I have following code:
我有以下代码:
PrivateKey key = null;
X509Certificate cert = null;
KeyPair keyPair = null;
final Reader reader = new StringReader(pem);
try {
final PEMReader pemReader = new PEMReader(reader, new PasswordFinder() {
@Override
public char[] getPassword() {
return password == null ? null : password.toCharArray();
}
});
Object obj;
while ((obj = pemReader.readObject()) != null) {
if (obj instanceof X509Certificate) {
cert = (X509Certificate) obj;
} else if (obj instanceof PrivateKey) {
key = (PrivateKey) obj;
} else if (obj instanceof KeyPair) {
keyPair = (KeyPair) obj;
}
}
} finally {
reader.close();
}
Will it ever read PrivateKey? In other words, can any PEM file contain pure private key only? If yes, could you provide me a sample PEM file?
它会阅读PrivateKey吗?换句话说,任何PEM文件只能包含纯私钥吗?如果是的话,你能给我一个样本PEM文件吗?
Thanks in advace.
谢谢你的推荐。
1 个解决方案
#1
6
A file can contain only a private key, and it can be encrypted or clear text. OpenSSL does this all the time.
文件只能包含私钥,可以是加密文件或明文。 OpenSSL一直这样做。
I reviewed the code for PEMReader, however, and it looks like it will return a KeyPair from an RSA private key (the private key file contains all the necessary information for the corresponding public key). It looks like it will never return simply a PrivateKey from readObject().
我查看了PEMReader的代码,看起来它将从RSA私钥返回KeyPair(私钥文件包含相应公钥的所有必要信息)。看起来它永远不会从readObject()返回简单的PrivateKey。
Here's an unencrypted 1024 RSA private key from OpenSSL.
这是来自OpenSSL的未加密的1024 RSA私钥。
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQC/oBTZGo0cgHHdZD8LgDpUVOPjsI58PrTJPtrlVT7kyznmzFEt
TW9cqxlw6EOo09tTTrjikLDA2M5xzejbLGPb8sa7AzVhuHkChgGh9eZmphsnvq1W
LjuXCk5yWOR9ziaBKKFeNXOsdvDp3eMDM+wz3vzn1wrGrg00jMvKP5kcpwIDAQAB
AoGBAI9oJ/IKEszfu1cqLJxYzE5McXf2q8uDyhxJs9upHjZveNem1KGIr+y0B4gd
6nSwiBUidu7nxb+tAWLd7IQKBnhKC3AtGNT7qTwnXelKsJhaok2+kEEuzjQYnmsP
AreEsAi/FlHj/kAyjGBoQ4QLrx1sp2cDcBTP78PeJfZvm/RxAkEA7zVuumjrz3ui
zmBzQI1pwD9F0REyE5zJfgUz5iDQbK2RRPhcQ9LCZdEJRU0vdWTBmmgadYwpg0uG
hYFwCy7PWwJBAM0Tk+pMRwke0m4oiI4mKh0u4enHXE2RFMUtTMjGILHt8+m4Q7rd
KGfO9/ylK82LhbT0Z/BeszbnneaAefkxFaUCQQDephVSXKZgkOuQvCWKSBXOYxZQ
6nh52M2TBrSv1ospHMTCNYlrd5iJvG+smZM66XVqistV7ggVtQ6Y5Umsnv1RAkBW
l/K4V1cTcdFXNIRcyZ60zewUw9qk4iMME1G94XNCzoBU6zqmN+Zs1wb9xlzVoRln
TGBrLgGsqGaTQyK9500FAkBuKohFvOgFHSKOskiVu/swByWZANEZsoEPUx7V6vXH
Tk+qftY64tt4AazHPVyVtsj1oqOv3zbulfnotFvU1nmp
-----END RSA PRIVATE KEY-----
Here's the corresponding public key:
这是相应的公钥:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/oBTZGo0cgHHdZD8LgDpUVOPj
sI58PrTJPtrlVT7kyznmzFEtTW9cqxlw6EOo09tTTrjikLDA2M5xzejbLGPb8sa7
AzVhuHkChgGh9eZmphsnvq1WLjuXCk5yWOR9ziaBKKFeNXOsdvDp3eMDM+wz3vzn
1wrGrg00jMvKP5kcpwIDAQAB
-----END PUBLIC KEY-----
A KeyStore is meant to be used to carry public, private, and symmetric keys in a Java application. Most Java applications store private keys in a PKCS #8 encoding (which is not the same as the OpenSSL format), and public keys are represented with a SubjectPublicKeyInfo structure (which is the same as OpenSSL).
