在本文中,我们将给您介绍关于如何从RSAPrivatekey.pem文件中获取java.security.PrivateKey对象?的详细内容,并且为您解答java读取rsa私钥文件的相关问题,此外,
在本文中,我们将给您介绍关于如何从RSA Privatekey.pem文件中获取java.security.PrivateKey对象?的详细内容,并且为您解答java读取rsa私钥文件的相关问题,此外,我们还将为您提供关于.net 2.0 不支持 rsa.ImportRSAPrivateKey(privateKey, out _),任何人都可以建议另一种导入自定义私钥的方法、android 支付宝 KeyFactory PrivateKey、c# – 支持密码短语rsa privatekeys的SSH库、curl-users unable to set private key file ?的知识。
本文目录一览:- 如何从RSA Privatekey.pem文件中获取java.security.PrivateKey对象?(java读取rsa私钥文件)
- .net 2.0 不支持 rsa.ImportRSAPrivateKey(privateKey, out _),任何人都可以建议另一种导入自定义私钥的方法
- android 支付宝 KeyFactory PrivateKey
- c# – 支持密码短语rsa privatekeys的SSH库
- curl-users unable to set private key file ?
如何从RSA Privatekey.pem文件中获取java.security.PrivateKey对象?(java读取rsa私钥文件)
我有一个RSA私钥文件(OCkey.pem)。使用Java我必须从该文件中获取私钥。该密钥是使用以下openssl命令生成的。注意:我无法在下面的此openssl命令上进行任何更改。
openssl> req -newkey rsa:1024 -sha1 -keyout OCkey.pem -out OCreq.pem -subj "/C=country/L=city/O=OC/OU=myLab/CN=OCserverName/" -config req.conf证书如下所示。
///////////////////////////////////////////////////// //////////
bash-3.00美元少OCkey.pem
----- BEGIN RSA私钥-----
Proc-Type:4,ENCRYPTED
DEK-Info:DES-EDE3-CBC,EA1DBF8D142621BFBYyZuqyqq9 + L0UT8UxwkDHX7P7YxpKugTXE8NCLQWhdS3EksMsv4xNQsZSVrJxE3
Ft9veWuk + PlFVQG2utZlWxTYsUVIJg4KF7EgCbyPbN1cyjsi9FMfmlPXQyCJ72rd
…
…
cBlG80PT4t27h01gcCFRCBGHxiidh5LAATkApZMSfe6BBv4hYjkCmg ==
----- END RSA私钥-----
///////////////////// ///////////////////////////////////////////
以下是我尝试的
byte[] privKeyBytes = new byte[(int)new File("C:/OCkey.pem").length()]; PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(privKeyBytes));但是得到
“
java.security.spec.InvalidKeySpecException:java.security.InvalidKeyException:无效的密钥格式”
请帮忙。
答案1
小编典典确保私钥为DER格式,并且您使用的是正确的密钥规范。我相信您应该在此处将PKCS8用于privkeybytes
首先,您需要将私钥转换为二进制DER格式。使用OpenSSL的方法如下:
openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt最后,
public static PrivateKey getPrivateKey(String filename) throws Exception { File f = new File(filename); FileInputStream fis = new FileInputStream(f); DataInputStream dis = new DataInputStream(fis); byte[] keyBytes = new byte[(int) f.length()]; dis.readFully(keyBytes); dis.close(); PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes); KeyFactory kf = KeyFactory.getInstance("RSA"); return kf.generatePrivate(spec); }
.net 2.0 不支持 rsa.ImportRSAPrivateKey(privateKey, out _),任何人都可以建议另一种导入自定义私钥的方法
我已将 XML 格式的 privateKey 传递给 createToken 方法,这解决了我的问题。引用 C# RSA encryption/decryption with transmission。
android 支付宝 KeyFactory PrivateKey
public class SignUtils {
private static final String ALGORITHM = "RSA";
private static final String SIGN_ALGORITHMS = "SHA1WithRSA";
private static final String DEFAULT_CHARSET = "UTF-8";
public static String sign(String content, String privateKey) {
try {
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(
Base64.decode(privateKey));
KeyFactory keyf = KeyFactory.getInstance(ALGORITHM);
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initSign(priKey);
signature.update(content.getBytes(DEFAULT_CHARSET));
byte[] signed = signature.sign();
return Base64.encode(signed);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
}
第一开始,调用 KeyFactory keyf = KeyFactory.getInstance (ALGORITHM); 报错。如下:
java.security.spec.InvalidKeySpecException: java.lang.RuntimeException: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
KeyFactory keyf = KeyFactory.getInstance (ALGORITHM, "BC"); 加入了 “BC” 报如下错误:
com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ExtendedInvalidKeySpecException: unable to process key spec: java.lang.ClassCastException: com.android.org.bouncycastle.asn1.DLSequence cannot be cast to com.android.org.bouncycastle.asn1.ASN1Integer
最终因为传入私钥错误。需要重新生成私钥:
私钥的格式大约是这样:
c# – 支持密码短语rsa privatekeys的SSH库
需要一个SSH库.
