原文地址:https://stackoverflow.com/questions/7611383/generating-rsa-keys-in-pkcs1-format-in-java

When I generate an RSA key pair using the Java API, the public key is encoded in the X.509 format and the private key is encoded in the PKCS#8 format. I'm looking to encode both as PKCS#1. Is this possible? I've spent a considerable amount of time going through the Java docs but haven't found a solution. The result is the same when I use the Java and the Bouncy Castle providers.

Here is a snippet of the code:

KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA","BC");

keygen.initialize(1024);

KeyPair pair = keygen.generateKeyPair();

PrivateKey priv = pair.getPrivate();

PublicKey pub = pair.getPublic();

byte[] privBytes = priv.getEncoded();

byte[] pubBytes = pub.getEncoded();

The two resulting byte arrays are formatted as X.509 (public) and PKCS#8 (private).

Any help would be much appreciated. There are some similar posts but none really answer my question.

Thank You

You will need BouncyCastle:

import org.bouncycastle.asn1.ASN1Encodable;

import org.bouncycastle.asn1.ASN1Primitive;

import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;

import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;

import org.bouncycastle.util.io.pem.PemObject;

import org.bouncycastle.util.io.pem.PemWriter;

The code snippets below have been checked and found working with Bouncy Castle 1.52.

Private key

Convert private key from PKCS8 to PKCS1:

PrivateKey priv = pair.getPrivate();

byte[] privBytes = priv.getEncoded();

PrivateKeyInfo pkInfo = PrivateKeyInfo.getInstance(privBytes);

ASN1Encodable encodable = pkInfo.parsePrivateKey();

ASN1Primitive primitive = encodable.toASN1Primitive();

byte[] privateKeyPKCS1 = primitive.getEncoded();

Convert private key in PKCS1 to PEM:

PemObject pemObject = new PemObject("RSA PRIVATE KEY", privateKeyPKCS1);

StringWriter stringWriter = new StringWriter();

PemWriter pemWriter = new PemWriter(stringWriter);

pemWriter.writeObject(pemObject);

pemWriter.close();

String pemString = stringWriter.toString();

Check with command line OpenSSL that the key format is as expected:

openssl rsa -in rsa_private_key.pem -noout -text

Public key

Convert public key from X.509 SubjectPublicKeyInfo to PKCS1:

PublicKey pub = pair.getPublic();

byte[] pubBytes = pub.getEncoded();

SubjectPublicKeyInfo spkInfo = SubjectPublicKeyInfo.getInstance(pubBytes);

ASN1Primitive primitive = spkInfo.parsePublicKey();

byte[] publicKeyPKCS1 = primitive.getEncoded();

Convert public key in PKCS1 to PEM:

PemObject pemObject = new PemObject("RSA PUBLIC KEY", publicKeyPKCS1);

StringWriter stringWriter = new StringWriter();

PemWriter pemWriter = new PemWriter(stringWriter);

pemWriter.writeObject(pemObject);

pemWriter.close();

String pemString = stringWriter.toString();

Check with command line OpenSSL that the key format is as expected:

openssl rsa -in rsa_public_key.pem -RSAPublicKey_in -noout -text

Thanks

Many thanks to the authors of the following posts:

Those posts contained useful, though sometimes outdated info (i.e. for older versions of BouncyCastle), that helped me to construct this post.

Generating RSA keys in PKCS#1 format in Java--转的更多相关文章

  1. Generating SSH Keys [Ubuntu Linux]

    Generating SSH Keys We strongly recommend using an SSH connection when interacting with GitHub. SSH ...

  2. String.Format in Java and C#

    原文:String.Format in Java and C# JDK1.5中,String类新增了一个很有用的静态方法String.format(): format(Locale l, String ...

  3. Generating SSH Keys on windows

    two ways here I provide: use openSSH command line on git bash(such as msysgit bash) ls -al ~/.ssh ss ...

