generated for an RSA key. http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdfI now believe that any good key generator should ensure that the modulus is between 2^(n-1) and 2^n-1. Thus the minimal two's-complement representation of the modulus will always have exactly the number of bits that were specified for the key length at the time of key creation. So, for example, if you create a 2048-bit key, then key.getModulus().bitLength() will always return 2048.)
(编辑:在我理解为 RSA 密钥生成的素数的限制之前,我写了这个回复。http: //csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf我现在相信任何好的密钥生成器都应该确保模数在 2^(n-1) 和 2^n-1 之间。因此,模数的最小二进制补码表示将始终具有为创建密钥时的密钥长度。因此,例如,如果您创建一个 2048 位的密钥,那么 key.getModulus().bitLength() 将始终返回 2048。)
Pardon, but doesn't key.getModulus().bitLength()return an incorrect value when the most significant bit of the modulus is a 0? For example, for a 2048-bit key, if the most significant bit of the modulus is 0, then key.getModulus().bitLength()will return 2047 (or less if more bits are 0). I would think the desired result in such a case would actually be 2048.
请原谅,但当key.getModulus().bitLength()模数的最高有效位为 0 时不会返回不正确的值?例如,对于 2048 位密钥,如果模数的最高有效位为 0,key.getModulus().bitLength()则将返回 2047(如果更多位为 0,则返回更少)。我认为在这种情况下所需的结果实际上是 2048。
The documentation for BigInteger.bitLength()reads as follows:
BigInteger.bitLength()的文档如下:
Returns the number of bits in the minimal two's-complement representation of this BigInteger, excluding a sign bit. For positive BigIntegers, this is equivalent to the number of bits in the ordinary binary representation. (Computes (ceil(log2(this < 0 ? -this : this+1))).)
返回此 BigInteger 的最小二进制补码表示中的位数,不包括符号位。对于正 BigIntegers,这相当于普通二进制表示中的位数。(计算 (ceil(log2(this < 0 ? -this : this+1)))。)
I am afraid that one needs to make some assumptions about what sizes the key could be. You'll have to assume, for example, that you will only ever see 1024, 2048, or 4096-bit keys and then do something like:
恐怕需要对密钥的大小做出一些假设。例如,您必须假设您只会看到 1024、2048 或 4096 位密钥,然后执行以下操作:
int keySize;
int bitLength = key.getModulus().bitLength();
if (bitLength <= 512) {
throw new IllegalArgumentException(...)
}
else if (bitLength <= 1024) {
keySize = 1024;
}
else if (bitLength <= 2048) {
keySize = 2048;
}
else if (bitLength <= 4096) {
keySize = 4096;
}
else {
throw new IllegalArgumentException(...)
}
return keySize;
This code can still be wrong on the (VERY rare) occasion, for example, when the first 1048 bits of a 2048 bit key are all 0. I think that is not something to worry about, though.
在(非常罕见的)情况下,此代码仍然可能出错,例如,当 2048 位密钥的前 1048 位全部为 0 时。不过,我认为这不必担心。