我已经尝试过DotNetSSH,Renci.SshNet和SharpSsh.
Granados SSH库文档很少(至少我发现几乎没有),
所以我跳过这个.
所有这些库都有一个巨大的问题(恕我直言):他们无法打开SSH私有
带密码的密钥.
Renci.SshNet不支持AES.
DotNetSSH和SharpSsh使用jsch(java ssh库)作为基础,似乎有一个
bug(?)所以它不会解密私钥并不断要求密码.
使用用户名密码和没有密码短语的私钥连接效果很好
与SharpSsh.
有人已经有同样的问题吗?
或者是否有另一个C#SSH库与“RSA私钥和密码”支持?
Thx提前
解决方法
这是连接密钥文件密码的代码.
public void Connect(string host,int port,string user,string passphrase,string privateKeyFilePath) {
var keyFiles = new[] { new PrivateKeyFile(privateKeyFilePath,passphrase) };
var methods = new List<AuthenticationMethod>();
methods.Add(new PasswordAuthenticationMethod(user,passphrase));
methods.Add(new PrivateKeyAuthenticationMethod(user,keyFiles));
var con = new ConnectionInfo(host,port,user,methods.ToArray());
var client = new SshClient(con);
client.Connect();
// create an xterm shell
var Shell = client.CreateShellStream("xterm",80,24,800,600,1024);
// for reading & writing to the shell
var reader = new StreamReader(Shell);
var writer = new StreamWriter(Shell);
// ....
client.disconnect();
}
私钥文件格式
请注意,您的私钥文件必须是OpenSSH格式.如果在记事本中打开密钥文件,则必须在第一行显示“BEGIN RSA PRIVATE KEY”.
如果没有,则使用puttygen将私钥文件转换为OpenSSH格式.
>在puttygen中打开私钥>转到“转化”菜单,然后选择“导出OpenSSH密钥”.>将新密钥保存到文件并使用它.
curl-users unable to set private key file ?
转自:https://curl.haxx.se/mail/archive-2005-09/0138.html
Greetings CURL users!
I just subscribed to the list and would like to share a problem and it''s
solution, after a couple of hours working around it... I was going to write
to the list for help ;)
I was having problems using Curl to connect to a https server using a client
certificate. I believe i was doing everything by the book, but somehow Curl
kept complaining about the private key file.
1) I had a PKCS#12 file which contained the CA and Client certificates and
the private key: "MULTICERT.p12"
2) I convert it to PEM format with:
openssl pkcs12 -in MULTICERT.p12 -out cert.pem
Enter Import Password:
MAC verified OK
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
and the file cert.pem was created with all the certificates and the private
key (i used "xxxxxx" for the PEM pass phrase).
3) However when i used Curl to connect to the https server
curl -d "var1=value1&var2=value2&..." -G -v --cert cert.pem:xxxxxx
https://www.somesite.com/page
* About to connect() to www.somesite.com port 443
* Trying 123.123.123.123... * connected
* Connected to www.somesite.com (123.123.123.123) port 443
* unable to set private key file: ''cert.pem'' type PEM
* Closing connection #0
curl: (58) unable to set private key file: ''cert.pem'' type PEM
4) So then i tried to put the CA certificate, Client Certificate and Private
Key in separate files:
openssl pkcs12 -in MULTICERT.p12 -out ca.pem -cacerts -nokeys
openssl pkcs12 -in MULTICERT.p12 -out client.pem -clcerts -nokeys
openssl pkcs12 -in MULTICERT.p12 -out key.pem -nocerts
and then i tried Curl again:
curl -d "var1=value1&var2=value2&..." -G -v --key key.pem --cacert
ca.pem --cert client.pem:xxxxxx https://www.somesite.com/page
and it worked!!! :)
Still don''t know why the first method - having everything in one cert file -
didn''t work...!?
Maybe the proivate key was''nt on the right order...
Well, anyway, hope this helps anyone
Cheers!
今天关于如何从RSA Privatekey.pem文件中获取java.security.PrivateKey对象?和java读取rsa私钥文件的讲解已经结束,谢谢您的阅读,如果想了解更多关于.net 2.0 不支持 rsa.ImportRSAPrivateKey(privateKey, out _),任何人都可以建议另一种导入自定义私钥的方法、android 支付宝 KeyFactory PrivateKey、c# – 支持密码短语rsa privatekeys的SSH库、curl-users unable to set private key file ?的相关知识,请在本站搜索。
本文标签:
