读取普通rsa公钥时出错(没有x509证书!)

jdzmm42g  于 2021-07-09  发布在  Java
关注(0)|答案(1)|浏览(574)

我有一个普通公开rsa密钥的十六进制表示。现在我要检索密钥的长度。

public void testIt(String[] args) {
    logger.entry();
    Security.addProvider(new BouncyCastleProvider());

    String 

pubAsHex="30820122300d06092a864886f70d01010105000382010f003082010a0282010100e816e9de7ed0c26c1157e56d7751ba59ebf5a75e65b91ce338794ed9ca24aefa1a26a5d927ccc7f3c6d21b05f3acc6fa73be2db0ed124a38dcb130aaa191214304f4c8c06d0b0dfd3ebc3ea0f5753555d5830ff09bd0f041013c0abc25d482ec6ec03b633b6c314fdd6fe71ddc5f6566f58edc65a6da86e8fb5f1205b48c53aecd2d5daec0232cca5071cc81609332568fa1a982bab49ebe9f6fd28cba52c50281a84597764b44e8775622cac36c7e1d4f3dd5417ecc8b8e1b5bdbc4ac36a2ef8e3dfc757a114d3ed82eb8ffbbd08392f242342db90c02ec9d210eec2bb4e2f8a6fc94a27647e9ec14789a1c3e962e59a75bc59d9658689e28699e136fce75470203";
    byte[] myKeyBytes=hex2Binary(pubAsHex);
    try{
        //Takes your byte array of the key as constructor parameter
        X509EncodedKeySpec  pubKeySpec = new X509EncodedKeySpec(myKeyBytes);

        //Takes algorithm used to generate keys (DSA, RSA, DiffieHellman, etc.) as 1st parameter
        //Takes security provider (SUN, BouncyCastle, etc.) as second parameter
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");

        //Creates a new PublicKey object
        PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
        RSAPublicKey myRsaKey = (RSAPublicKey) pubKey;
        logger.info("Length: "+myRsaKey.getModulus().bitLength());
    } catch(Exception e) {
        e.printStackTrace();
    }
    logger.exit();
}

public static byte [] hex2Binary (String hex) throws IllegalArgumentException, NullPointerException, NumberFormatException
{
    int j = hex.length ();
    if (j % 2 != 0)
        throw new IllegalArgumentException ("Incorrect hex string length " + j);
    byte [] result = new byte [j >> 1];
    for (int i = result.length - 1; i >= 0; i--, j -= 2)
        result [i] = (byte) Integer.parseInt (hex.substring (j - 2, j), 16);
    return result;
}

我找不到一个密钥不被视为x509证书的示例。示例代码引发invalidkeyspecexception

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException: Detect premature EOF
        at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:205)
        at java.security.KeyFactory.generatePublic(KeyFactory.java:334)
        at de.martinm.tools.Test.KKSTester.testIt(KKSTester.java:156)
        at de.martinm.tools.Test.KKSTester.process(KKSTester.java:343)
        at de.martinm.tools.Test.KKSTester.main(KKSTester.java:351)
Caused by: java.security.InvalidKeyException: IOException: Detect premature EOF
        at sun.security.x509.X509Key.decode(X509Key.java:398)
        at sun.security.x509.X509Key.decode(X509Key.java:403)
        at sun.security.rsa.RSAPublicKeyImpl.<init>(RSAPublicKeyImpl.java:86)
        at sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:298)
        at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:201)
        ... 4 more
ecr0jaav

ecr0jaav1#

很抱歉使用了一个不是真实答案的答案,但是这些数据在评论中是不可读的。
您的密钥似乎已加密且无效。见结构:

0 290: SEQUENCE {
  4  13:   SEQUENCE {
  6   9:     OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
 17   0:     NULL
       :     }
 19 271:   BIT STRING, encapsulates {
 24 266:     SEQUENCE {
 28 257:       INTEGER
       :         00 E8 16 E9 DE 7E D0 C2 6C 11 57 E5 6D 77 51 BA
       :         59 EB F5 A7 5E 65 B9 1C E3 38 79 4E D9 CA 24 AE
       :         FA 1A 26 A5 D9 27 CC C7 F3 C6 D2 1B 05 F3 AC C6
       :         FA 73 BE 2D B0 ED 12 4A 38 DC B1 30 AA A1 91 21
       :         43 04 F4 C8 C0 6D 0B 0D FD 3E BC 3E A0 F5 75 35
       :         55 D5 83 0F F0 9B D0 F0 41 01 3C 0A BC 25 D4 82
       :         EC 6E C0 3B 63 3B 6C 31 4F DD 6F E7 1D DC 5F 65
       :         66 F5 8E DC 65 A6 DA 86 E8 FB 5F 12 05 B4 8C 53
       :                 [ Another 129 bytes skipped ]
289   3:       INTEGER -1
       :         Error: Integer has a negative value.
       :       }
       :     }

oid编号“1 2 840 113549 1 1 1 1”给出了“rsaes-pkcs1-v1ţ5加密方案”和“此oid在公钥加密标准(pkcs)1中定义。另见ietf rfc 8017。
也许你是幸运的,在bouncy castle的pem阅读器的帮助下,当你知道密码短语时,你就能够读懂钥匙了。

相关问题