从PEM BASE64编码的私钥文件中获取RSA私钥

我有一个私钥文件(PEM BASE64编码)。我想在其他地方使用它解密其他数据。使用Java,我尝试读取文件并解码其中的BASE64编码数据。这是我尝试的代码段。

import java.io.;

import java.nio.ByteBuffer;

import java.security.;

import java.security.spec.PKCS8EncodedKeySpec;

import com.ibm.crypto.fips.provider.RSAPrivateKey;

import com.ibm.misc.BASE64Decoder;

public class GetPrivateKey {

public static RSAPrivateKey get() throws Exception {

File privateKeyFile = new File(“privatekey.key”);

byte[] encodedKey = new byte[(int) privateKeyFile.length()];

new FileInputStream(privateKeyFile).read(encodedKey);

ByteBuffer keyBytes = new BASE64Decoder().decodeBufferToByteBuffer(encodedKey.toString());

PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(keyBytes.array());

KeyFactory kf = KeyFactory.getInstance(“RSA”, “IBMJCEFIPS”);

RSAPrivateKey pk = (RSAPrivateKey) kf.generatePrivate(privateKeySpec);

return pk;

}

public static void main(String[] args) throws Exception {

PrivateKey privKey = FormatMePlease.get();

System.out.println(privKey.toString());

}

}

我收到以下错误

Exception in thread “main” java.security.spec.InvalidKeySpecException: Inappropriate key specification: DerInputStream.getLength(): lengthTag=127, too big.

at com.ibm.crypto.fips.provider.RSAKeyFactory.b(Unknown Source)

at com.ibm.crypto.fips.provider.RSAKeyFactory.engineGeneratePrivate(Unknown Source)

at java.security.KeyFactory.generatePrivate(Unknown Source)

at GetPrivateKey.get(GetPrivateKey.java:24)

at GetPrivateKey.main(GetPrivateKey.java:29)

