「青锋爱分享」Springboot+Python之RSA加解密方案(RSA深入)二
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了「青锋爱分享」Springboot+Python之RSA加解密方案(RSA深入)二相关的知识,希望对你有一定的参考价值。
参考技术A本篇文章要结合上一节文章一起看。
青锋爱分享-RSA-Springboot+Python整合
码云搜索: 青锋 会有惊喜哦哦。
通过python生成的公钥私钥 格式PKCS1 。
生成pem格式如下:
私钥头(-----BEGIN RSA PRIVATE KEY-----)
私钥尾(-----END RSA PRIVATE KEY-----)
我需要将此私钥转换为DER编码的PKCS8未加密格式,以便与java服务器代码一起使用,特别是PKCS8EncodedKeySpec。我已经试过使用rsa和pkcs8命令的OpenSSL,如果有更简单的办法,没有特别需要使用openssl。
RSA私钥格式PKCS1和PKCS8相互转换
RSA公钥格式PKCS1和PKCS8相互转换
以下转换基于openssl命令的操作;
执行:openssl genrsa -out private.pem 1024
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDlLm5+Kosybacfp8hzjn1fl2wT7Au2lm5SEtz6r+/wwSfq5KfY
H8q1AO/C92IwEpplNbrqYmOXQu6P07mg0lQOCvE5sdtmAvD2ex3wCef8lWmgdh5q
Uo4OMcmoSz3IAp/7/FnMag1IelSfdronPBDxazp6NUmQZITsYK6CsEl/ewIDAQAB
AoGBAJkMdvF+i9Kzc6YqMC0rfQJ3Zs+vFOtsbmQVAMnQ8JWBCJ1O8d/c60wRQgyb
lFCyO7VXOmoIJqX/Jr2aER8bFtG+Yxy6jsMu3ynwMwbhcVmCWCmZoWuE5pZdEJk6
lOdOay7TkE45X/Wc7K9iZs2uuB7sylIvK/HVxxit6FGePa4RAkEA9e+VoAbxBv78
HyxRcStW+Kc3lmE4zYBGAb2IYx48UEN34nP5rI8Tusqsy7CZ3rvSMi1CpVlj2eQK
FU8FzVFyjwJBAO6PU9q7il8NtecdvYBkDErlCawSeCdk9s79helT0Mrg9cWaVWFO
n0UxgT55MPXWGdMRXUUOCNnMilaw/p7dKlUCQDpjGeu3GivmB2dDN0ad2nUIBftu
s3SeWoB5RdL6T6liiyi5DfJ4uV9kVKe7Epy9jIabFjJ5SWpmaDps21zGVGMCQQCB
HvK0IW3zpOgf/+jh5UUCBJYHnLeMGwm7X11rvQH1zW05Vx9/W565ROI/fjkR1qCD
rZJeHgqMWDlIUuR9+BdBAkAI8+JWgWLdWceXX9Puu4KNmGukx4GZw2n53vMKp0Fu
puQxMonRWTN+kA76cq8QIj8xuEBkdxy1NFRMEkGu675m
-----END RSA PRIVATE KEY-----
执行:openssl pkcs8 -topk8 -inform PEM -in private.pem -outform pem -nocrypt -out pkcs8.pem
-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOUubn4qizJtpx+n
yHOOfV+XbBPsC7aWblIS3Pqv7/DBJ+rkp9gfyrUA78L3YjASmmU1uupiY5dC7o/T
uaDSVA4K8Tmx22YC8PZ7HfAJ5/yVaaB2HmpSjg4xyahLPcgCn/v8WcxqDUh6VJ92
uic8EPFrOno1SZBkhOxgroKwSX97AgMBAAECgYEAmQx28X6L0rNzpiowLSt9Andm
z68U62xuZBUAydDwlYEInU7x39zrTBFCDJuUULI7tVc6aggmpf8mvZoRHxsW0b5j
HLqOwy7fKfAzBuFxWYJYKZmha4Tmll0QmTqU505rLtOQTjlf9Zzsr2Jmza64HuzK
Ui8r8dXHGK3oUZ49rhECQQD175WgBvEG/vwfLFFxK1b4pzeWYTjNgEYBvYhjHjxQ
Q3fic/msjxO6yqzLsJneu9IyLUKlWWPZ5AoVTwXNUXKPAkEA7o9T2ruKXw215x29
gGQMSuUJrBJ4J2T2zv2F6VPQyuD1xZpVYU6fRTGBPnkw9dYZ0xFdRQ4I2cyKVrD+
nt0qVQJAOmMZ67caK+YHZ0M3Rp3adQgF+26zdJ5agHlF0vpPqWKLKLkN8ni5X2RU
p7sSnL2MhpsWMnlJamZoOmzbXMZUYwJBAIEe8rQhbfOk6B//6OHlRQIElgect4wb
CbtfXWu9AfXNbTlXH39bnrlE4j9+ORHWoIOtkl4eCoxYOUhS5H34F0ECQAjz4laB
Yt1Zx5df0+67go2Ya6THgZnDafne8wqnQW6m5DEyidFZM36QDvpyrxAiPzG4QGR3
HLU0VEwSQa7rvmY=
-----END PRIVATE KEY-----
执行:openssl rsa -in pkcs8.pem -out pkcs1.pem
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDlLm5+Kosybacfp8hzjn1fl2wT7Au2lm5SEtz6r+/wwSfq5KfY
H8q1AO/C92IwEpplNbrqYmOXQu6P07mg0lQOCvE5sdtmAvD2ex3wCef8lWmgdh5q
Uo4OMcmoSz3IAp/7/FnMag1IelSfdronPBDxazp6NUmQZITsYK6CsEl/ewIDAQAB
AoGBAJkMdvF+i9Kzc6YqMC0rfQJ3Zs+vFOtsbmQVAMnQ8JWBCJ1O8d/c60wRQgyb
