openssl生成RSA格式,并转为pkcs8格式
原文地址:http://www.thinkingquest.net/articles/391.html?utm_source=tuicool
支付宝接口开发相关:
openssl 加密工具 支付宝“手机网站支付“开发包里面有,下载地址:https://b.alipay.com/order/techService.htm
生成命令使用说明:
RSA密钥生成命令
生成RSA私钥
openssl>genrsa -out rsa_private_key.pem 1024
生成RSA公钥
openssl>rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
将RSA私钥转换成PKCS8格式
openssl>pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt
注意:“>”符号后面的才是需要输入的命令。
openssl默认使用的是PEM格式,经过base64。
生成pem格式的私钥:
openssl genrsa -out private_key.pem 1024
生成公钥:
openssl rsa -in private_key.pem -pubout -out public_key.pem
产生的密钥如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
[wind@localhost key]$ cat private_key.pem -----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs /OD91LS +RpkIAb2gMU8hGrNfR34izZh36 KdfWnEQpniAiFsHsg2ddAaPtGZZ8 /jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY /juA60QDe5kY5 rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO 0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep 3wYjmjIUKBT9SyIY5sng78ybgZkyGjza /Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL /YsjK OZM3d /t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU /pxao = -----END RSA PRIVATE KEY----- [wind@localhost key]$ [wind@localhost key]$ [wind@localhost key]$ openssl rsa - in private_key.pem -pubout -out public_key.pem writing RSA key [wind@localhost key]$ cat public_key.pem -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs /OD91LS +R pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8 /jpjuPq32IVZ JkgyKcWqnz5aL3FMXQIDAQAB -----END PUBLIC KEY----- |
某些语言需要pkcs8格式的公钥。 (php就不需要了)
使用openssl将刚才生成的公钥转为pkcs#8格式:
openssl pkcs8 -topk8 -inform PEM -in private_key.pem -outform PEM -nocrypt -out private_key_pkcs8.pem
下面附上java和php语言的加解密demo代码:
php:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
<?php $pri = "-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36 KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5 rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO 0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep 3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao= ----- END RSA PRIVATE KEY-----"; $pub = "-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ JkgyKcWqnz5aL3FMXQIDAQAB ----- END PUBLIC KEY-----"; $data = "message" ; echo "\n<br/>\n" ; openssl_public_encrypt( $data , $crypted , $pub ); echo base64_encode ( $crypted ); echo "\n<br/>\n" ; openssl_private_decrypt( $crypted , $decrypted , $pri ); echo $decrypted ; ?> |
下面是java版:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
package com.qihoo.srouter.rom; import java.security.KeyFactory; import java.security.PublicKey; import sun.misc.*; import java.security.PrivateKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import javax.crypto.Cipher; import sun.misc.BASE64Decoder; public class TestRSA { public static String PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----" + "\n" + "MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u" + "\n" + "VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36" + "\n" + "KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB" + "\n" + "AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo" + "\n" + "AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5" + "\n" + "rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV" + "\n" + "xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO" + "\n" + "0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC" + "\n" + "u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep" + "\n" + "3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD" + "\n" + "bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK" + "\n" + "OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu" + "\n" + "i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao=" + "\n" + "-----END