原文地址:https://stackoverflow.com/questions/7611383/generating-rsa-keys-in-pkcs1-format-in-java

When I generate an RSA key pair using the Java API, the public key is encoded in the X.509 format and the private key is encoded in the PKCS#8 format. I'm looking to encode both as PKCS#1. Is this possible? I've spent a considerable amount of time going through the Java docs but haven't found a solution. The result is the same when I use the Java and the Bouncy Castle providers.

Here is a snippet of the code:

KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA","BC");

keygen.initialize(1024);

KeyPair pair = keygen.generateKeyPair();

PrivateKey priv = pair.getPrivate();

PublicKey pub = pair.getPublic();

byte[] privBytes = priv.getEncoded();

byte[] pubBytes = pub.getEncoded();

The two resulting byte arrays are formatted as X.509 (public) and PKCS#8 (private).

Any help would be much appreciated. There are some similar posts but none really answer my question.

Thank You

You will need BouncyCastle:

import org.bouncycastle.asn1.ASN1Encodable;

import org.bouncycastle.asn1.ASN1Primitive;

import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;

import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;

import org.bouncycastle.util.io.pem.PemObject;

import org.bouncycastle.util.io.pem.PemWriter;

The code snippets below have been checked and found working with Bouncy Castle 1.52.

Private key

Convert private key from PKCS8 to PKCS1:

PrivateKey priv = pair.getPrivate();

byte[] privBytes = priv.getEncoded();

PrivateKeyInfo pkInfo = PrivateKeyInfo.getInstance(privBytes);

ASN1Encodable encodable = pkInfo.parsePrivateKey();

ASN1Primitive primitive = encodable.toASN1Primitive();

byte[] privateKeyPKCS1 = primitive.getEncoded();

Convert private key in PKCS1 to PEM:

PemObject pemObject = new PemObject("RSA PRIVATE KEY", privateKeyPKCS1);

StringWriter stringWriter = new StringWriter();

PemWriter pemWriter = new PemWriter(stringWriter);

pemWriter.writeObject(pemObject);

pemWriter.close();

String pemString = stringWriter.toString();

Check with command line OpenSSL that the key format is as expected:

openssl rsa -in rsa_private_key.pem -noout -text

Public key

Convert public key from X.509 SubjectPublicKeyInfo to PKCS1:

PublicKey pub = pair.getPublic();

byte[] pubBytes = pub.getEncoded();

SubjectPublicKeyInfo spkInfo = SubjectPublicKeyInfo.getInstance(pubBytes);

ASN1Primitive primitive = spkInfo.parsePublicKey();

byte[] publicKeyPKCS1 = primitive.getEncoded();

Convert public key in PKCS1 to PEM:

PemObject pemObject = new PemObject("RSA PUBLIC KEY", publicKeyPKCS1);

StringWriter stringWriter = new StringWriter();

PemWriter pemWriter = new PemWriter(stringWriter);

pemWriter.writeObject(pemObject);

pemWriter.close();

String pemString = stringWriter.toString();

Check with command line OpenSSL that the key format is as expected:

openssl rsa -in rsa_public_key.pem -RSAPublicKey_in -noout -text

Thanks

Many thanks to the authors of the following posts:

Those posts contained useful, though sometimes outdated info (i.e. for older versions of BouncyCastle), that helped me to construct this post.

Generating RSA keys in PKCS#1 format in Java--转的更多相关文章

  1. Generating SSH Keys [Ubuntu Linux]

    Generating SSH Keys We strongly recommend using an SSH connection when interacting with GitHub. SSH ...

  2. String.Format in Java and C#

    原文:String.Format in Java and C# JDK1.5中,String类新增了一个很有用的静态方法String.format(): format(Locale l, String ...

  3. Generating SSH Keys on windows

    two ways here I provide: use openSSH command line on git bash(such as msysgit bash) ls -al ~/.ssh ss ...

  4. 生成ssh公有密钥而且注冊到Github Generate ssh rsa keys and register public key on Github

    私有密钥和公有密钥是成对的两个文件,私有文件保存在自己的本机,公有密钥保存到还有一端的server,站点等. github就是一种站点. 仅仅有保存了私有密钥的机器才干訪问远程的server等. 使用 ...

