原文地址:https://stackoverflow.com/questions/7611383/generating-rsa-keys-in-pkcs1-format-in-java

When I generate an RSA key pair using the Java API, the public key is encoded in the X.509 format and the private key is encoded in the PKCS#8 format. I'm looking to encode both as PKCS#1. Is this possible? I've spent a considerable amount of time going through the Java docs but haven't found a solution. The result is the same when I use the Java and the Bouncy Castle providers.

Here is a snippet of the code:

KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA","BC");

keygen.initialize(1024);

KeyPair pair = keygen.generateKeyPair();

PrivateKey priv = pair.getPrivate();

PublicKey pub = pair.getPublic();

byte[] privBytes = priv.getEncoded();

byte[] pubBytes = pub.getEncoded();

The two resulting byte arrays are formatted as X.509 (public) and PKCS#8 (private).

Any help would be much appreciated. There are some similar posts but none really answer my question.

Thank You

You will need BouncyCastle:

import org.bouncycastle.asn1.ASN1Encodable;

import org.bouncycastle.asn1.ASN1Primitive;

import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;

import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;

import org.bouncycastle.util.io.pem.PemObject;

import org.bouncycastle.util.io.pem.PemWriter;

The code snippets below have been checked and found working with Bouncy Castle 1.52.

Private key

Convert private key from PKCS8 to PKCS1:

PrivateKey priv = pair.getPrivate();

byte[] privBytes = priv.getEncoded();

PrivateKeyInfo pkInfo = PrivateKeyInfo.getInstance(privBytes);

ASN1Encodable encodable = pkInfo.parsePrivateKey();

ASN1Primitive primitive = encodable.toASN1Primitive();

byte[] privateKeyPKCS1 = primitive.getEncoded();

Convert private key in PKCS1 to PEM:

PemObject pemObject = new PemObject("RSA PRIVATE KEY", privateKeyPKCS1);

StringWriter stringWriter = new StringWriter();

PemWriter pemWriter = new PemWriter(stringWriter);

pemWriter.writeObject(pemObject);

pemWriter.close();

String pemString = stringWriter.toString();

Check with command line OpenSSL that the key format is as expected:

openssl rsa -in rsa_private_key.pem -noout -text

Public key

Convert public key from X.509 SubjectPublicKeyInfo to PKCS1:

PublicKey pub = pair.getPublic();

byte[] pubBytes = pub.getEncoded();

SubjectPublicKeyInfo spkInfo = SubjectPublicKeyInfo.getInstance(pubBytes);

ASN1Primitive primitive = spkInfo.parsePublicKey();

byte[] publicKeyPKCS1 = primitive.getEncoded();

Convert public key in PKCS1 to PEM:

PemObject pemObject = new PemObject("RSA PUBLIC KEY", publicKeyPKCS1);

StringWriter stringWriter = new StringWriter();

PemWriter pemWriter = new PemWriter(stringWriter);

pemWriter.writeObject(pemObject);

pemWriter.close();

String pemString = stringWriter.toString();

Check with command line OpenSSL that the key format is as expected:

openssl rsa -in rsa_public_key.pem -RSAPublicKey_in -noout -text

Thanks

Many thanks to the authors of the following posts:

Those posts contained useful, though sometimes outdated info (i.e. for older versions of BouncyCastle), that helped me to construct this post.

Generating RSA keys in PKCS#1 format in Java--转的更多相关文章

  1. Generating SSH Keys [Ubuntu Linux]

    Generating SSH Keys We strongly recommend using an SSH connection when interacting with GitHub. SSH ...

  2. String.Format in Java and C#

    原文:String.Format in Java and C# JDK1.5中,String类新增了一个很有用的静态方法String.format(): format(Locale l, String ...

  3. Generating SSH Keys on windows

    two ways here I provide: use openSSH command line on git bash(such as msysgit bash) ls -al ~/.ssh ss ...