RSA PRIVATE KEY-----" ; public static String PRIVATE_KEY_PKCS8 = "-----BEGIN PRIVATE KEY-----" + "\n" + "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJ3dXn4aOk7Co2Sz" + "\n" + "0+ugMZplPapREAC4Ch0dxQzc/WaeE6HiXi5V2+Re6dQjsrpcODpe714vVYNBzqop" + "\n" + "ez84P3UtL5GmQgBvaAxTyEas19HfiLNmHfop19acRCmeICIWweyDZ10Bo+0Zlnz+" + "\n" + "OmO4+rfYhVkmSDIpxaqfPlovcUxdAgMBAAECgYAkV2S8ZO9NWFNjCF7d3Gfu4iWb" + "\n" + "AsRLVhLF9yd4uZsAN53PY5xI0G0pmov70SgA7N/o2BgEt6LY75pS4+/CcwFwbKKM" + "\n" + "WZGhkZUSPvRQ/SaeDICS9j+O4DrRAN7mRjmuyqPitodR/iIMrzmc3DNe7uEiU8Cf" + "\n" + "5mYf57YR6TCjWuaBBQJBAMl6u5x8EqTeqtXFLk1Fb32UoyiYiwwfnlKL6tuueTxp" + "\n" + "TdJJFIPq6KXcPK2/R6stltz13Q2vpKYFmA7SrM6NcMMCQQDIlUaAcw24xukeeKb3" + "\n" + "ccA/vBx6OYzHus/jO63Dg4KIeta/eQ3xZQK7zbq1pEW066JeFDdfz61vSXiJ9p76" + "\n" + "8nxfAkARya4qoKGcwLPgb6oo1EqFkcvd16nfBiOaMhQoFP1LIhjmyeDvzJuBmTIa" + "\n" + "PNr89+dr1qEPhkRJDBFiraLoEYC1AkEAnINuadhdAqujR7WZg0dtXc4o4m55nXf1" + "\n" + "szfkFMVPW7OOUgXhjVTmVyjm4cl24v9iyMo5kzd3+3h26CBaWTJRPQJAF2yNzt5D" + "\n" + "2ujGmGtbhD/pnCLQRDjHEzhKDE9jVG+QoW6LQd1gGPkpF0husBuKxTJB4rMHv7qh" + "\n" + "Mkfn6RkBT+nFqg==" + "\n" + "-----END PRIVATE KEY-----" ; public static String PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----" + "\n" + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q" + "\n" + "URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R" + "\n" + "pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ" + "\n" + "JkgyKcWqnz5aL3FMXQIDAQAB" + "\n" + "-----END PUBLIC KEY-----" ; public static void main(String[] args) { String text = "message" ; try { String priStr = PRIVATE_KEY_PKCS8.replaceAll( "-----BEGIN PRIVATE KEY-----\n" , "" ); priStr = priStr.replaceAll( "-----END PRIVATE KEY-----" , "" ); byte [] privateKeyBytes = new BASE64Decoder().decodeBuffer(priStr); PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes); KeyFactory keyFactory = KeyFactory.getInstance( "RSA" ); PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec); Cipher cipher = Cipher.getInstance( "RSA" ); cipher.init(Cipher.ENCRYPT_MODE, privateKey); byte [] crypted = cipher.doFinal(text.getBytes()); System.out.println( new BASE64Encoder().encode(crypted)); // decrypt blow. String pubStr = PUBLIC_KEY.replaceAll( "-----BEGIN PUBLIC KEY-----\n" , "" ); pubStr = pubStr.replaceAll( "-----END PUBLIC KEY-----" , "" ); byte [] publicKeyBytes = new BASE64Decoder().decodeBuffer(pubStr); X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(publicKeyBytes); keyFactory = KeyFactory.getInstance( "RSA" ); PublicKey publicKey = keyFactory.generatePublic(pubKeySpec); cipher = Cipher.getInstance( "RSA" ); cipher.init(Cipher.DECRYPT_MODE, publicKey); byte [] bytes = cipher.doFinal(crypted); System.out.println( new String(bytes, "ISO-8859-1" )); } catch (Exception e) { e.printStackTrace(); } } } 需要注意的是,java的代码中的 private key必须使用pkcs# 8 格式的。 java加密 php解密 也是没问题的。 |
openssl生成RSA格式,并转为pkcs8格式的更多相关文章
- windows 下 openssl 生成RSA私钥公钥以及PKCS8
生成RSA私钥 打开bin文件夹下面的openssl.exe,输入genrsa -out rsa_private_key.pem 1024 把RSA私钥转换成PKCS8格式 输入命令pkcs8 -to ...
- Openssl生成RSA公私钥以及将公钥转换成C#支持的格式
Openssl生成RSA公私钥以及将公钥转换成C#支持的格式 1.RSA算法介绍 RSA算法是一种非对称密码算法,所谓非对称,就是指该算法需要一对密钥,使用其中一个加密,则需要用另一个才能解密.RSA ...