文件“ privatekey.key”的内容

-----BEGIN RSA PRIVATE KEY-----

MIIEuwIBADANBgkqhkiG9w0BAQEFAASCBKUwggShAgEAAoIBAF53wUbKmDHtvfOb8u1HPqEBFNNF

csnOMjIcSEhAwIQMbgrOuQ+vH/YgXuuDJaURS85H8P4UTt6lYOJn+SFnXvS82E7LHJpVrWwQzbh2

QKh13/akPe90DlNTUGEYO7rHaPLqTlld0jkLFSytwqfwqn9yrYpM1ncUOpCciK5j8t8MzO71LJoJ

g24CFxpjIS0tBrJvKzrRNcxWSRDLmu2kNmtsh7yyJouE6XoizVmBmNVltHhFaDMmqjugMQA2CZfL

rxiR1ep8TH8IBvPqysqZI1RIpB/e0engP4/1KLrOt+6gGS0JEDh1kG2fJObl+N4n3sCOtgaz5Uz8

8jpwbmZ3Se8CAwEAAQKCAQAdOsSs2MbavAsIM3qo/GBehO0iqdxooMpbQvECmjZ3JTlvUqNkPPWQ

vFdiW8PsHTvtackhdLsqnNUreKxXL5rr8vqi9qm0/0mXpGNi7gP3m/FeaVdYnfpIwgCe6lag5k6M

yv7PG/6N8+XrWyBdwlOe96bGohvB4Jp2YFjSTM67QONQ8CdmfqokqJ8/3RyrpDvGN3iX3yzBqXGO

jPkoJQv3I4lsYdR0nl4obHHnMSeWCQCYvJoZ7ZOliu/Dd0ksItlodG6s8r/ujkSa8VIhe0fnXTf0

i7lqa55CAByGN4MOR0bAkJwIB7nZzQKurBPcTAYJFFvAc5hgMnWT0XW83TehAoGBALVPGnznScUw

O50OXKI5yhxGf/XDT8g28L8Oc4bctRzI+8YfIFfLJ57uDGuojO/BpqtYmXmgORru0jYR8idEkZrx

gf62czOiJrCWTkBCEMtrNfFHQJQCQrjfbHofp7ODnEHbHFm7zdlbfNnEBBaKXxd2rVv4UTEhgftv

wsHcimbXAoGBAIViWrHWElMeQT0datqlThE/u51mcK4VlV7iRWXVa1/gAP85ZAu44VvvDlkpYVkF

zSRR+lHSOzsubDMN45OBQW6UA3RPg4TCvrTOmhQUeF5XPuSdcD0R2At6pdaLwAKnOtILg13Ha6ym

Igjv8glodvem3hWLmpHIhNBiaXtf8wqpAoGADH5a8OhvKOtd8EChGXyp9LDW+HRw9vbyN/gi9dQX

ltgyoUBb1jDllgoJSRHgRFUvyvbb/ImR5c03JwqtiQ8siWTC9G5WGeS+jcSNt9fVmG7W1L14MbrG

Jj8fFns/7xrOlasnlPdgA+5N+CONtI/sZY2D/KZr0drhPhZBcWJlFxkCgYAn+4SOPEo/6hjKNhA6

vER7fSxDEVsDg+rDh3YgAWpvUdlaqBxqOyAqi600YugQZGHK2lv7vNYOdmrunuIx7BPuDqY+bjtR

R4Mc9bVQAZbXSLXMl7j2RWwKfNhLSJbk9LX4EoVtTgLjvOUE4tAdq9fFgpqdwLwzqPTO9kECP4++

CQKBgH6tO/xcNxG/uXUideluAn3H2KeyyznZMJ7oCvzf26/XpTAMI243OoeftiKVMgxuZ7hjwqfn

/VHXABc4i5gchr9RzSb1hZ/IqFzq2YGmbppg5Ok2cgwalDoDBi21bRf8aDRweL62mO+7aPnCQZ58

j5W72PB8BAr6xg0Oro25O4os

-----END RSA PRIVATE KEY-----

类似的问题已经在这里发布,但对我而言这些都无济于事。几乎所有人都建议使用Bouncycastle提供程序,该提供程序不愿意使用应该使用的FIPS兼容提供程序,并且不确定BC提供程序是否符合FIPS。

非常感谢您提供帮助,…谢谢。

回答:

由于缺少ASN1支持,因此解析PKCS1(在Android上仅开箱即用的PKCS8格式)键是一项繁琐的任务,但如果包含Spongy castle jar以读取DER Integers,则可以解决。

String privKeyPEM = key.replace(

"-----BEGIN RSA PRIVATE KEY-----\n", "")

.replace("-----END RSA PRIVATE KEY-----", "");

// Base64 decode the data

byte[] encodedPrivateKey = Base64.decode(privKeyPEM, Base64.DEFAULT);

try {

ASN1Sequence primitive = (ASN1Sequence) ASN1Sequence

.fromByteArray(encodedPrivateKey);

Enumeration<?> e = primitive.getObjects();

BigInteger v = ((DERInteger) e.nextElement()).getValue();

int version = v.intValue();

if (version != 0 && version != 1) {

throw new IllegalArgumentException("wrong version for RSA private key");

}

/**

* In fact only modulus and private exponent are in use.

*/

BigInteger modulus = ((DERInteger) e.nextElement()).getValue();

BigInteger publicExponent = ((DERInteger) e.nextElement()).getValue();

BigInteger privateExponent = ((DERInteger) e.nextElement()).getValue();

BigInteger prime1 = ((DERInteger) e.nextElement()).getValue();

BigInteger prime2 = ((DERInteger) e.nextElement()).getValue();

BigInteger exponent1 = ((DERInteger) e.nextElement()).getValue();

BigInteger exponent2 = ((DERInteger) e.nextElement()).getValue();

BigInteger coefficient = ((DERInteger) e.nextElement()).getValue();

RSAPrivateKeySpec spec = new RSAPrivateKeySpec(modulus, privateExponent);

KeyFactory kf = KeyFactory.getInstance("RSA");

PrivateKey pk = kf.generatePrivate(spec);

} catch (IOException e2) {

throw new IllegalStateException();

} catch (NoSuchAlgorithmException e) {

throw new IllegalStateException(e);

} catch (InvalidKeySpecException e) {

throw new IllegalStateException(e);

}

以上是 从PEM BASE64编码的私钥文件中获取RSA私钥 的全部内容, 来源链接: utcz.com/qa/430678.html

回到顶部