`

RSA非对称加解密

阅读更多

基于openssl生成RSA公私钥对

 

参考地址:https://www.iteye.com/blog/xw-z1985-1837376

 

a)从网上下载openssl工具:http://www.slproweb.com/products/Win32OpenSSL.html

  b)生成私钥

进入到opensslbin目录下,执行以下命令:

openssl genrsa -out rsa_private_key.pem 1024

会在bin目录下看到新生成的私钥文件rsa_private_key.pem,文件内容如下:

Xml代码  <!--[if gte vml 1]><v:shapetype id="_x0000_t75" coordsize="21600,21600" o:spt="75" o:preferrelative="t" path="m@4@5l@4@11@9@11@9@5xe" filled="f" stroked="f"> <v:stroke joinstyle="miter"/> <v:formulas> <v:f eqn="if lineDrawn pixelLineWidth 0"/> <v:f eqn="sum @0 1 0"/> <v:f eqn="sum 0 0 @1"/> <v:f eqn="prod @2 1 2"/> <v:f eqn="prod @3 21600 pixelWidth"/> <v:f eqn="prod @3 21600 pixelHeight"/> <v:f eqn="sum @0 0 1"/> <v:f eqn="prod @6 1 2"/> <v:f eqn="prod @7 21600 pixelWidth"/> <v:f eqn="sum @8 21600 0"/> <v:f eqn="prod @7 21600 pixelHeight"/> <v:f eqn="sum @10 21600 0"/> </v:formulas> <v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect"/> <o:lock v:ext="edit" aspectratio="t"/> </v:shapetype><v:shape id="图片_x0020_2" o:spid="_x0000_i1026" type="#_x0000_t75" alt="收藏代码" href="javascript:void()" title="&quot;收藏这段代码&quot;" style='width:11pt; height:10.5pt;visibility:visible;mso-wrap-style:square' o:button="t"> <v:imagedata src="file:///C:/Users/WUDASH~1/AppData/Local/Temp/msohtmlclip1/01/clip_image001.png" o:title="收藏代码"/> </v:shape><![endif]--><!--[if !vml]-->收藏代码<!--[endif]-->

<!--[if !supportLists]-->1.  <!--[endif]-->-----BEGIN RSA PRIVATE KEY-----  

<!--[if !supportLists]-->2.  <!--[endif]-->MIICXgIBAAKBgQDtd1lKsX6ylsAEWFi7E/ut8krJy9PQ7sGYKhIm9TvIdZiq5xzy  

<!--[if !supportLists]-->3.  <!--[endif]-->aw8NOLzKZ1k486MePYG4tSuoaxSbwuPLwVUzYFvnUZo7aWCIGKn16UWTM4nxc/+d  

<!--[if !supportLists]-->4.  <!--[endif]-->wce+bhcKrlLbTWi8l580LTE7GxclTh8z7gHq59ivhaoGbK7FNxlUfB4TSQIDAQAB  

<!--[if !supportLists]-->5.  <!--[endif]-->AoGBAIgTk0x1J+hI8KHMypPxoJCOPoMi1S9uEewTd7FxaB+4G5Mbuv/Dj62A7NaD  

<!--[if !supportLists]-->6.  <!--[endif]-->oKI9IyUqE9L3ppvtOLMFXCofkKU0p4j7MEJdZ+CjVvgextkWa80nj/UZiM1oOL6Y  

<!--[if !supportLists]-->7.  <!--[endif]-->HwH4ZtPtY+pFCTK1rdn3+070qBB9tnVntbN/jq0Ld7f0t7UNAkEA9ryI0kxJL9Pu  

<!--[if !supportLists]-->8.  <!--[endif]-->pO9NEeWuCUo4xcl9x/M9+mtkfY3VoDDDV1E/eUjmoTfANYwrjcddiQrO0MLyEdoo  

<!--[if !supportLists]-->9.  <!--[endif]-->tiLpN77qOwJBAPZhtv/+pqMVTrLxWnVKLZ4ZVTPPgJQQkFdhWwYlz7oKzB3VbQRt  

<!--[if !supportLists]-->10.<!--[endif]-->/jLFXUyCN2eCP7rglrXnaz7AYBftF0ajHEsCQQDDNfkeQULqN0gpcDdOwKRIL1Pp  