  4. 生成ssh公有密钥而且注冊到Github Generate ssh rsa keys and register public key on Github

    私有密钥和公有密钥是成对的两个文件,私有文件保存在自己的本机,公有密钥保存到还有一端的server,站点等. github就是一种站点. 仅仅有保存了私有密钥的机器才干訪问远程的server等. 使用 ...

  5. Generating SSH Keys for github

    由于最近电脑重装了Windows 8.1, 想用github维护一些代码.故不得不重新生成一下ssh key. 按https://help.github.com/articles/generating ...

  6. 使用 RSA 非对称加密保证数据不被篡改 java 例子代码

    原理: 对原始数据 生成有序的json 字符串,然后取 摘要,然后 对摘要 进项 分对称加密.( 不对原数据加密是应为 原数据太大,加解密速度太慢,非对称加密都不 挺慢的.在摘要函数具有雪崩效应 ,原 ...

  7. hadoo namenode format 异常 java.net.UnknownHostException: localhost.localdomain: localhost.localdomain

    /etc/sysconfig/network换成你在hosts里设置的值 /etc/rc.d/init.d/network restart 重启网络 hostname后就会发现hostname变了,也 ...

  8. 基于RSA securID的Radius二次验证java实现(PAP验证方式)

    基于rsa SecurID的二次验证.RSA server自身可以作为Radius服务器,RSA也可以和其他的软件集合,使用其他的server作为Radius服务器. radius的验证的一般流程如下 ...

  9. 自己实现简单的RSA秘钥生成与加解密(Java )

    最近在学习PKI,顺便接触了一些加密算法.对RSA着重研究了一下,自己也写了一个简单的实现RSA算法的Demo,包括公.私钥生成,加解密的实现.虽然比较简单,但是也大概囊括了RSA加解密的核心思想与流 ...

随机推荐

  1. 安装最新版本的zabbix

    1. 先安装php5.4 最新版本: yum安装php5.4或5.5 https://blog.csdn.net/MarkBoo/article/details/49424183 2. 然后参照官网或 ...

  2. UVa 12563_Jin Ge Jin Qu hao

    [题意]在KTV唱歌,假设每首歌最长180s,时间结束时如果还有歌正在唱,则将此歌唱完.为使唱歌时间最长,规定最后唱长达678s的<劲歌金曲>[介是个嘛?] 假设你正在唱KTV,在剩余的t ...

  3. 洛谷——P1007 独木桥

    P1007 独木桥 题目背景 战争已经进入到紧要时间.你是运输小队长,正在率领运输部队向前线运送物资.运输任务像做题一样的无聊.你希望找些刺激,于是命令你的士兵们到前方的一座独木桥上欣赏风景,而你留在 ...

  4. 断路器监控(Hystrix Dashboard)

    继上一篇http://www.cnblogs.com/EasonJim/p/7613595.html介绍了断路器之后,其实它还提供了一个管理页面来监控这些应用的调用数据. 首先,我是基于上一个例子Zo ...

  5. 我的arcgis培训照片4 来自http://www.cioiot.com/successview-549-1.html

  6. ArcGIS 教程:Workflow Manager 高速浏览

    应用程序概述 Workflow Manager 用户界面提供了用于在整个作业的生命周期中创建和管理作业的工具. 下面全部信息将会在本帮助文档的兴许章节中进行具体的说明. 文件菜单 新建 - 在系统中创 ...

  7. Hadoop HDFS NFS GateWay部署深入具体解释

    目的:通过挂载的方式,能够相似訪问本地磁盘的方式一样的訪问Hadoop文件.简单.方便.快捷. 0.系统版本号&hadoop版本号 1)系统版本号 [root@WEB-W031 sbin]# ...

  8. label显示不同颜色的字体

    NSString *contentSrt = [NSString stringWithFormat:@"%@ (%@)",categoryModel.categoryName, c ...

  9. lua遍历目录

    require"lfs" function findindir (path, wefind, r_table, intofolder) for file in lfs.dir(pa ...

  10. ERROR: resetting DM9000 -&gt; not responding dm9000 not found at 0x88000000问题解决

    ERROR: resetting DM9000 -> not responding                                        dm9000 not found ...