原文地址:http://www.thinkingquest.net/articles/391.html?utm_source=tuicool

支付宝接口开发相关:
openssl 加密工具 支付宝“手机网站支付“开发包里面有,下载地址:https://b.alipay.com/order/techService.htm 
生成命令使用说明:

RSA密钥生成命令
  生成RSA私钥
  openssl>genrsa -out rsa_private_key.pem 1024
  生成RSA公钥
  openssl>rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
  将RSA私钥转换成PKCS8格式
  openssl>pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt

注意:“>”符号后面的才是需要输入的命令。

  

 

openssl默认使用的是PEM格式,经过base64。

生成pem格式的私钥:
openssl genrsa -out private_key.pem 1024

生成公钥:
openssl rsa -in private_key.pem -pubout -out public_key.pem

产生的密钥如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
[wind@localhost key]$ cat private_key.pem
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u
VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36
KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB
AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo
AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5
rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV
xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO
0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC
u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep
3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD
bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK
OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu
i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao=
-----END RSA PRIVATE KEY-----
[wind@localhost key]$
[wind@localhost key]$
[wind@localhost key]$ openssl rsa -in private_key.pem -pubout -out public_key.pem
writing RSA key
[wind@localhost key]$ cat public_key.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q
URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R
pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ
JkgyKcWqnz5aL3FMXQIDAQAB
-----END PUBLIC KEY-----

某些语言需要pkcs8格式的公钥。 (php就不需要了)
使用openssl将刚才生成的公钥转为pkcs#8格式:
openssl pkcs8 -topk8 -inform PEM -in private_key.pem -outform PEM -nocrypt -out private_key_pkcs8.pem

下面附上java和php语言的加解密demo代码:
php:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<?php
$pri = "-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u
VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36
KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB
AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo
AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5
rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV
xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO
0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC
u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep
3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD
bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK
OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu
i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao=
-----END RSA PRIVATE KEY-----";
 
$pub = "-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q
URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R
pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ
JkgyKcWqnz5aL3FMXQIDAQAB
-----END PUBLIC KEY-----";
 
 
$data = "message";
 
echo "\n<br/>\n";
openssl_public_encrypt($data, $crypted, $pub);
echo base64_encode($crypted);
 
echo "\n<br/>\n";
 
openssl_private_decrypt($crypted, $decrypted, $pri);
echo $decrypted;
?>

下面是java版:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package com.qihoo.srouter.rom;
 
import java.security.KeyFactory;
import java.security.PublicKey;
 
import sun.misc.*;
 
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
 
import javax.crypto.Cipher;
 
import sun.misc.BASE64Decoder;
 
public class TestRSA {
 
    public static String PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----" + "\n" +
            "MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u" + "\n" +
            "VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36" + "\n" +
            "KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB" + "\n" +
            "AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo" + "\n" +
            "AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5" + "\n" +
            "rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV" + "\n" +
            "xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO" + "\n" +
            "0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC" + "\n" +
            "u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep" + "\n" +
            "3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD" + "\n" +
            "bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK" + "\n" +
            "OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu" + "\n" +
            "i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao=" + "\n" +
            "-----END RSA PRIVATE KEY-----";
     
