读取加密的PKCS8 SpongyCastle Java
[英]Read encrypted PKCS8 SpongyCastle Java
问题描述
I am following the code in: https://stackoverflow.com/a/18161536/1753951 but I am getting an Exception in the following line: 
我正在遵循以下代码: https : //stackoverflow.com/a/18161536/1753951,但以下行中出现异常:
FileInputStream fis = new FileInputStream(priv);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int)priv.length()];
dis.readFully(keyBytes);
dis.close();
javax.crypto.EncryptedPrivateKeyInfo encryptPKInfo = new EncryptedPrivateKeyInfo(keyBytes);
//Exception:
org.apache.harmony.security.asn1.ASN1Exception: Wrong content length
I am trying to read a .key/.pem PKCS8 file which is: 我正在尝试读取.key / .pem PKCS8文件,该文件是:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK Info: AES-256-CBC,8AFF348907C84F2F6370A216DC0D55D9
1VIjJD3dZ5/wYnIm0mtp8d22RC24yGcY9LXgeHUDbyPJQa8PjupubFqKrpOodvQx
dPfE1F3XeY8oVG42ZfR4287X4V16n++BQCeDiuvyrwacLMAuQz6PFLT4b/Py89Cm
761UZpaWnH0PHfJqB9CHqC+pGAGfRF5vj7UtdNchCwBmo+7gvU5iGyYXNRJ/hPnU
V+8QDzro4kFIMOlDzHaJ3KN1Ftbb9LDjDNE/NShbRrAFAWJMZSY/ZjF8mfqggkoZ
%%%%% SKIPPED MOST OF IT %%%%%%%%%%
BMIl0y5XVgPwkApA30EdgV4YAZEJ+wQLnYIZfCklqzvCfyjxHFViVW6d41WNm8bx
wl28v4QJKlnf7KNcmmGwSmjKo7BEASSZ+XVYRu0R6FaE+Job5YzPrtUI+p/kf7et
Y+jUDbZ4BPvB8j2ZscNRs+pJkEXxPt5JKW/oQMQZPlbTtSV5K1IqiuVcRi9TbCzk
nWDSfI/wxt6cK3X9XvyOpOZDCDPchkIhDhCzfitd7fzkM1VBekwsliJwjgc1bwbc
nI4AhQcNb8li7oX1M2osyeR3zF25BDb2A04Zm1lMrWkFrypb24DKkSJxYEH33Gpu
-----END RSA PRIVATE KEY-----
2 个解决方案
解决方案1
1 已采纳 2014-05-07 21:04:31
After looking long time for a solution I stumbled with a library that helps me and works on android. 在寻找解决方案很长时间后,我偶然发现了一个对我有帮助的库,可在android上运行。 Not-Yet-Commons 还未共享
http://juliusdavies.ca/commons-ssl/ http://juliusdavies.ca/commons-ssl/
FileInputStream in = new FileInputStream( "/path/to/pkcs8_private_key.der" );
PKCS8Key pkcs8 = new PKCS8Key( in, "changeit".toCharArray() );
byte[] decrypted = pkcs8.getDecryptedBytes();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec( decrypted );
// A Java PrivateKey object is born.
PrivateKey pk = null;
if ( pkcs8.isDSA() )
{
pk = KeyFactory.getInstance( "DSA" ).generatePrivate( spec );
}
else if ( pkcs8.isRSA() )
{
pk = KeyFactory.getInstance( "RSA" ).generatePrivate( spec );
}
// For lazier types (like me):
pk = pkcs8.getPrivateKey();
解决方案2
0 2014-03-20 06:02:39
javax.crypto.EncryptedPrivateKeyInfo expects a DER-encoded input, while the contents of your file are obviously in the PEM encoding. javax.crypto.EncryptedPrivateKeyInfo需要DER编码的输入,而文件的内容显然采用PEM编码。
The relation between PEM and DER is this: PEM和DER之间的关系是这样的:
- The DER is the actual ASN.1-encoded data as a sequence of bytes. DER是作为字节序列的实际ASN.1编码数据。
- The PEM is text-based with all these
-----BEGIN SOMETHING-----and-----END SOMETHING-----headers and Base64-encoded data inside.PEM基于文本,其中包含所有这些-----BEGIN SOMETHING-----和-----END SOMETHING-----标头以及内部的Base64编码数据。 Basically, PEM is header+Base64(DER)+footer.基本上,PEM是页眉+ Base64(DER)+页脚。
You need to convert your key into DER format, for example using the OpenSSL pkey command : 您需要将密钥转换为DER格式,例如使用OpenSSL pkey命令 :
openssl pkey -in key.pem -outform DER -out key.der
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.