原文地址:http://www.thinkingquest.net/articles/391.html?utm_source=tuicool

支付宝接口开发相关:
openssl 加密工具 支付宝“手机网站支付“开发包里面有,下载地址:https://b.alipay.com/order/techService.htm 
生成命令使用说明:

RSA密钥生成命令
  生成RSA私钥
  openssl>genrsa -out rsa_private_key.pem 1024
  生成RSA公钥
  openssl>rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
  将RSA私钥转换成PKCS8格式
  openssl>pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt

注意:“>”符号后面的才是需要输入的命令。

  

 

openssl默认使用的是PEM格式,经过base64。

生成pem格式的私钥:
openssl genrsa -out private_key.pem 1024

生成公钥:
openssl rsa -in private_key.pem -pubout -out public_key.pem

产生的密钥如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
[wind@localhost key]$ cat private_key.pem
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u
VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36
KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB
AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo
AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5
rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV
xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO
0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC
u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep
3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD
bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK
OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu
i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao=
-----END RSA PRIVATE KEY-----
[wind@localhost key]$
[wind@localhost key]$
[wind@localhost key]$ openssl rsa -in private_key.pem -pubout -out public_key.pem
writing RSA key
[wind@localhost key]$ cat public_key.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q
URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R
pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ
JkgyKcWqnz5aL3FMXQIDAQAB
-----END PUBLIC KEY-----

某些语言需要pkcs8格式的公钥。 (php就不需要了)
使用openssl将刚才生成的公钥转为pkcs#8格式:
openssl pkcs8 -topk8 -inform PEM -in private_key.pem -outform PEM -nocrypt -out private_key_pkcs8.pem

下面附上java和php语言的加解密demo代码:
php:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<?php
$pri = "-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u
VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36
KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB
AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo
AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5
rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV
xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO
0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC
u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep
3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD
bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK
OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu
i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao=
-----END RSA PRIVATE KEY-----";
 
$pub = "-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q
URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R
pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ
JkgyKcWqnz5aL3FMXQIDAQAB
-----END PUBLIC KEY-----";
 
 
$data = "message";
 
echo "\n<br/>\n";
openssl_public_encrypt($data, $crypted, $pub);
echo base64_encode($crypted);
 
echo "\n<br/>\n";
 
openssl_private_decrypt($crypted, $decrypted, $pri);
echo $decrypted;
?>

下面是java版:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package com.qihoo.srouter.rom;
 
import java.security.KeyFactory;
import java.security.PublicKey;
 
import sun.misc.*;
 
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
 
import javax.crypto.Cipher;
 
import sun.misc.BASE64Decoder;
 
public class TestRSA {
 
    public static String PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----" + "\n" +
            "MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u" + "\n" +
            "VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36" + "\n" +
            "KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB" + "\n" +
            "AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo" + "\n" +
            "AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5" + "\n" +
            "rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV" + "\n" +
            "xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO" + "\n" +
            "0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC" + "\n" +
            "u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep" + "\n" +
            "3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD" + "\n" +
            "bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK" + "\n" +
            "OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu" + "\n" +
            "i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao=" + "\n" +
            "-----END RSA PRIVATE KEY-----";
     
