此代码生成一对公钥/私钥:Java的非对称加密:存储公/私钥
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(1024);
KeyPair keypair = keyGen.genKeyPair();
PrivateKey privateKey = keypair.getPrivate();
PublicKey publicKey = keypair.getPublic();
我想知道什么是你通常如何保存的公钥:
选项1:存储字节
byte[] privateKeyBytes = privateKey.getEncoded();
byte[] publicKeyBytes = publicKey.getEncoded();
// ... write to file
// convert bytes back to public/private keys
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);
EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyBytes);
PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
我不喜欢的是将代码绑定到具体的实现,例如PKCS8EncodedKeySpec
和X509EncodedKeySpec
。
选项2:存储系数和指数
KeyFactory fact = KeyFactory.getInstance("RSA");
RSAPublicKeySpec pub = fact.getKeySpec(publicKey, RSAPublicKeySpec.class);
RSAPrivateKeySpec priv = fact.getKeySpec(privateKey,RSAPrivateKeySpec.class);
// store modulus and exponent as BigIntegers
BigInteger modulus = pub.getModulus());
BigInteger exponent = pub.getPublicExponent());
// ... write to file
// recreate public key (the same applies to the private key)
RSAPublicKeySpec keySpec = new RSAPublicKeySpec(modulus, exponent);
KeyFactory fact = KeyFactory.getInstance("RSA");
PublicKey pubKey = fact.generatePublic(keySpec);
第二个选项是更容易实现,但我不知道这是否可能是少高性能。
有没有建议吗?
DER是不是一个真正的格式本身,只是编码ASN.1对象 – 2010-08-09 21:37:21
对于那些希望获得'公共的方式。直接从'id_rsa.pub'(公钥),而不是'id_rsa'(私钥)der' [这个答案提供了一种方法来做到这一点(http://stackoverflow.com/a/18290786/813810)。 – Diego 2014-09-01 10:54:01