我有一个用Java生成的RSA密钥对,我需要以编程方式将私钥写入openssl运行此命令时所执行的相同格式(并输入相应的提示数据,即密码保护)私钥):
openssl req -out request.csr -newkey rsa:2048 -keyout privkeyfile
生成密钥对的Java代码非常标准:
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(2048);
KeyPair keyPair = keyGen.genKeyPair();
运行该openssl命令(在我的Windows机器上)的示例输出是:
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI1c9lGdEA388CAggA
MBQGCCqGSIb3DQMHBAgKdWZEOyS2XgSCBMgI7b/vAeE6yz136BZkOzOPLv0uTz/Z
5mP4xO8IdAybE+PHJ71Mro4kgz+EMN39dk0ZWxbNnPpHGD+a6LfNKxos8fJL+dbz
dgc7I4fH9UQFLnYM64Xmq4aG66fIehuhqXBUUru+PJdBf5bfPDJDYAVEUsZ2J8bW
n4pLeS62Orwe+hhe/i/Y4gmgGAxGhUlDGc7T/N4RvhWUVNXQKGCGynj9Mv+LRzW6
rkGbBALQAKnj2tuihGSKhhR3WoNxTFqU9HsRGkzbJ5AiYhyBk7ObQw285TyIQS6k
OH25byIeaqzQ3Xn/wB6VrOQrsCvbWim1DZEIGRp6B+RKd0vUrkxFZRBsLdGXN1w/
bCM4dmhUJng2O+a9tSif7CC0emJqXgvkE2lGA9RMZltfOK+Kohi4L0WKxIX8TQqP
KzDhecSOaOkdXI0Tpho1QZDS6D+nvN2OiXlswgB0By3pkLdx4j7ZtjhqH/cg4rlE
8R1HzcilIrSlMK579UNGieis2wHaWobeinJqP6ruHK3HiAvG/WLFQ4TKexFa4/gy
EdXPaV9owRi+9nyRZGT8NsfzUDg5oTBLcg08uOlNHr8z8pF6a7l2sr4bzgcYFlko
BCIunMJpXYp/lUnL9daElbOPbGgeLNa8KfU7tXnzYsCg3iUx79fQUoql2pn2wMc3
0vQVTZ7/Enzl8cM2srl0uf1JMxMGOJ2kbdYZ8VwxaaMHnghN97eBsp+aRFCuAN4x
+D90ABBxRcBwzBOf8sT77vYXvQZNqUnzl5GJh2hlXCB5upNFqbSGaa6Yk+y4cw5e
3tB3/BHwZop2AAnPexnnQuCsn+SpCiLF+/agMouph61oWWJYQMwmUemNy/5G6AoP
KdBGqBAXonRSk8pBNqglHl0GOiBITl45+Bk4JBGM6+NcEpQ8B3OA+Vkj0n/aF/Iw
66Fo+UyA64fboC3q6DLxHZuTAY/giytwUW2QM4yFkEOm1v1WisTf0MO3Zt+ghuBn
8DG9MXGxP0XA9QzHAjCcDD8DK/hXsxaBg6xOV4bV+HhhJXsyWQAqcqKQro9Ik3L9
YvdJNU9BWyzKV79j5gYkDgLZgcA8QrGDArFZ5Hr9HdepBu8Njk09YDKJsfVMmk4E
6NbzxqHgPyYY3QtANLKg3EImBfuRHwfgfbaamrmYE0fSyh/QJMK0zDtDpkgiiTre
A8b16rBdBxZBSaO/J+Oje0pePLBRRhwX4WxcPsZeN5fO6S2NTECrWsf0jDG4D6pa
cannasXB4LoBifAYhKKTXFbQRY74wOxVfI7gw0qEjB7Jb1M2zCMwddgumOiCzGpu
d9voABJdGMdhwZ/FLbuxcr0y3p8Y5N9vW8ffSlxEtvhbPlszpgTPi2WWTNE+wTUQ
so4cvWFq9SP3Mg6Te6AStjdN1Mnhj2fb7ogxa5rsNxVrE/guRVgly4i9vG7Mi2Wd
bhT1vQypyL9g97nq0rRznDAjAtLenOagK4h+WJgZN2RpUhkWmO1trLGao/PrhgvD
8mOMCnZIQGMk5vS55druRoakPjsx4yZpzZvw5gPBXJ0H1KmbFUO1aSy/6N4nVBW+
Khr+ZHxboPD0zxJMzANjuOIJ/C46Hx5Wb/VP49NDmOLzLAi3+YSAhi3PB9D8vzxQ
MwM=
-----END ENCRYPTED PRIVATE KEY-----
编辑更改了openssl
的示例输出编辑我尝试使用下面的代码用Java读取openssl生成的私钥文件,尝试获取一些参数,但最终得到以下异常:
Exception in thread "main" java.io.IOException: ObjectIdentifier() -- data isn't an object ID (tag = 48)
at sun.security.util.ObjectIdentifier.<init>(Unknown Source)
at sun.security.util.DerInputStream.getOID(Unknown Source)
at com.sun.crypto.provider.PBES2Parameters.engineInit(PBES2Parameters.java:267)
at java.security.AlgorithmParameters.init(Unknown Source)
at sun.security.x509.AlgorithmId.decodeParams(Unknown Source)
at sun.security.x509.AlgorithmId.<init>(Unknown Source)
at sun.security.x509.AlgorithmId.parse(Unknown Source)
at javax.crypto.EncryptedPrivateKeyInfo.<init>(EncryptedPrivateKeyInfo.java:95)
at crypto.ReadOpensslKey.main(ReadOpensslKey.java:35)
读取文件的Java代码:
package crypto;
import org.bouncycastle.util.encoders.Base64;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
public class ReadOpensslKey {
public static void main(String[] args) throws Exception {
String encrypted = new String(Files.readAllBytes(Paths.get("<insert path to openssl generated privkeyfile>")));
//Create object from encrypted private key
encrypted = encrypted.replace("-----BEGIN ENCRYPTED PRIVATE KEY-----", "");
encrypted = encrypted.replace("-----END ENCRYPTED PRIVATE KEY-----", "");
EncryptedPrivateKeyInfo pkInfo = new EncryptedPrivateKeyInfo(Base64.decode(encrypted)); // exception is thrown here
