php rsa2 pkcs8,关于pkcs8 与 rsa 互转的一个坑
关于pkcs8 与 rsa 互转的一个坑
发布时间:2020-04-05 02:03:20
来源:51CTO
阅读:15936
作者:ranfengzheng
其实最主要就2条命令(环境为centos6.5 已安装openssl openssl-devel 这2个包):
pkcs8转rsa:
openssl rsa -in pkcs8密钥 -out rsa密钥
rsa转pkcs8:
openssl pkcs8 -topk8 -inform PEM -in rsa密钥 -outform PEM -nocrypt -out pkcs8密钥
但是坑的地方是格式
看个例子(pkcs8转rsa):
假设开发给过来一个密钥
[root@localhost test]# cat test.pkcs8
MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBANzST5PZDWx+HWdDVAGE4PlADMB4gm1r0AGCvmcm68diL6Gjspm7flIesPURVxbEMzyUjMxPCm6aLPfcYSvORqDXR67ygUWszcPGtJDB/KPl+efDeCunKKQhmriyZIkdeOEjvlxjtmcji+vL7cC7nIcvlPx8EywzM9bwvfg/0hSDAgMBAAECgYA4O3I6Uy6g7yirsDCHRoBH2LCmnsmP9cF9cP7to7KtDmrUvavwjBdp8Bjd/3FvAb2OcsG8EXC1o5tJ7xvrnNbNC4zhHabMbFs9hCnahJbLIe7AJFerwQJRhtT7DmX0ax6MtdPXrFGoGUyM5uc5JX5cUCtzE7vhMO0nvLSKu/bw6QJBAO8npWjXdIy+BjKBsWYXHmlUg3m84P735z6qGdK/Xxq9U/F9v2XFd6TSfwWNFPFWoXnjnAg6J2nD4hD2J8/wam0CQQDsYBWl0/AX3CvZFR5tkBXCMmf30mQvziiJUbC5EPj4Jh5GirXevFSFcsie3H2D7xQ55FC2IVCNJeM0isGoSiSvAkABRCl5C6L/V8Y6oDsrOjYcAqmLjHd4giGEUGxAlGjRgG0gWzUXOdtvUPoBMoUI3heOyKi71mr9AV+CDXuae0BlAkAZB+PC97qJDEuoZVAfkg57zhKsb58kYNRyFjB8qIt027R6RN4VhCP/LbSI/hhcjEi8CK1zW/vHtqdkvPzc8V0JAkBzCYP7ggfbB6Ea0kd4+FoKkddwb91h5tQHH6BXsDl1CURqT2HGeiAbLkETcp7Wsgs5HiMHGcVxv8Xt/mtwFLMK
[root@localhost test]#
我开始使用命令转换
[root@localhost test]# openssl rsa -in test.pkcs8 -out test.rsa
unable to load Private Key
139656125785928:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY
[root@localhost test]#
报错了!
然后习惯性百度:
大概说的是 需要添加头部和尾部然后试试
[root@localhost test]# cat test.pkcs8
-----BEGIN PRIVATE KEY-----
MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBANzST5PZDWx+HWdDVAGE4PlADMB4gm1r0AGCvmcm68diL6Gjspm7flIesPURVxbEMzyUjMxPCm6aLPfcYSvORqDXR67ygUWszcPGtJDB/KPl+efDeCunKKQhmriyZIkdeOEjvlxjtmcji+vL7cC7nIcvlPx8EywzM9bwvfg/0hSDAgMBAAECgYA4O3I6Uy6g7yirsDCHRoBH2LCmnsmP9cF9cP7to7KtDmrUvavwjBdp8Bjd/3FvAb2OcsG8EXC1o5tJ7xvrnNbNC4zhHabMbFs9hCnahJbLIe7AJFerwQJRhtT7DmX0ax6MtdPXrFGoGUyM5uc5JX5cUCtzE7vhMO0nvLSKu/bw6QJBAO8npWjXdIy+BjKBsWYXHmlUg3m84P735z6qGdK/Xxq9U/F9v2XFd6TSfwWNFPFWoXnjnAg6J2nD4hD2J8/wam0CQQDsYBWl0/AX3CvZFR5tkBXCMmf30mQvziiJUbC5EPj4Jh5GirXevFSFcsie3H2D7xQ55FC2IVCNJeM0isGoSiSvAkABRCl5C6L/V8Y6oDsrOjYcAqmLjHd4giGEUGxAlGjRgG0gWzUXOdtvUPoBMoUI3heOyKi71mr9AV+CDXuae0BlAkAZB+PC97qJDEuoZVAfkg57zhKsb58kYNRyFjB8qIt027R6RN4VhCP/LbSI/hhcjEi8CK1zW/vHtqdkvPzc8V0JAkBzCYP7ggfbB6Ea0kd4+FoKkddwb91h5tQHH6BXsDl1CURqT2HGeiAbLkETcp7Wsgs5HiMHGcVxv8Xt/mtwFLMK