    public static String PRIVATE_KEY_PKCS8 = "-----BEGIN PRIVATE KEY-----" + "\n" +
            "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJ3dXn4aOk7Co2Sz" + "\n" +
            "0+ugMZplPapREAC4Ch0dxQzc/WaeE6HiXi5V2+Re6dQjsrpcODpe714vVYNBzqop" + "\n" +
            "ez84P3UtL5GmQgBvaAxTyEas19HfiLNmHfop19acRCmeICIWweyDZ10Bo+0Zlnz+" + "\n" +
            "OmO4+rfYhVkmSDIpxaqfPlovcUxdAgMBAAECgYAkV2S8ZO9NWFNjCF7d3Gfu4iWb" + "\n" +
            "AsRLVhLF9yd4uZsAN53PY5xI0G0pmov70SgA7N/o2BgEt6LY75pS4+/CcwFwbKKM" + "\n" +
            "WZGhkZUSPvRQ/SaeDICS9j+O4DrRAN7mRjmuyqPitodR/iIMrzmc3DNe7uEiU8Cf" + "\n" +
            "5mYf57YR6TCjWuaBBQJBAMl6u5x8EqTeqtXFLk1Fb32UoyiYiwwfnlKL6tuueTxp" + "\n" +
            "TdJJFIPq6KXcPK2/R6stltz13Q2vpKYFmA7SrM6NcMMCQQDIlUaAcw24xukeeKb3" + "\n" +
            "ccA/vBx6OYzHus/jO63Dg4KIeta/eQ3xZQK7zbq1pEW066JeFDdfz61vSXiJ9p76" + "\n" +
            "8nxfAkARya4qoKGcwLPgb6oo1EqFkcvd16nfBiOaMhQoFP1LIhjmyeDvzJuBmTIa" + "\n" +
            "PNr89+dr1qEPhkRJDBFiraLoEYC1AkEAnINuadhdAqujR7WZg0dtXc4o4m55nXf1" + "\n" +
            "szfkFMVPW7OOUgXhjVTmVyjm4cl24v9iyMo5kzd3+3h26CBaWTJRPQJAF2yNzt5D" + "\n" +
            "2ujGmGtbhD/pnCLQRDjHEzhKDE9jVG+QoW6LQd1gGPkpF0husBuKxTJB4rMHv7qh" + "\n" +
            "Mkfn6RkBT+nFqg==" + "\n" +
            "-----END PRIVATE KEY-----";
 
    public static String PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----" + "\n" +
            "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q" + "\n" +
            "URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R" + "\n" +
            "pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ" + "\n" +
            "JkgyKcWqnz5aL3FMXQIDAQAB" + "\n" +
            "-----END PUBLIC KEY-----";
     
    public static void main(String[] args) {
         
        String text = "message";
         
        try {
            String priStr = PRIVATE_KEY_PKCS8.replaceAll("-----BEGIN PRIVATE KEY-----\n", "");
            priStr = priStr.replaceAll("-----END PRIVATE KEY-----", "");
            byte [] privateKeyBytes = new BASE64Decoder().decodeBuffer(priStr);
            PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);
             
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
             
            byte[] crypted = cipher.doFinal(text.getBytes());
             
            System.out.println(new BASE64Encoder().encode(crypted));
             
             
            //  decrypt blow.
             
            String pubStr = PUBLIC_KEY.replaceAll("-----BEGIN PUBLIC KEY-----\n", "");
            pubStr = pubStr.replaceAll("-----END PUBLIC KEY-----", "");
            byte [] publicKeyBytes = new BASE64Decoder().decodeBuffer(pubStr);
            X509EncodedKeySpec  pubKeySpec = new X509EncodedKeySpec(publicKeyBytes);
            keyFactory = KeyFactory.getInstance("RSA");
            PublicKey publicKey = keyFactory.generatePublic(pubKeySpec);
             
            cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.DECRYPT_MODE, publicKey);
             
            byte[] bytes = cipher.doFinal(crypted);
            System.out.println(new String(bytes, "ISO-8859-1"));
             
             
        } catch (Exception e) {
            e.printStackTrace();
        }
         
    }
 
}
 
需要注意的是,java的代码中的private key必须使用pkcs#8格式的。
java加密  php解密 也是没问题的。

openssl生成RSA格式,并转为pkcs8格式的更多相关文章

  1. windows 下 openssl 生成RSA私钥公钥以及PKCS8

    生成RSA私钥 打开bin文件夹下面的openssl.exe,输入genrsa -out rsa_private_key.pem 1024 把RSA私钥转换成PKCS8格式 输入命令pkcs8 -to ...