lFCyO7VXOmoIJqX/Jr2aER8bFtG+Yxy6jsMu3ynwMwbhcVmCWCmZoWuE5pZdEJk6
lOdOay7TkE45X/Wc7K9iZs2uuB7sylIvK/HVxxit6FGePa4RAkEA9e+VoAbxBv78
HyxRcStW+Kc3lmE4zYBGAb2IYx48UEN34nP5rI8Tusqsy7CZ3rvSMi1CpVlj2eQK
FU8FzVFyjwJBAO6PU9q7il8NtecdvYBkDErlCawSeCdk9s79helT0Mrg9cWaVWFO
n0UxgT55MPXWGdMRXUUOCNnMilaw/p7dKlUCQDpjGeu3GivmB2dDN0ad2nUIBftu
s3SeWoB5RdL6T6liiyi5DfJ4uV9kVKe7Epy9jIabFjJ5SWpmaDps21zGVGMCQQCB
HvK0IW3zpOgf/+jh5UUCBJYHnLeMGwm7X11rvQH1zW05Vx9/W565ROI/fjkR1qCD
rZJeHgqMWDlIUuR9+BdBAkAI8+JWgWLdWceXX9Puu4KNmGukx4GZw2n53vMKp0Fu
puQxMonRWTN+kA76cq8QIj8xuEBkdxy1NFRMEkGu675m
-----END RSA PRIVATE KEY-----
可以看出结果和1是一致的;
执行:openssl rsa -in private.pem -pubout -out public.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlLm5+Kosybacfp8hzjn1fl2wT
7Au2lm5SEtz6r+/wwSfq5KfYH8q1AO/C92IwEpplNbrqYmOXQu6P07mg0lQOCvE5
sdtmAvD2ex3wCef8lWmgdh5qUo4OMcmoSz3IAp/7/FnMag1IelSfdronPBDxazp6
NUmQZITsYK6CsEl/ewIDAQAB
-----END PUBLIC KEY-----
5. 从pkcs8私钥中生成pkcs8公钥
执行:openssl rsa -in pkcs8.pem -pubout -out public_pkcs8.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlLm5+Kosybacfp8hzjn1fl2wT
7Au2lm5SEtz6r+/wwSfq5KfYH8q1AO/C92IwEpplNbrqYmOXQu6P07mg0lQOCvE5
sdtmAvD2ex3wCef8lWmgdh5qUo4OMcmoSz3IAp/7/FnMag1IelSfdronPBDxazp6
NUmQZITsYK6CsEl/ewIDAQAB
-----END PUBLIC KEY-----
可以看出结果和4是一样的;
执行:openssl rsa -pubin -in public.pem -RSAPublicKey_out
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAOUubn4qizJtpx+nyHOOfV+XbBPsC7aWblIS3Pqv7/DBJ+rkp9gfyrUA
78L3YjASmmU1uupiY5dC7o/TuaDSVA4K8Tmx22YC8PZ7HfAJ5/yVaaB2HmpSjg4x
yahLPcgCn/v8WcxqDUh6VJ92uic8EPFrOno1SZBkhOxgroKwSX97AgMBAAE=
-----END RSA PUBLIC KEY-----
openssl rsa -pubin -in public_pkcs8.pem -RSAPublicKey_out
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAOUubn4qizJtpx+nyHOOfV+XbBPsC7aWblIS3Pqv7/DBJ+rkp9gfyrUA
78L3YjASmmU1uupiY5dC7o/TuaDSVA4K8Tmx22YC8PZ7HfAJ5/yVaaB2HmpSjg4x
yahLPcgCn/v8WcxqDUh6VJ92uic8EPFrOno1SZBkhOxgroKwSX97AgMBAAE=
-----END RSA PUBLIC KEY-----
可以看出转换的结果是一致的;
执行:openssl rsa -RSAPublicKey_in -in pub_pkcs1.pem -pubout
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlLm5+Kosybacfp8hzjn1fl2wT
7Au2lm5SEtz6r+/wwSfq5KfYH8q1AO/C92IwEpplNbrqYmOXQu6P07mg0lQOCvE5
sdtmAvD2ex3wCef8lWmgdh5qUo4OMcmoSz3IAp/7/FnMag1IelSfdronPBDxazp6
NUmQZITsYK6CsEl/ewIDAQAB
-----END PUBLIC KEY-----
可以看到和上面4,5的结果是一致的;
最后一点:
ios上用的是pkcs8格式的公钥
openssl用的是pkcs1格式的公钥
知道私钥以后是可以导出公钥的,所以私钥一定要保证安全
知道公钥不可以导出私钥
解决方案针对是window电脑。
配置:SystemRoot/ System32 环境变量。
1、邮件我的电脑-选择下【属性】。
2、选择高级系统设置
3、选择【高级】-【环境变量】
4、双击打开path,进行编辑
5、 接着我们在这名字后面加【;System32】就可以了。
安装 Win64 OpenSSL,地址: http://slproweb.com/products/Win32OpenSSL.html
下载后根据提示一步一步安装,安装完成后:
双击start.bat 启动
以上是关于「青锋爱分享」Springboot+Python之RSA加解密方案(RSA深入)二的主要内容,如果未能解决你的问题,请参考以下文章
springboot整合Hutool实现Convert类型转换实用案例-值得收藏
SpringBoot整合Redis 之 lettuce #私藏项目实操分享#
计算机毕业设计之java+springboot基于vue的游戏分享网站
spring boot 系列之七:SpringBoot整合Mybatis