-----END PRIVATE KEY-----
[root@localhost test]# openssl rsa -in test.pkcs8 -out test.rsa
unable to load Private Key
140395488638792:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:812:
[root@localhost test]#
ps:rsa和pkcs8头尾是不一样的这里我加的是pkcs8的 不过还是不行。
然后大量的谷歌 大量的百度。。so就是没有找到为什么。。之后我开始模拟生成rsa 在转成pkcs8 看能不能转回来
[root@localhost test]# openssl genrsa -out 1 1024
Generating RSA private key, 1024 bit long modulus
...........................++++++
........++++++
e is 65537 (0x10001)
[root@localhost test]# cat 1
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDaps4+IdCD7nmalOhcx2FndMok++4ZeT1heQhS4dxwmZRcUSoA
2fW/2slVpBt0dWozrjyF0XO+j2M7OZkz6A7G6lgEshtIWhHYOsjkujQuQp5kDhsm
LyB0pa9CcvX/HzdG/gFPqlaoRrqDH0/ZOtt0gukp8uIdvXqwLO3fyR/48wIDAQAB
AoGBAIJBkOgOuOt/q83dG7f5xxscxjfWJXfjdB+XPNAzYWFq/KkqaP1s2yvaKMru
IrT0Jbp39/I4Xt2NCi6EF7KGchYQJFFw5Vk7rx+yWcSwzn5VMkLTCXo5VRRcXADP
j8oO0mNotEeA3Lm9s1ItyAJYiDd/hVZ9B8mVNGKabwtmWV8BAkEA8GiW9q32IV2D
0fy5S+ozyrsOeA7sQMgVp2wZ1Oo/WTvC8a/Lrny5W0AUggM7J+IMVxdqaGgzOrhJ
TNikdNVbswJBAOjU/k6TMZz1kC/SAv8PiNmVg+WEYeJjxOtm4wlyQFOjS74Az2U4
sRIvHmNs9Lp6CvHjkfeSCr0aqTAYIY0LTcECQHnONDbV2y/6hpB9QJEDH6ym6+TO
g***1TTXo5rp+KDIk7QKwuMsVGm0ZO+enXlOobv6pDI0IUiuGI1z8pczhtsCQQDe
6bVEU0aHyM8wCXhW7G+QKcaqwnDYx75rxgiOLbWKnefRVIM7nOhiyXvloxY3Rssd
xUwl48umO1VKN4A/wlfBAkB6/wdKAgw1lNXbDX0qXBgT7ODq/tMYPkSkHej+KXOJ
T1pMPLALJK1BRQgiYndR6Fp97oXz8rhflPgXq8ys+Bvf
-----END RSA PRIVATE KEY-----
[root@localhost test]# openssl pkcs8 -topk8 -inform PEM -in 1 -outform PEM -nocrypt -out 1.pkcs8
[root@localhost test]# cat 1.pkcs8
-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANqmzj4h0IPueZqU
6FzHYWd0yiT77hl5PWF5CFLh4HCZlFxRKgDZ9b/ayVWkG3R1ajOuPIXRc76PYzs5
mTPoDsbqWASyG0haEdg6yOS6NC5CnmQOGyYvIHSlr0Jy9f8fN0b+AU+qVqhGuoMf
T9k623SC6Sny4h39erAs7d/JH/jzAgMBAAECgYEAgkGQ6A6463+rzd0bt/nHGxzG
N9Yld+N0H5c80DNhYWr8qSpo/WzbK9ooyu4itPQlunf38jhe3Y0KLoQXsoZyFhAk
UXDlWTuvH7JZxLDOflUyQtMJejlVFFxcAM+Pyg7SY2i0R4Dcub2zUi3IAliIN3+F
Vn0HyZU0YppvC2ZZXwECQQDwaJb2rfYhXYPR/LlL6jPKuw54DuxAyBWnbBnU6j9Z
O8Lxr8uufLlbQBSCAzsn4gxXF2poaDM6uElM2KR01VuzAkEA6NT+TpMxnPWQL9IC
/w+I2ZWD5YRh5mPE62bjCXJAU6NLvgDPZTixEi8eY2z0unoK8eOR95IKvRqpMBgh
