一、取公钥,例子中server.crt放在D盘根路径下
//获得给定格式的证书工厂
CertificateFactory cf = CertificateFactory.getInstance("X.509");
//读取证书的输入流
FileInputStream fis = new FileInputStream("D:/server.crt");
//获取证书对象
Certificate cert = cf.generateCertificate(fis);
//关闭输入流
fis.close();
//获取公钥
PublicKey publicKey = cert.getPublicKey();
二、获取私钥
1.直接读取server.key文件会报错:
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
需要把server.key文件转换为PKCS8格式:
命令:
openssl pkcs8 -topk8 -nocrypt -in server.key -out myrsakey_pcks8
生成一个PKCS8格式的秘钥myrsakey_pcks8
myrsakey_pcks8的内容:
-----BEGIN PRIVATE KEY-----
MIICXQIBAAKBgQDB49bqrPV4BEmoWmBsLy/JNVbWC1Rz/tkKAjvszeE+8cQwxmYQ
oJMKXcmYSV9NF/Ftxj+Fydu9iHM8FzEQjDoB9pxPIfV8n4+F1R0y5rrTzBwYXuAm
JSo0OnLGXVhJSjwOGu0vRu4SoSH+g0QKHuPDoOAfiKdnNQuJF0TGug5yGwIDAQAB
AoGAVqOd9K2m3qNj2qPP9Ge9fbak/+5+JXsatvs6ld2Fql/UYEs3bnSiX/56x975
g/SQAJKW7gy+cVoYzCA8330ZqeBq4GFhisXeCL7YDakFraFHALcYo19BWSc02N96
cuq9qU9E0ZMNDBPlLrUrJ34i33B4eX+h1CLhO7rJzoyMPZkCQQD62T5uZqTR/5Aw
Uw3F/IGctwVUMRu9VeLVYnDSIKZasalDXujGtFjyhk9df+mjSq6reH/gg5PLBSPv
WErT5B6lAkEAxd8nbXERRqLhQlnzL6CnoqpwjPL6E7pnb7qIrgYchaONUQvlCEaH
31uy1VyDxueB1UwfY6VjZGIkd6SmkqYxvwJBAO2PKVnCaVra7UFmlkemz1SL20cV
TtDq8mvk0zWcaA7B66t6yXXMu+PKIIVKqwfSpUKMVoZX9XIyBwsXEZ5DjmUCQQDB
9v1cT/DicDomY6x6rJ6HW1JXKLux6REKOi1PgdglvGyD3QgXc6QvdGE6u6TFrxzb
bPJ8KJzkwzwCOFm8+cNbAkBue461A4i616SH7Q/VQ3In0qGTZ5QwHksHV86vbfmM
S/v6T/SOYqP/zDmMuZhsa+FyBrV8feYOb4vgbXoDaJtM
-----END PRIVATE KEY-----
2.假设myrsakey_pcks8在D盘根目录下,
//获得指定格式的KEY工厂
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
//读取PKCS8文件
BufferedReader br = new BufferedReader(new FileReader("D:/rsakey_pcks8"));
//rsakey_pcks8首行注释-----BEGIN PRIVATE KEY-----
String s = br.readLine();
StringBuffer sb = new StringBuffer();
//读取rsakey_pcks8第二行
s = br.readLine();
//循环读取直到最后一行
while (s.charAt(0) != '-') {
sb.append(s + "\r");
s = br.readLine();
}
//使用base64解码,这里使用org.apache.commons.codec.binary.Base64
byte[] keybyte = Base64.decodeBase64(sb.toString());
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keybyte);
//获取私钥
PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
三、使用公钥加密