我正在尝试在Java和PHP中实现RSA加密,但我似乎无法让PHP识别我的Java公钥/私钥.以下是编码/解码公钥和私钥的java代码:
public static byte[] EncodePublicKey(PublicKey _publickey) throws Exception
{
return _publickey.getEncoded();
}
public static PublicKey DecodePublicKey(byte[] _encodedkey) throws Exception
{
KeyFactory fac = KeyFactory.getInstance("RSA");
X509EncodedKeySpec encodedKey = new X509EncodedKeySpec(_encodedkey);
return fac.generatePublic(encodedKey);
}
public static byte[] EncodePrivateKey(PrivateKey _privatekey) throws Exception
{
return _privatekey.getEncoded();
}
public static PrivateKey DecodePrivateKey(byte[] _encodedkey) throws Exception
{
KeyFactory fac = KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec encodedKey = new PKCS8EncodedKeySpec(_encodedkey);
return fac.generatePrivate(encodedKey);
}
我首先尝试使用PEAR Crypt_RSA函数,但它不支持X.509或PKCS8(它只是简单的base64编码序列化模数,指数和键类型).然后我尝试了OpenSSL"openssl_get_publickey"函数,但它似乎也没有识别格式.
任何帮助将非常感谢oO
jhe*_*ngs 11
您需要将二进制格式(DER)从Java转换为PEM以用于OpenSSL(以及PHP绑定).您可以通过在命令行上指定-inform DER选项,使用OpenSSL命令行测试Java密钥文件.
<?
function pem2der($pem_data) {
$begin = "KEY-----";
$end = "-----END";
$pem_data = substr($pem_data, strpos($pem_data, $begin)+strlen($begin));
$pem_data = substr($pem_data, 0, strpos($pem_data, $end));
$der = base64_decode($pem_data);
return $der;
}
function der2pem($der_data) {
$pem = chunk_split(base64_encode($der_data), 64, "\n");
$pem = "-----BEGIN PUBLIC KEY-----\n".$pem."-----END PUBLIC KEY-----\n";
return $pem;
}
// load the public key from a DER-encoded file
$pubkey = der2pem(file_get_contents("pubkey"));
?>
有关在Java中使用OpenSSL密钥的更多信息,请查看此链接.
PHP函数需要PEM编码密钥.将DER编码密钥转换为PEM是微不足道的.
这是我将PKCS#8私钥转换为PEM的代码,
function pkcs8_to_pem($der) {
static $BEGIN_MARKER = "-----BEGIN PRIVATE KEY-----";
static $END_MARKER = "-----END PRIVATE KEY-----";
$value = base64_encode($der);
$pem = $BEGIN_MARKER . "\n";
$pem .= chunk_split($value, 64, "\n");
$pem .= $END_MARKER . "\n";
return $pem;
}
对于X509中的公钥,请在标记中将PRIVATE替换为PUBLIC.