- 如何使用openssl生成RSA公钥和私钥对
在ubuntu上要使用openssl的话需要先进行安装,命令如下: sudo apt-get install openssl 安装完成就可以使用openssl了. 首先需要进入openssl的交互 ...
- openssl生成rsa公私钥
1.生成私钥pem, 执行命令openssl genrsa -out rsa_private_key.pem 1024 2.生成公钥,执行命令openssl rsa -in rsa_private_ ...
- 在Linux下如何使用openssl生成RSA公钥和私钥对
在<Java实现RSA密钥对并在加解密.加签验签中应用的实例>中,我们有用Java代码生成RSA密钥对,其实在Linux操作系统中,用openssl也是很容易生成密钥对的. 一.如果在ub ...
- openssl生成RSA公钥和私钥对
在ubuntu上要使用openssl的话需要先进行安装,命令如下: sudo apt-get install openssl 安装完成就可以使用openssl了. 首先需要进入openssl的交互界面 ...
- 使用openssl生成RSA公钥和私钥对
在ubuntu上要使用openssl的话需要先进行安装,命令如下: sudo apt-get install openssl 安装完成就可以使用openssl了. 首先需要进入openssl的交互界面 ...
- openssl生成RSA密钥证书
1.openssl的安装 2.RSA密钥证书的生成 3.openssl的常用命令 1.openssl的安装 openssl 是目前最流行的 SSL 密码库工具,其提供了一个通用.健壮.功能完备的工具套 ...
- Windows 下使用OpenSSL生成RSA公钥和私钥
Windows 下使用OpenSSL生成RSA公钥和私钥 (1)下载OpenSSL 可到该地址下载OpenSSL: https://www.openssl.org/source/(https://ww ...
随机推荐
- maven 依赖冲突的问题
如果原始系统的jarA依赖jarB1.0 而新引入的jarC依赖jarB2.0 导致系统启动报错,提示冲突,这时为了保证原始系统的稳定性, 在pom.xml文件中引入jarC时,需要exclude掉j ...
- 发布MVC IIS 报错未能加载文件或程序集“System.Web.Http.WebHost
未能加载文件或程序集“System.Web.Http.WebHost, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e3 ...
- Core Animation系列之CADisplayLink(转)
转自 http://www.tuicool.com/articles/meMVR3 一直以来都想好好学习下CoreAnimation,奈何涉及的东西太多,想要一次性全部搞定时间上不允许,以后会断断续续 ...
- Vijos1865 NOI2014 魔法森林 LCT维护生成树
基本思路: 首先按照weightA升序排序,然后依次在图中加边,并维护起点到终点路径上weightB的最大值 如果加边过程中生成了环,则删除环中weightB最大的边 由于是无向图,点之间没有拓扑序, ...
- php中文乱码
一. 首先是PHP网页的编码 1. php文件本身的编码与网页的编码应匹配 a. 如果欲使用gb2312编码,那么php要输出头:header(“Content-Typ ...
- Jdbc工具类(连接及释放)
package cn.gdpe.jdbc; import java.io.File;import java.io.FileInputStream;import java.io.FileNotFound ...
- Extjs4 关于设置form中所有子控件为readOnly属性的解决方案
之前在网上找了一堆,但那些确实没法用,后来考虑了一下,发现主要是网上提供的假设form中只有一层控件,没有考虑到布局稍微复杂的form情形,此处采用递归的形式实现对form中所有控件(grid及but ...
- nuc970连接jlink进行单步调试的设置
在 USB mode 下, 先跟 NuWriter 接上, 然后用以下的设定. 按 Keil 的 debug (不是 download to flash)就可以接上了.
- python进度条代码
import sys import time def view_bar(num,total): rate = num / total rate_num = int(rate * 100) r = ' ...
- OBJC运行时方法替换(Method swizzling)
在上周associated objects一文中,我们开始探索Objective-C运行时的一些黑魔法.本周我们继续前行,来讨论可能是最受争议的运行时技术:method swizzling. Me ...