将PHP RSA公共密钥转换为Android公共密钥

Question

我正在研究基于客户端服务器的应用程序。

从哪里获得公钥这种格式

，因为我救了它转换成String。

现在我想在我的Android（Java代码）中使用此密钥，我该如何使用它？

Answer 1

首先，你需要生成从您提供的PEM格式的公钥，这里是我这样做的方法：

/** 
* 
* @param PEMString -A file/string in .pem format with a generated RSA key (with "des3", using "openssl genrsa".) 
* @param isFilePath - If it's a file path or a string 
* @return java.security.PublicKey 
* @throws IOException -No key found 
* @throws NoSuchAlgorithmException 
* @throws InvalidKeySpecException 
* 
* @author hsigmond 
*/ 

private static PublicKey getPublicKeyFromPemFormat(String PEMString, 
     boolean isFilePath) throws IOException, NoSuchAlgorithmException, 
     InvalidKeySpecException { 

    BufferedReader pemReader = null; 
    if (isFilePath) { 
     pemReader = new BufferedReader(new InputStreamReader(
       new FileInputStream(PEMString))); 
    } else { 
     pemReader = new BufferedReader(new InputStreamReader(
       new ByteArrayInputStream(PEMString.getBytes("UTF-8")))); 
    } 
    StringBuffer content = new StringBuffer(); 
    String line = null; 
    while ((line = pemReader.readLine()) != null) { 
     if (line.indexOf("-----BEGIN PUBLIC KEY-----") != -1) { 
      while ((line = pemReader.readLine()) != null) { 
       if (line.indexOf("-----END PUBLIC KEY") != -1) { 
        break; 
       } 
       content.append(line.trim()); 
      } 
      break; 
     } 
    } 
    if (line == null) { 
     throw new IOException("PUBLIC KEY" + " not found"); 
    } 
Log.i("PUBLIC KEY: ", "PEM content = : " + content.toString()); 

    KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 
    return keyFactory.generatePublic(new X509EncodedKeySpec(Base64.decode(content.toString(), Base64.DEFAULT))); 

} 

这里是我如何使用它来读取（解码）用提供的公钥签名的内容。

/** 
* 
* @param PEMString -A file/string in .pem format with a generated RSA key (with "des3", using "openssl genrsa".) 
* @param content 
* @return String value of content Decoded 
* @throws NoSuchAlgorithmException 
* @throws InvalidKeySpecException 
* @throws IOException 
* @throws NoSuchProviderException 
* @throws NoSuchPaddingException 
* @throws InvalidKeyException 
* @throws IllegalBlockSizeException 
* @throws BadPaddingException 
* 
* @author hsigmond 
*/ 


    public static String getContentWithPublicKeyFromPemFormat(String PEMString, 
     String content,boolean isFilePath) throws NoSuchAlgorithmException, 
     InvalidKeySpecException, IOException, NoSuchProviderException, 
     NoSuchPaddingException, InvalidKeyException, 
     IllegalBlockSizeException, BadPaddingException { 

    PublicKey publicKey = getPublicKeyFromPemFormat(PEMString,isFilePath); 
    if (publicKey != null) 
     Log.i("PUBLIC KEY: ", "FORMAT : " + publicKey.getFormat() 
       + " \ntoString : " + publicKey.toString()); 

    byte[] contentBytes = Base64.decode(content, Base64.DEFAULT); 
    byte[] decoded = null; 

    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");//BC=BouncyCastle Provider 
    cipher.init(Cipher.DECRYPT_MODE, publicKey); 
    decoded = cipher.doFinal(contentBytes); 
    return new String(decoded, "UTF-8"); 
} 

Answer 2

有一个名为“bouncycastle”的项目，我们在j2me上使用它，但它也会在android上工作。它可以用来处理openssl证书。

bouncycastle.org

Java密钥实现：

进口java.security.cert.Certificate中 进口java.security.KeyStore中

和自述了很多，因为OpenSSL的键不直接支持Java这正在带来自己的机制。

Java示例用于KeyStore东西：

byte[] certData = ...  
/* create KeyStore */ 
KeyStore ks = KeyStore.getInstance("JKS", "SUN"); 
/* load key store (initialization */ 
ks.load(null, null); 
/* create CertificateFactory */ 
CertificateFactory cf = CertificateFactory.getInstance("X509"); 
/* create certificate from input stream */ 
Certificate cert; 
/* provide cert data */ 
ByteArrayInputStream in = new ByteArrayInputStream(makeCert(certData)); 



private static byte[] makeCert(byte[] data) { 
    String headline = "-----BEGIN CERTIFICATE-----"; 
    String footline = "-----END CERTIFICATE-----"; 

    String certStr = headline; 
    for (int i = 0; i < data.length; i++) { 
     if (i%64 == 0) { 
      certStr += "\n"; 
     } 
     certStr += (char)data[i]; 
    } 
    if ((data.length-1)%64 != 0) { 
     certStr += "\n"; 
    } 
    certStr += footline; 
    return certStr.getBytes(); 
}