jQtNwQJAec40NtXbL/qGkH1AkQMfrKbr5M6CyyvVNNejmun4oMiTtArC4yxUabRk
756deU6hu/qkMjQhSK4YjXPylzOG2wJBAN7ptURTRofIzzAJeFbsb5ApxqrCcNjH
vmvGCI4ttYqd59FUgzuc6GLJe+WjFjdGyx3FTCXjy6Y7VUo3gD/CV8ECQHr/B0oC
DDWU1dsNfSpcGBPs4Or+0xg+RKQd6P4pc4lPWkw8sAskrUFFCCJid1HoWn3uhfPy
uF+U+BerzKz4G98=
-----END PRIVATE KEY-----
[root@localhost test]# openssl rsa -in 1.pkcs8 -out 1.rsa
writing RSA key
[root@localhost test]# cat 1.rsa
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDaps4+IdCD7nmalOhcx2FndMok++4ZeT1heQhS4dxwmZRcUSoA
2fW/2slVpBt0dWozrjyF0XO+j2M7OZkz6A7G6lgEshtIWhHYOsjkujQuQp5kDhsm
LyB0pa9CcvX/HzdG/gFPqlaoRrqDH0/ZOtt0gukp8uIdvXqwLO3fyR/48wIDAQAB
AoGBAIJBkOgOuOt/q83dG7f5xxscxjfWJXfjdB+XPNAzYWFq/KkqaP1s2yvaKMru
IrT0Jbp39/I4Xt2NCi6EF7KGchYQJFFw5Vk7rx+yWcSwzn5VMkLTCXo5VRRcXADP
j8oO0mNotEeA3Lm9s1ItyAJYiDd/hVZ9B8mVNGKabwtmWV8BAkEA8GiW9q32IV2D
0fy5S+ozyrsOeA7sQMgVp2wZ1Oo/WTvC8a/Lrny5W0AUggM7J+IMVxdqaGgzOrhJ
TNikdNVbswJBAOjU/k6TMZz1kC/SAv8PiNmVg+WEYeJjxOtm4wlyQFOjS74Az2U4
sRIvHmNs9Lp6CvHjkfeSCr0aqTAYIY0LTcECQHnONDbV2y/6hpB9QJEDH6ym6+TO
g***1TTXo5rp+KDIk7QKwuMsVGm0ZO+enXlOobv6pDI0IUiuGI1z8pczhtsCQQDe
6bVEU0aHyM8wCXhW7G+QKcaqwnDYx75rxgiOLbWKnefRVIM7nOhiyXvloxY3Rssd
xUwl48umO1VKN4A/wlfBAkB6/wdKAgw1lNXbDX0qXBgT7ODq/tMYPkSkHej+KXOJ
T1pMPLALJK1BRQgiYndR6Fp97oXz8rhflPgXq8ys+Bvf
-----END RSA PRIVATE KEY-----
[root@localhost test]#
然后再看看自己的
[root@localhost test]# cat test.pkcs8
-----BEGIN PRIVATE KEY-----
MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBANzST5PZDWx+HWdDVAGE4PlADMB4gm1r0AGCvmcm68diL6Gjspm7flIesPURVxbEMzyUjMxPCm6aLPfcYSvORqDXR67ygUWszcPGtJDB/KPl+efDeCunKKQhmriyZIkdeOEjvlxjtmcji+vL7cC7nIcvlPx8EywzM9bwvfg/0hSDAgMBAAECgYA4O3I6Uy6g7yirsDCHRoBH2LCmnsmP9cF9cP7to7KtDmrUvavwjBdp8Bjd/3FvAb2OcsG8EXC1o5tJ7xvrnNbNC4zhHabMbFs9hCnahJbLIe7AJFerwQJRhtT7DmX0ax6MtdPXrFGoGUyM5uc5JX5cUCtzE7vhMO0nvLSKu/bw6QJBAO8npWjXdIy+BjKBsWYXHmlUg3m84P735z6qGdK/Xxq9U/F9v2XFd6TSfwWNFPFWoXnjnAg6J2nD4hD2J8/wam0CQQDsYBWl0/AX3CvZFR5tkBXCMmf30mQvziiJUbC5EPj4Jh5GirXevFSFcsie3H2D7xQ55FC2IVCNJeM0isGoSiSvAkABRCl5C6L/V8Y6oDsrOjYcAqmLjHd4giGEUGxAlGjRgG0gWzUXOdtvUPoBMoUI3heOyKi71mr9AV+CDXuae0BlAkAZB+PC97qJDEuoZVAfkg57zhKsb58kYNRyFjB8qIt027R6RN4VhCP/LbSI/hhcjEi8CK1zW/vHtqdkvPzc8V0JAkBzCYP7ggfbB6Ea0kd4+FoKkddwb91h5tQHH6BXsDl1CURqT2HGeiAbLkETcp7Wsgs5HiMHGcVxv8Xt/mtwFLMK
-----END PRIVATE KEY-----
[root@localhost test]#
难道是因为需要分割?
