如何用java读密码加密密钥？

Question

我有以PKCS8 DER格式存储在文件中的私钥并受密码保护。什么是最简单的阅读方式？

这里是我用来加载一个加密的代码：

InputStream in = new FileInputStream(privateKeyFilename); 
byte[] privateKeydata = new byte[in.available()]; 
in.read(privateKeydata); 
in.close(); 
KeyFactory privateKeyFactory = KeyFactory.getInstance("RSA"); 
PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(privateKeydata); 
PrivateKey privateKey = privateKeyFactory.generatePrivate(encodedKeySpec); 

它工作正常的同规格非加密的密钥。顺便说一句，我正在使用BouncyCastle。

我可以使用查看此私钥下面的OpenSSL命令

openssl pkcs8 -in ./privatekey.key -inform DER -passin pass:thisismypass 

请帮助！

我已经发布了一些解决方案，在我自己的答案这个主题。但是如果有人能够帮助它在没有额外的库的情况下工作，那么我一直没有回答问题，只是BouncyCastle。

Answer 1

我找到了解决方案！也许它不是那么优雅，但是...... 在这里，我将发布两个解决方案：

1. Prefferable，但没有工作
2. 工作之一，但需要额外的库

首先 ：

我发现了一种解决方案here，但它抛出异常。解决方案：

import java.io.*; 
import java.security.*; 
import java.security.interfaces.RSAPrivateCrtKey; 
import java.security.interfaces.RSAPublicKey; 
import java.security.spec.*; 

import javax.crypto.*; 
import javax.crypto.spec.*; 

/* 
* This class demonstrates how to import an encrypted RSA private key as 
* generated by openssl. The input file is presumed to be in DER 
* format. 
*/ 
public class ImportEncryptedPrivateKey 
{ 
    public static byte[] readPK8FromFile(String fileName) throws IOException 
    { 
     File f = new File(fileName); 
     DataInputStream dis = new DataInputStream(new FileInputStream(f)); 
     byte[] theData = new byte[(int) f.length()]; 
     dis.readFully(theData); 
     return theData; 
    } 

    public static void main(String[] args) throws IOException, 
      NoSuchAlgorithmException, NoSuchPaddingException, 
      InvalidKeySpecException, InvalidKeyException, 
      InvalidAlgorithmParameterException 
    { 
     byte[] encryptedPKInfo = readPK8FromFile("rsapriv.pk8"); 
     EncryptedPrivateKeyInfo ePKInfo = new EncryptedPrivateKeyInfo(
       encryptedPKInfo); 
     char[] password = { 'p', 'a', 's', 's', 'w', 'o', 'r', 'd' }; 
     Cipher cipher = Cipher.getInstance(ePKInfo.getAlgName()); 
     PBEKeySpec pbeKeySpec = new PBEKeySpec(password); 
     // Now create the Key from the PBEKeySpec 
     SecretKeyFactory skFac = SecretKeyFactory.getInstance(ePKInfo 
       .getAlgName()); 
     Key pbeKey = skFac.generateSecret(pbeKeySpec); 
     // Extract the iteration count and the salt 
     AlgorithmParameters algParams = ePKInfo.getAlgParameters(); 
     cipher.init(Cipher.DECRYPT_MODE, pbeKey, algParams); 
     // Decrypt the encryped private key into a PKCS8EncodedKeySpec 
     KeySpec pkcs8KeySpec = ePKInfo.getKeySpec(cipher); 
     // Now retrieve the RSA Public and private keys by using an 
     // RSA keyfactory. 
     KeyFactory rsaKeyFac = KeyFactory.getInstance("RSA"); 
     // First get the private key 
     RSAPrivateCrtKey rsaPriv = (RSAPrivateCrtKey) rsaKeyFac.generatePrivate(pkcs8KeySpec); 
     // Now derive the RSA public key from the private key 
     RSAPublicKeySpec rsaPubKeySpec = new RSAPublicKeySpec(rsaPriv.getModulus(), rsaPriv.getPublicExponent()); 
     RSAPublicKey rsaPubKey = (RSAPublicKey) rsaKeyFac.generatePublic(rsaPubKeySpec); 
    } 

} 

我的例外：

Exception in thread "main" java.security.NoSuchAlgorithmException: No such algorithm: 1.2.840.113549.1.5.13 

二：

并且在这之后http://juliusdavies.ca/commons-ssl/pkcs8.html你可以看到第二个，工作液

Answer 2

这是我的代码和它的工作:) :)

File f = new File(keyFile); 
FileInputStream fis = new FileInputStream(f); 
DataInputStream dis = new DataInputStream(fis); 
byte[] keyBytes = new byte[(int)f.length()]; 
dis.readFully(keyBytes); 
dis.close(); 
EncryptedPrivateKeyInfo encryptPKInfo = new EncryptedPrivateKeyInfo(keyBytes); 
Cipher cipher = Cipher.getInstance(encryptPKInfo.getAlgName()); 
PBEKeySpec pbeKeySpec = new PBEKeySpec(passwd.toCharArray()); 
SecretKeyFactory secFac = SecretKeyFactory.getInstance(encryptPKInfo.getAlgName()); 
Key pbeKey = secFac.generateSecret(pbeKeySpec); 
AlgorithmParameters algParams = encryptPKInfo.getAlgParameters(); 
cipher.init(Cipher.DECRYPT_MODE, pbeKey, algParams); 
KeySpec pkcs8KeySpec = encryptPKInfo.getKeySpec(cipher); 
KeyFactory kf = KeyFactory.getInstance("RSA"); 
return kf.generatePrivate(pkcs8KeySpec);