    public static String PRIVATE_KEY_PKCS8 = "-----BEGIN PRIVATE KEY-----" + "\n" +
            "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJ3dXn4aOk7Co2Sz" + "\n" +
            "0+ugMZplPapREAC4Ch0dxQzc/WaeE6HiXi5V2+Re6dQjsrpcODpe714vVYNBzqop" + "\n" +
            "ez84P3UtL5GmQgBvaAxTyEas19HfiLNmHfop19acRCmeICIWweyDZ10Bo+0Zlnz+" + "\n" +
            "OmO4+rfYhVkmSDIpxaqfPlovcUxdAgMBAAECgYAkV2S8ZO9NWFNjCF7d3Gfu4iWb" + "\n" +
            "AsRLVhLF9yd4uZsAN53PY5xI0G0pmov70SgA7N/o2BgEt6LY75pS4+/CcwFwbKKM" + "\n" +
            "WZGhkZUSPvRQ/SaeDICS9j+O4DrRAN7mRjmuyqPitodR/iIMrzmc3DNe7uEiU8Cf" + "\n" +
            "5mYf57YR6TCjWuaBBQJBAMl6u5x8EqTeqtXFLk1Fb32UoyiYiwwfnlKL6tuueTxp" + "\n" +
            "TdJJFIPq6KXcPK2/R6stltz13Q2vpKYFmA7SrM6NcMMCQQDIlUaAcw24xukeeKb3" + "\n" +
            "ccA/vBx6OYzHus/jO63Dg4KIeta/eQ3xZQK7zbq1pEW066JeFDdfz61vSXiJ9p76" + "\n" +
            "8nxfAkARya4qoKGcwLPgb6oo1EqFkcvd16nfBiOaMhQoFP1LIhjmyeDvzJuBmTIa" + "\n" +
            "PNr89+dr1qEPhkRJDBFiraLoEYC1AkEAnINuadhdAqujR7WZg0dtXc4o4m55nXf1" + "\n" +
            "szfkFMVPW7OOUgXhjVTmVyjm4cl24v9iyMo5kzd3+3h26CBaWTJRPQJAF2yNzt5D" + "\n" +
            "2ujGmGtbhD/pnCLQRDjHEzhKDE9jVG+QoW6LQd1gGPkpF0husBuKxTJB4rMHv7qh" + "\n" +
            "Mkfn6RkBT+nFqg==" + "\n" +
            "-----END PRIVATE KEY-----";
 
    public static String PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----" + "\n" +
            "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q" + "\n" +
            "URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R" + "\n" +
            "pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ" + "\n" +
            "JkgyKcWqnz5aL3FMXQIDAQAB" + "\n" +
            "-----END PUBLIC KEY-----";
     
    public static void main(String[] args) {
         
        String text = "message";
         
        try {
            String priStr = PRIVATE_KEY_PKCS8.replaceAll("-----BEGIN PRIVATE KEY-----\n", "");
            priStr = priStr.replaceAll("-----END PRIVATE KEY-----", "");
            byte [] privateKeyBytes = new BASE64Decoder().decodeBuffer(priStr);
            PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);
             
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
             
            byte[] crypted = cipher.doFinal(text.getBytes());
             
            System.out.println(new BASE64Encoder().encode(crypted));
             
             
            //  decrypt blow.
             
            String pubStr = PUBLIC_KEY.replaceAll("-----BEGIN PUBLIC KEY-----\n", "");
            pubStr = pubStr.replaceAll("-----END PUBLIC KEY-----", "");
            byte [] publicKeyBytes = new BASE64Decoder().decodeBuffer(pubStr);
            X509EncodedKeySpec  pubKeySpec = new X509EncodedKeySpec(publicKeyBytes);
            keyFactory = KeyFactory.getInstance("RSA");
            PublicKey publicKey = keyFactory.generatePublic(pubKeySpec);
             
            cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.DECRYPT_MODE, publicKey);
             
            byte[] bytes = cipher.doFinal(crypted);
            System.out.println(new String(bytes, "ISO-8859-1"));
             
             
        } catch (Exception e) {
            e.printStackTrace();
        }
         
    }
 
}
 
需要注意的是,java的代码中的private key必须使用pkcs#8格式的。
java加密  php解密 也是没问题的。

openssl生成RSA格式,并转为pkcs8格式的更多相关文章

  1. windows 下 openssl 生成RSA私钥公钥以及PKCS8

    生成RSA私钥 打开bin文件夹下面的openssl.exe,输入genrsa -out rsa_private_key.pem 1024 把RSA私钥转换成PKCS8格式 输入命令pkcs8 -to ...

  2. Openssl生成RSA公私钥以及将公钥转换成C#支持的格式

    Openssl生成RSA公私钥以及将公钥转换成C#支持的格式 1.RSA算法介绍 RSA算法是一种非对称密码算法,所谓非对称,就是指该算法需要一对密钥,使用其中一个加密,则需要用另一个才能解密.RSA ...