[root@localhost test]# cat test.pkcs8
-----BEGIN PRIVATE KEY-----
MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBANzST5PZDWx+HWdD
VAGE4PlADMB4gm1r0AGCvmcm68diL6Gjspm7flIesPURVxbEMzyUjMxPCm6aLPfc
YSvORqDXR67ygUWszcPGtJDB/KPl+efDeCunKKQhmriyZIkdeOEjvlxjtmcji+vL
7cC7nIcvlPx8EywzM9bwvfg/0hSDAgMBAAECgYA4O3I6Uy6g7yirsDCHRoBH2LCm
nsmP9cF9cP7to7KtDmrUvavwjBdp8Bjd/3FvAb2OcsG8EXC1o5tJ7xvrnNbNC4zh
HabMbFs9hCnahJbLIe7AJFerwQJRhtT7DmX0ax6MtdPXrFGoGUyM5uc5JX5cUCtz
E7vhMO0nvLSKu/bw6QJBAO8npWjXdIy+BjKBsWYXHmlUg3m84P735z6qGdK/Xxq9
U/F9v2XFd6TSfwWNFPFWoXnjnAg6J2nD4hD2J8/wam0CQQDsYBWl0/AX3CvZFR5t
kBXCMmf30mQvziiJUbC5EPj4Jh5GirXevFSFcsie3H2D7xQ55FC2IVCNJeM0isGo
SiSvAkABRCl5C6L/V8Y6oDsrOjYcAqmLjHd4giGEUGxAlGjRgG0gWzUXOdtvUPoB
MoUI3heOyKi71mr9AV+CDXuae0BlAkAZB+PC97qJDEuoZVAfkg57zhKsb58kYNRy
FjB8qIt027R6RN4VhCP/LbSI/hhcjEi8CK1zW/vHtqdkvPzc8V0JAkBzCYP7ggfb
B6Ea0kd4+FoKkddwb91h5tQHH6BXsDl1CURqT2HGeiAbLkETcp7Wsgs5HiMHGcVx
v8Xt/mtwFLMK
-----END PRIVATE KEY-----
[root@localhost test]# openssl rsa -in test.pkcs8 -out test.rsa
writing RSA key
[root@localhost test]# cat test.rsa
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDc0k+T2Q1sfh2nQ1QBhOD5QAzAeIJta9ABgr5nJuvHYi+ho7KZ
u35SHrD1EVcWxDM8lIzMTwpumiz33GErzkag10eu8oFFrM3DxrSQwfyj5fnnw3gr
pyikIZq4smSJHXjhI75cY7ZnI4vry+3Au5yHL5T8fBMsMzPW8L34P9IUgwIDAQAB
AoGAODtyOlMuoO8oq7Awh0aAR9iwpp7Jj/XBfXD+7aOyrQ5q1L2r8IwXafAY3f9x
bwG9jnLBvBFwtaObSe8b65zWzQuM4R2mzGxbPYQp2oSWyyHuwCRXq8ECUYbU+w5l
9GsejLXT16xRqBlMjObnOSV+XFArcxO74TDtJ7y0irv28OkCQQDvJ6Vo13SMvgYy
gbFmFx5pVIN5vOD+9+c+qhnSv18avVPxfb9lxXek0n8FjRTxVqF545wIOidpw+IQ
9ifP8GptAkEA7GAVpdPwF9wr2RUebZAVwjJn99JkL84oiVGwuRD4+CYeBoq13rxU
hXLIntx9g+8UOeRQtiFQjSXjNIrBqEokrwJAAUQpeQui/1fGOqA7Kzo2HAKpi4x3
eIIhhFBsQJRo0YBtIFs1Fznbb1D6ATKFCN4Xjsiou9Zq/QFfgg17mntAZQJAGQfj
wve6iQxLqGVQH5IOe84SrG+fJGDUchYwfKiLdNu0ekTeFYQj/y20iP4YXIxIvAit
c1v7x7anZLz83PFdCQJAcwmD+4IH2wehGtJHePhaCpHXcG/dYeLUBx+gV7A5dQlE
ak9hxnogGy5BE3Ke1rILOR4jBxnFcb/F7f5rcBSzCg==
-----END RSA PRIVATE KEY-----
[root@localhost test]#
然后搞定!。。
结论:虽然不知道是为什么,但是确实这个密钥对格式有一定的要求并不能像代码一样一行就能搞定 转换的时候 需要加上头部底部 在对字符串 以相应的格式 换行 才能转换
php rsa2 pkcs8,关于pkcs8 与 rsa 互转的一个坑相关推荐
- java rsa密钥转pkcs8,关于pkcs8 与 rsa 互转的一个坑
其实最主要就2条命令(环境为centos6.5 已安装openssl openssl-devel 这2个包): pkcs8转rsa: openssl rsa -in pkcs8密钥 -out rsa密 ...