  2. Openssl生成RSA公私钥以及将公钥转换成C#支持的格式

    Openssl生成RSA公私钥以及将公钥转换成C#支持的格式 1.RSA算法介绍 RSA算法是一种非对称密码算法,所谓非对称,就是指该算法需要一对密钥,使用其中一个加密,则需要用另一个才能解密.RSA ...

  3. 如何使用openssl生成RSA公钥和私钥对

      在ubuntu上要使用openssl的话需要先进行安装,命令如下: sudo apt-get install openssl 安装完成就可以使用openssl了. 首先需要进入openssl的交互 ...

  4. openssl生成rsa公私钥

    1.生成私钥pem,  执行命令openssl genrsa -out rsa_private_key.pem 1024 2.生成公钥,执行命令openssl rsa -in rsa_private_ ...

  5. 在Linux下如何使用openssl生成RSA公钥和私钥对

    在<Java实现RSA密钥对并在加解密.加签验签中应用的实例>中,我们有用Java代码生成RSA密钥对,其实在Linux操作系统中,用openssl也是很容易生成密钥对的. 一.如果在ub ...

  6. openssl生成RSA公钥和私钥对

    在ubuntu上要使用openssl的话需要先进行安装,命令如下: sudo apt-get install openssl 安装完成就可以使用openssl了. 首先需要进入openssl的交互界面 ...

  7. 使用openssl生成RSA公钥和私钥对

    在ubuntu上要使用openssl的话需要先进行安装,命令如下: sudo apt-get install openssl 安装完成就可以使用openssl了. 首先需要进入openssl的交互界面 ...

  8. openssl生成RSA密钥证书

    1.openssl的安装 2.RSA密钥证书的生成 3.openssl的常用命令 1.openssl的安装 openssl 是目前最流行的 SSL 密码库工具,其提供了一个通用.健壮.功能完备的工具套 ...

  9. Windows 下使用OpenSSL生成RSA公钥和私钥

    Windows 下使用OpenSSL生成RSA公钥和私钥 (1)下载OpenSSL 可到该地址下载OpenSSL: https://www.openssl.org/source/(https://ww ...

随机推荐

  1. PHP 的try catch 报错捕获机制

    首先上代码: try { echo 'Never executed'; echo "<br>"; if(1<0){ echo 'end'; }else{ thro ...

  2. datagrid后台给每列添加js方法

    protected void dgExhList_ItemDataBound(object sender, DataGridItemEventArgs e) { string param = &quo ...

  3. C# - Sql数据类型的对应关系

    <Language From="SQL" To="C#"> <Type From="bigint" To="lo ...

  4. Switch Case语句中多个值匹配同一个代码块的写法

    switch ($p) { case 'home': case '': $current_home = 'current'; break; case 'users.online': case 'use ...

  5. TOM大师脚本-show space 多个版本,谢谢大牛们

    示例一 该脚本需区分 对象的管理方式是 自动还是 手动, 对手动管理方式 的表显示很全面 SQL> exec show_space_old('MAN_TAB','DEV','TABLE'); F ...

  6. iOS中JavaScript和OC交互

    转载自:http://www.devzeng.com/blog/ios-uiwebview-interaction-with-javascript.html 还可参考的文章:http://blog.c ...

  7. Java设计模式(学习整理)----装饰模式

    1.概念: (在我看来,模式就像是是一种思想,在这种思想的指引下,对代码和结构的一番加工和整合而已!都是套路!) 装饰模式又称包装(Wrapper)模式,是以对客户端透明的方式扩展对象的功能,是继承关 ...

  8. 非注解SpringMVC

    <!-- SpringMVC前端控制器 --> <servlet> <servlet-name>springmvc</servlet-name> < ...

  9. Android 学习手札(备注)

    1.在Android 应用程序中不能使用System.out.println(..)来输出信息,而要使用Log类中的静态方法输出调试信息. Log.d("onStart", &qu ...

  10. 简单实现tab标签页切换

    常见面试题: <!DOCTYPE html> <html lang="en"> <head> <meta charset="UT ...