KeyStore用于在Java应用程序中承载公钥,私钥和对称密钥。大多数Java应用程序以PKCS#8编码(与OpenSSL格式不同)存储私钥,公钥用SubjectPublicKeyInfo结构(与OpenSSL相同)表示。
#1
6
A file can contain only a private key, and it can be encrypted or clear text. OpenSSL does this all the time.
文件只能包含私钥,可以是加密文件或明文。 OpenSSL一直这样做。
I reviewed the code for PEMReader, however, and it looks like it will return a KeyPair from an RSA private key (the private key file contains all the necessary information for the corresponding public key). It looks like it will never return simply a PrivateKey from readObject().
我查看了PEMReader的代码,看起来它将从RSA私钥返回KeyPair(私钥文件包含相应公钥的所有必要信息)。看起来它永远不会从readObject()返回简单的PrivateKey。
Here's an unencrypted 1024 RSA private key from OpenSSL.
这是来自OpenSSL的未加密的1024 RSA私钥。
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQC/oBTZGo0cgHHdZD8LgDpUVOPjsI58PrTJPtrlVT7kyznmzFEt
TW9cqxlw6EOo09tTTrjikLDA2M5xzejbLGPb8sa7AzVhuHkChgGh9eZmphsnvq1W
LjuXCk5yWOR9ziaBKKFeNXOsdvDp3eMDM+wz3vzn1wrGrg00jMvKP5kcpwIDAQAB
AoGBAI9oJ/IKEszfu1cqLJxYzE5McXf2q8uDyhxJs9upHjZveNem1KGIr+y0B4gd
6nSwiBUidu7nxb+tAWLd7IQKBnhKC3AtGNT7qTwnXelKsJhaok2+kEEuzjQYnmsP
AreEsAi/FlHj/kAyjGBoQ4QLrx1sp2cDcBTP78PeJfZvm/RxAkEA7zVuumjrz3ui
zmBzQI1pwD9F0REyE5zJfgUz5iDQbK2RRPhcQ9LCZdEJRU0vdWTBmmgadYwpg0uG
hYFwCy7PWwJBAM0Tk+pMRwke0m4oiI4mKh0u4enHXE2RFMUtTMjGILHt8+m4Q7rd
KGfO9/ylK82LhbT0Z/BeszbnneaAefkxFaUCQQDephVSXKZgkOuQvCWKSBXOYxZQ
6nh52M2TBrSv1ospHMTCNYlrd5iJvG+smZM66XVqistV7ggVtQ6Y5Umsnv1RAkBW
l/K4V1cTcdFXNIRcyZ60zewUw9qk4iMME1G94XNCzoBU6zqmN+Zs1wb9xlzVoRln
TGBrLgGsqGaTQyK9500FAkBuKohFvOgFHSKOskiVu/swByWZANEZsoEPUx7V6vXH
Tk+qftY64tt4AazHPVyVtsj1oqOv3zbulfnotFvU1nmp
-----END RSA PRIVATE KEY-----
Here's the corresponding public key:
这是相应的公钥:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/oBTZGo0cgHHdZD8LgDpUVOPj
sI58PrTJPtrlVT7kyznmzFEtTW9cqxlw6EOo09tTTrjikLDA2M5xzejbLGPb8sa7
AzVhuHkChgGh9eZmphsnvq1WLjuXCk5yWOR9ziaBKKFeNXOsdvDp3eMDM+wz3vzn
1wrGrg00jMvKP5kcpwIDAQAB
-----END PUBLIC KEY-----
A KeyStore is meant to be used to carry public, private, and symmetric keys in a Java application. Most Java applications store private keys in a PKCS #8 encoding (which is not the same as the OpenSSL format), and public keys are represented with a SubjectPublicKeyInfo structure (which is the same as OpenSSL).
KeyStore用于在Java应用程序中承载公钥,私钥和对称密钥。大多数Java应用程序以PKCS#8编码(与OpenSSL格式不同)存储私钥,公钥用SubjectPublicKeyInfo结构(与OpenSSL相同)表示。