使用Java中的RSA公钥文件加密AES密钥

Question

I have RSA public and private key in two different files. This is what I've done so far.

    public SecretKey getAESkey() throws Exception, NoSuchAlgorithmException{        
      KeyGenerator generator = KeyGenerator.getInstance("AES");
      generator.init(128);
      SecretKey sKey = generator.generateKey();
      return sKey;  // will be passed to encryptSecretKey method
   }

    public byte[] encryptSecretKey (SecretKey sKey)
    {
      Cipher cipher = null;
      byte[] key = null;

      try
      {
        // initialize the cipher with the user's public key
        cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(Cipher.ENCRYPT_MODE, keyHolder.keyPair.getPublic() );
        key = cipher.doFinal(sKey.getEncoded());
      }
      catch(Exception e )
      {
         e.printStackTrace();
      }
      return key;
  }

I have been doing it wrong. I made an object(keyHolder) that holds the public and private key. And I am trying to have access to its public key by calling getPublic() method. But instead, I'd like to access my public key file directly and read its byte stream to encrypt my AES key. How do I do that?

Answer 1

To save the RSA public key you can simply call PublicKey.getEncoded() which returns a byte array.

To retrieve the RSA public key you would use an instance of a KeyFactory of type "RSA" and generate the public key using an X509EncodedKeySpec that accepts the same byte array.

The rest is just normal off-the-mill binary file I/O.

---

The key will be saved in a DER encoded SubjectPublicKeyInfo structure as used in X509 certificate structures (hence the name of the X509EncodedKeySpec ). The PKCS#1 compatible RSA public key is embedded within that structure. The additional information is used to indicate the specific key type.

You can use openssl asn1parse -inform DER -in <publickey.der> to view the contents of the file.