  4. 生成ssh公有密钥而且注冊到Github Generate ssh rsa keys and register public key on Github

    私有密钥和公有密钥是成对的两个文件,私有文件保存在自己的本机,公有密钥保存到还有一端的server,站点等. github就是一种站点. 仅仅有保存了私有密钥的机器才干訪问远程的server等. 使用 ...

  5. Generating SSH Keys for github

    由于最近电脑重装了Windows 8.1, 想用github维护一些代码.故不得不重新生成一下ssh key. 按https://help.github.com/articles/generating ...

  6. 使用 RSA 非对称加密保证数据不被篡改 java 例子代码

    原理: 对原始数据 生成有序的json 字符串,然后取 摘要,然后 对摘要 进项 分对称加密.( 不对原数据加密是应为 原数据太大,加解密速度太慢,非对称加密都不 挺慢的.在摘要函数具有雪崩效应 ,原 ...

  7. hadoo namenode format 异常 java.net.UnknownHostException: localhost.localdomain: localhost.localdomain

    /etc/sysconfig/network换成你在hosts里设置的值 /etc/rc.d/init.d/network restart 重启网络 hostname后就会发现hostname变了,也 ...

  8. 基于RSA securID的Radius二次验证java实现(PAP验证方式)

    基于rsa SecurID的二次验证.RSA server自身可以作为Radius服务器,RSA也可以和其他的软件集合,使用其他的server作为Radius服务器. radius的验证的一般流程如下 ...

  9. 自己实现简单的RSA秘钥生成与加解密(Java )

    最近在学习PKI,顺便接触了一些加密算法.对RSA着重研究了一下,自己也写了一个简单的实现RSA算法的Demo,包括公.私钥生成,加解密的实现.虽然比较简单,但是也大概囊括了RSA加解密的核心思想与流 ...

随机推荐

  1. HDU 1754_I Hate It

    [题意]给定区间求最大值 [分析]线段树单点更新 [代码] #include<cstdio> #include<iostream> using namespace std; c ...

  2. hibernate dynamic-update="true"属性不起作用原因(转载)

    原文地址: https://yan-sa.iteye.com/blog/1913684 由于我在action层使用了注解多例@Scope("prototype"),而在dao层默认 ...

  3. react的类型检查PropTypes自React v15.5起已弃用,请使用prop-types

    最近使用React的类型检查PropTypes时,遇到错误:TypeError: Cannot read property 'array' of undefined 看了下自己的React版本:    ...

  4. Ubuntu下Zabbix安装及使用问题

    1.configure: error: MySQL library not found MySQL library not found root@kallen:~# apt-get install l ...

  5. win7下 sublime text2操作快捷键 - leafu

    Ctrl+L            选择整行(按住-继续选择下行)                           Ctrl+KK          从光标处删除至行尾               ...

  6. ppt五种经典字体组合

    在做ppt中常常为使用哪种字体而头疼,如今将ppt的经典字体附上.希望对大家有帮助 五种经典的字体组合 标题字体 正文字体 使用场合 方正综艺简体 微软雅黑 课题汇报.咨询报告.学术研讨等正式场合 方 ...

  7. presentModalViewController和dismissModalViewControllerAnimated的使用总结

    在实际开发中,如果要弹出视图: 我们常用到presentModalViewController方法和dismissModalViewControllerAnimated方法. presentModal ...

  8. Minimizing Maximizer

    题意: 最少需要多少个区间能完全覆盖整个区间[1,n] 分析: dp[i]表示覆盖[1,i]最少需要的区间数,对于区间[a,b],dp[b]=min(dp[a...b-1])+1;用线段树来维护区间最 ...

  9. linux CentOS中创建用户 无密码登录

    首先点击左上角的 “应用程序” -> “系统工具” -> “终端”,首先在终端中输入 su ,按回车,输入 root 密码以 root 用户登录,接着执行命令创建新用户 hadoop: 接 ...

  10. 洛谷P1365 WJMZBMR打osu! / Easy——期望DP

    题目:https://www.luogu.org/problemnew/show/P1365 平方和怎样递推? 其实就是 (x+1)^2 = x^2 + 2*x + 1: 所以我们要关注这里的 x — ...