System.out.println(pkInfo.getAlgName());
PBEKeySpec keySpec = new PBEKeySpec("abcde".toCharArray()); // password
SecretKeyFactory pbeKeyFactory = SecretKeyFactory.getInstance(pkInfo.getAlgName());
PKCS8EncodedKeySpec encodedKeySpec = pkInfo.getKeySpec(pbeKeyFactory.generateSecret(keySpec));
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey encryptedPrivateKey = keyFactory.generatePrivate(encodedKeySpec);
}
}
答案 0 :(得分:1)
首先,你真的需要这种特定的格式,或者只是一种格式OpenSSL(以及使用OpenSSL的程序,如Apache httpd和nginx以及curl和PHP等等)可以使用吗?如果是后者,还有其他几种选择更简单,更好。但你没有问过,所以我不会回答。
其次,你必须有一个非常古老的OpenSSL。自2010年1.0.0版发布以来,req -newkey -keyout编写了PKCS8格式,而非传统的遗留格式。
第三,这种格式是PEM而不是DER;有传统的DER格式,但无法加密。 (PKCS8可以在DER或PEM中加密。)
第四,如果你可以使用BouncyCastle,它可以直接做到这一点;来自(任何最新版本)bcpkix在您的标准JCE org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator上使用PrivateKey,并使用JcePEMEncryptorBuilder指定DES-EDE3-CBC在内存中创建PEMObject,然后PEMWriter写出来。
即使你实际上不能使用BC,它也是开源的(设计非常好的IMO,虽然大多数都是轻微评论),它可以帮助你查看他们的代码。
那些说过,你问的内容是由PEM_write_RSAPrivateKey(应该在你的系统上,但是因为你的版本已经老了,你可能最好使用the web copy)的手册页(仅限于)在结尾附近加入'PEM加密格式',并结合EVP_BytesToKey的参考手册页。具体来说:
构造RSAPrivateKey from PKCS1 (currently rfc8017)的'传统'编码,而不是JCE PrivateKey.getEncoded()返回的PKCS8/rfc5208 PrivateKeyInfo编码。 PKCS8编码确实包含PKCS1编码作为一部分(PKCS8是围绕任意数量的算法特定编码的算法通用包装器),因此您可以从PKCS8中提取PKCS1(如BC所做)或直接从PKCS1构造PKCS1。关键部分n,e,d,p,q,dmp1,dmq1,qinvp。 (otherPrimeInfos仅适用于所谓的'multiprime'RSA,这意味着n超过2个因子,几乎没有人实际使用。)
使用应用于password||salt的MD5的一次(!)迭代从密码中导出实际加密密钥,其中salt是随机IV的副本(3DES为8字节)加上(因为这是不够)MD5(firstblock||password||salt)然后将总数截断为24个字节。
使用CBC(使用上述IV)和PKCS5填充来加密3DES(JCE称为DESEDE)。 (对于3DES或DES,密钥的每个字节的低位名义上是奇偶校验,但您不需要设置它们,因为JCE没有实现它们。)
使用每64个字符的换行符转换为base64,并添加BEGIN和END行以及标题行,正如您正确猜到的那样,包括十六进制的IV
答案 1 :(得分:0)
我最终使用以下代码使其工作:
import java.io.FileOutputStream;
import java.io.StringWriter;
import java.nio.charset.StandardCharsets;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Security;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PKCS8Generator;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.openssl.jcajce.JcaPKCS8Generator;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder;
import org.bouncycastle.operator.OutputEncryptor;
import org.bouncycastle.util.io.pem.PemObject;
public class WriteOpensslKey {
public static void main(String[] args) throws Exception {
// provider is needed for the encryptor builder
Security.addProvider(new BouncyCastleProvider());
// generate key pair
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA");
kpGen.initialize(2048, new SecureRandom());
KeyPair keyPair = kpGen.generateKeyPair();
// construct encryptor builder to encrypt the private key
JceOpenSSLPKCS8EncryptorBuilder encryptorBuilder = new JceOpenSSLPKCS8EncryptorBuilder(PKCS8Generator.AES_256_CBC);
encryptorBuilder.setRandom(new SecureRandom());
encryptorBuilder.setPasssword("password".toCharArray());
OutputEncryptor encryptor = encryptorBuilder.build();
// construct object to create the PKCS8 object from the private key and encryptor
JcaPKCS8Generator pkcsGenerator = new JcaPKCS8Generator(keyPair.getPrivate(), encryptor);
PemObject pemObj = pkcsGenerator.generate();
StringWriter stringWriter = new StringWriter();
try (JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter)) {
pemWriter.writeObject(pemObj);
}
// write PKCS8 to file
String pkcs8Key = stringWriter.toString();
FileOutputStream fos = new FileOutputStream("<path to output file>");
fos.write(pkcs8Key.getBytes(StandardCharsets.UTF_8));
fos.flush();
fos.close();
}
}
然后我可以使用openssl的私钥将文件签名为快速测试。
非常感谢@ dave_thompson_085指出我正确的方向!