  3. 如何使用openssl生成RSA公钥和私钥对

      在ubuntu上要使用openssl的话需要先进行安装,命令如下: sudo apt-get install openssl 安装完成就可以使用openssl了. 首先需要进入openssl的交互 ...

  4. openssl生成rsa公私钥

    1.生成私钥pem,  执行命令openssl genrsa -out rsa_private_key.pem 1024 2.生成公钥,执行命令openssl rsa -in rsa_private_ ...

  5. 在Linux下如何使用openssl生成RSA公钥和私钥对

    在<Java实现RSA密钥对并在加解密.加签验签中应用的实例>中,我们有用Java代码生成RSA密钥对,其实在Linux操作系统中,用openssl也是很容易生成密钥对的. 一.如果在ub ...

  6. openssl生成RSA公钥和私钥对

    在ubuntu上要使用openssl的话需要先进行安装,命令如下: sudo apt-get install openssl 安装完成就可以使用openssl了. 首先需要进入openssl的交互界面 ...

  7. 使用openssl生成RSA公钥和私钥对

    在ubuntu上要使用openssl的话需要先进行安装,命令如下: sudo apt-get install openssl 安装完成就可以使用openssl了. 首先需要进入openssl的交互界面 ...

  8. openssl生成RSA密钥证书

    1.openssl的安装 2.RSA密钥证书的生成 3.openssl的常用命令 1.openssl的安装 openssl 是目前最流行的 SSL 密码库工具,其提供了一个通用.健壮.功能完备的工具套 ...

  9. Windows 下使用OpenSSL生成RSA公钥和私钥

    Windows 下使用OpenSSL生成RSA公钥和私钥 (1)下载OpenSSL 可到该地址下载OpenSSL: https://www.openssl.org/source/(https://ww ...

随机推荐

  1. object转化为string

    package common; import java.util.ArrayList; import java.util.List; public class DataZh { public stat ...

  2. Java-Android 之输入提示框

    Android的文本提示框有两种方式: main.xml文件 <?xml version="1.0" encoding="utf-8"?> < ...

  3. Axiom3D学习日记 4.地形,天空,雾

    首先需要引用Axiom.SceneManagers.Octree.dll. 地形: 载入地形配置,从一个文件中. scene.LoadWorldGeometry( "Terrain.xml& ...

  4. Problem 1183 - 排列

    #include<iostream> #include<vector> #include<algorithm> using namespace std; int c ...

  5. 【BZOJ1036】【LCT版】树的统计Count

    Description 一 棵树上有n个节点,编号分别为1到n,每个节点都有一个权值w.我们将以下面的形式来要求你对这棵树完成一些操作: I. CHANGE u t : 把结点u的权值改为t II. ...

  6. phpcms(3) V9 常用函数 及 代码整理(转)

    转自http://www.cnblogs.com/Braveliu/p/5103918.html 常用函数 及 常用代码 总结如下 <;?php //转换字符串或者数组的编码 str_chars ...

  7. 『重构--改善既有代码的设计』读书笔记----Hide Delegate

    所谓委托关系,就是一个类对于另一个类来说纯粹作为接口转发,即客户通过一个委托类去调用另一个对象.直白的委托关系就是委托类直接返回出目标类给客户调用,这个关系很麻烦,因为委托关系的变动就会影响客户端的代 ...

  8. 【随记】解决:VS2010 调试器无法继续继续运行该进程,无法启动调试

    今天在调试项目的时候突然出现错误: 按照网上的一些方法弄了后还是同样报错,把本地代码删除后从库上重现拉下来的项目依然报错,到这里就明白不是项目本身问题了,而是VS2010 的问题,经过网上查资料,问同 ...

  9. srand((double)microtime()*1000000)

    分为4个步骤1:执行microtime(),获取当前的微秒数 2:把获取的微秒数转换为double类型 3:再用转换后的数字去乘以1000000 4:给随机数发生器播种,播种数为第三步得出的结果 ra ...

  10. Python元组、列表、字典

    ```python>>> help(tuple) Help on class tuple in module __builtin__: class tuple(object) │ t ...