- 安卓和php接口数据传输加密,安卓与PHP间的RSA(openssl)交互加密的坑
这几天在写一个安卓的RSA公钥加密算法,用于跟PHP后台接口进行交互.在实践过程中发现了几个坑.其中我的公钥和私钥都是通过openssl生成的pem格式. 遇到的坑: 1.通过java的RSA公钥加密 ...
- 不这样做,同名互踢容易踩坑!
作者 | 张超 责编 | 伍杏玲 出品 | CSDN(ID:CSDNnews) 最近我在做连接服务的结构调整,梳理到其中的一个功能点:同账号连续登录,旧的连接会被新的连接踢掉的功能. 第一个感觉这是个 ...
- 简体-繁体互转换的一个JS
代码 document.write(" <a name=\"StranLink\" style=\"color:red\">繁體中文< ...
- java pkcs1转pkcs8_pkcs1与pkcs8格式RSA私钥互相转换
1.PKCS1私钥生成 openssl genrsa -out private.key 1024 private.key文件内容如下: -----BEGIN RSA PRIVATE KEY----- ...
- pkcs1转pkcs8 php,openssl RSA密钥格式PKCS1和PKCS8相互转换
openssl 生成pkcs1格式的私钥,密钥长度2048位, (PKCS1) openssl genrsa -out private.pkcs1.pem 2048 PKCS1私钥转换为PKCS8 o ...
- PHP rsa私钥pkcs8加密,Openssl rsa私钥的PKCS#1和PKCS#8格式以及加密和转化
这里主要介绍: 私钥的PKCS#1格式,及PKCS#8格式 格式PKCS#1和PKCS#8之间的互相转化 私钥的加密,解密 PKCS#1 -> PKCS#8 生成PKCS#1私钥 $ opens ...
- pkcs1转pkcs8 php,pkcs1与pkcs8格式RSA私钥互相转换
注:亲验可用 转载自:https://www.jianshu.com/p/08e41304edab 1.PKCS1私钥生成 openssl genrsa -out private.pem 1024 p ...
- openssl pkcs8
用途: pkcs8格式的私钥转换工具.它处理在PKCS#8格式中的私钥文件.它可以用多样的PKCS#5 (v1.5 and v2.0)和 PKCS#12算法来处理没有解密的PKCS#8 Private ...
- 基于RSA的公钥基础体系下安全通信实战
目录 简说RSA 服务器的初始密钥对和认证请求 证书认证机构CA 服务器安装CA签名证书 客户机 小结 从样板戏<红灯记>到好莱坞谍战大片<风语者Windtalkers>等,许 ...
最新文章
- iOS 单例模式全面解析
- JS 变量的数据类型转换
- java 二叉堆_二叉堆(三)之 Java的实现
- dapper使用时性能优化
- c语言字符串截取_笔记 | 自学Python 05:数据类型之字符串
- Sentinel(二十)之Envoy RLS Token Server
- 书架(信息学奥赛一本通-T1228)
- Java的位运算符具体解释实例——与(amp;)、非(~)、或(|)、异或(^)
- 动态添加Table tbody 给option 下拉框动态赋值 逻辑删除
- 三 数据结构 --数和二叉树
- efi 炫龙dd3plus_散热真的“秀”,炫龙DD3 Plus细节感受魅力
- 直流电机驱动电路设计
- 设计模式之Bridge模式(桥接模式)
- Springboot整合minio
- 阿里巴巴2013笔试题 算法/研发岗 【详解】
- 四轴mpu6050姿态角卡尔曼滤波代码分析
- PG 异常状态- active+undersized+degraded
- extern C 介绍(转)
- 低保真原型vs高保真原型,哪一种更适合你的设计?
- 论 $*、$@、$*、$@的区别