  5. Generating SSH Keys for github

    由于最近电脑重装了Windows 8.1, 想用github维护一些代码.故不得不重新生成一下ssh key. 按https://help.github.com/articles/generating ...

  6. 使用 RSA 非对称加密保证数据不被篡改 java 例子代码

    原理: 对原始数据 生成有序的json 字符串,然后取 摘要,然后 对摘要 进项 分对称加密.( 不对原数据加密是应为 原数据太大,加解密速度太慢,非对称加密都不 挺慢的.在摘要函数具有雪崩效应 ,原 ...

  7. hadoo namenode format 异常 java.net.UnknownHostException: localhost.localdomain: localhost.localdomain

    /etc/sysconfig/network换成你在hosts里设置的值 /etc/rc.d/init.d/network restart 重启网络 hostname后就会发现hostname变了,也 ...

  8. 基于RSA securID的Radius二次验证java实现(PAP验证方式)

    基于rsa SecurID的二次验证.RSA server自身可以作为Radius服务器,RSA也可以和其他的软件集合,使用其他的server作为Radius服务器. radius的验证的一般流程如下 ...

  9. 自己实现简单的RSA秘钥生成与加解密(Java )

    最近在学习PKI,顺便接触了一些加密算法.对RSA着重研究了一下,自己也写了一个简单的实现RSA算法的Demo,包括公.私钥生成,加解密的实现.虽然比较简单,但是也大概囊括了RSA加解密的核心思想与流 ...

随机推荐

  1. FJNUOJ1158(莫比乌斯反演)

    题目:给定n个数字a1...an.有m个询问,格式为L R X Y,意为求aL到aR之间与x的最大公因数为y的个数. 数据组数T<=20 1<=n,m<=1e5 1<=ai&l ...

  2. 动态演示冒泡排序java

    动态演示冒泡排序java //冒泡排序是一种简单的交换排序,基本思路,从数列左边开始扫描元素,在扫描过程中依次对相邻元素进行比较,将较大元素后移. public class NumberSort { ...

  3. dubbo的jmeter压测时jar包的热加载/动态加载

    在做dubbo的jmeter压测时,需要把jar包放入jmeter的lib/ext目录下,但是jmeter启动的时候会自动加载这个目录lib目录及lib/ext目录,这样启动后放入这些目录下的jar包 ...

  4. SUSE Linux源代码编译安装MySQL 5.6

    这篇文章主要介绍了SUSE Linux下源代码编译方式安装MySQL 5.6过程分享,本文使用SUSE Linux Enterprise Server 10 SP3 (x86_64)系统,须要的朋友能 ...

  5. 自己动手写shell命令之ls -R1fF

    ls命令的R參数代表递归的列出全部子目录中的全部文件,1表示每一行仅仅显示一个文件或目录,f表示不排序即输出.F表示在每项的输出的最后依据其文件类型对应的加上*/=>@|字符.通过c语言实现ls ...

  6. Android官方api的下载

    不少开发者,都需要api来进行参考,可是目前Android开发来说默认是没有下载的, 而且sdk中有时候部分开发者也很疑惑怎么没有找到像document或者doc之类的文档进行下载,其实我们只要在把s ...

  7. Codeforces Round #322 (Div. 2) D. Three Logos 模拟

                                                      D. Three Logos Three companies decided to order a ...

  8. poj1151==codevs 3044 矩形面积求并

    Atlantis Time Limit: 1000MS   Memory Limit: 10000K Total Submissions: 21511   Accepted: 8110 Descrip ...

  9. 协方差矩阵与主成分分析PCA

    今天看论文,作者是用主成分分析(PCA)的方法做的.仔细学习了一下,有一篇博客写的很好,介绍的深入浅出! 协方差:http://pinkyjie.com/2010/08/31/covariance/ ...

  10. text recognizer (OCR) Engine 光学字符识别

    https://github.com/tesseract-ocr/tesseract/wiki https://github.com/UB-Mannheim/tesseract/wiki C:\Use ...