<!--[if !supportLists]-->11.<!--[endif]-->kHgWmWlg1lTETVJGEi6Kx/prL/VgeiZ1dzgCTUjAoy9r1cEFxM/PAqH3+/F/AkEA  

<!--[if !supportLists]-->12.<!--[endif]-->zsTCp6Q2hLblDRewKq7OCdiIwKpr5dbgy/RQR6CD7EYTdxYeH5GPu1wXKJY/mQae  

<!--[if !supportLists]-->13.<!--[endif]-->JV9GG/LS9h7MhkfbONS6cQJAdBEb5vloBDLcSQFDQO/VZ9SKFHCmHLXluhhIizYK  

<!--[if !supportLists]-->14.<!--[endif]-->Gzgf3OXEGNDSAC3qy+ZTnLd3N5iYrVbK52UoiLOLhhNMqA==  

<!--[if !supportLists]-->15.<!--[endif]-->-----END RSA PRIVATE KEY-----  

   c)生成公钥

bin目录下,执行以下命令:

openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem

会在bin目录下看到新生成的公钥文件rsa_public_key.pem,文件内容如下:

Xml代码  <!--[if gte vml 1]><v:shape id="图片_x0020_1" o:spid="_x0000_i1025" type="#_x0000_t75" alt="收藏代码" href="javascript:void()" title="&quot;收藏这段代码&quot;" style='width:11pt; height:10.5pt;visibility:visible;mso-wrap-style:square' o:button="t"> <v:imagedata src="file:///C:/Users/WUDASH~1/AppData/Local/Temp/msohtmlclip1/01/clip_image001.png" o:title="收藏代码"/> </v:shape><![endif]--><!--[if !vml]-->收藏代码<!--[endif]-->

<!--[if !supportLists]-->1.  <!--[endif]-->-----BEGIN PUBLIC KEY-----  

<!--[if !supportLists]-->2.  <!--[endif]-->MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDtd1lKsX6ylsAEWFi7E/ut8krJ  

<!--[if !supportLists]-->3.  <!--[endif]-->y9PQ7sGYKhIm9TvIdZiq5xzyaw8NOLzKZ1k486MePYG4tSuoaxSbwuPLwVUzYFvn  

<!--[if !supportLists]-->4.  <!--[endif]-->UZo7aWCIGKn16UWTM4nxc/+dwce+bhcKrlLbTWi8l580LTE7GxclTh8z7gHq59iv  

<!--[if !supportLists]-->5.  <!--[endif]-->haoGbK7FNxlUfB4TSQIDAQAB  

<!--[if !supportLists]-->6.  <!--[endif]-->-----END PUBLIC KEY-----  

 

 

 

 

常见错误解决方案:

错误1

Exception in thread "main" java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : algid parse error, not a sequence

       at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:252)

       at java.security.KeyFactory.generatePrivate(KeyFactory.java:372)

       at com.jd.health.insurance.soa.common.util.RSAOpenUtil.decryptByPrivateKey(RSAOpenUtil.java:88)

       at com.jd.health.insurance.soa.common.util.RSAOpenUtil.decryptByPrivateKey(RSAOpenUtil.java:102)

       at com.jd.health.insurance.soa.common.util.RSAOpenUtil.main(RSAOpenUtil.java:143)

Caused by: java.security.InvalidKeyException: IOException : algid parse error, not a sequence

       at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:351)

       at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:356)

       at sun.security.rsa.RSAPrivateCrtKeyImpl.<init>(RSAPrivateCrtKeyImpl.java:130)

       at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(RSAPrivateCrtKeyImpl.java:80)

      at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:357)

       at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:248)

       ... 4 more

 

 

 

解决方案://这时候的私钥还不能直接被使用,需要进行PKCS#8编码:

openssl pkcs8 -topk8 -in rsa_private_key.pem -out pkcs8_rsa_private_key.pem -nocrypt  

 

命令中指明了输入私钥文件为rsa_private_key.pem,输出私钥文件为pkcs8_rsa_private_key.pem,不采用任何二次加密(-nocrypt

 

分享到:
| java把汉字转换成拼音的2种方式
评论
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

Magicbox
Global site tag (gtag.js) - Google Analytics