咱们在平安检测的时候看到有用RSA加密对称密钥的,然而代码中看到的密钥是PEM格局,这种无奈间接看出密钥到底多长,是否合乎平安要求,这时候就要算出实在的密钥长度,而后判断是否合乎平安要求。
生成公私钥
生成私钥
咱们应用openssl工具间接生成公私钥(默认生成的是2048位):
openssl genrsa -out private8.pem也能够生成1024位:
openssl genrsa -out private8.pem 1024生成公钥
openssl rsa -in private8.pem -pubout -out public8.pem通过openssl提取模和指数
openssl rsa -in private8.pem -noout -text通过java api取对应的模数跟指数
import java.security.interfaces.RSAPublicKey; import com.sun.org.apache.xml.internal.security.utils.Base64; public class RSA_modulus { private static String PUBKEY_TEXT = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaSv68WTprFlvMUmRq8sF+ior4ZwNwX7H+d67dDiUTY/02jKLJDEbDy7B+ocH7fQNDwTGEsQreYkf23YAra7eVW4/TJZoR9MVezui9p4up0b6k0KbLzpVqsG1dQj+DfNRNq0TmQClvPbzVtyOISWMnWcUr5dLGEe5+FTGJqI72yXMelpPxIv01R9rP1PdDB+BlnMXx7e2/lmUFhs9nzvwLgehtqsbLN8bi4kjIL1R7fyQVXXEaWBRgBofE5CN48TYYK6NQlhRNjY3S7Dx6SE9PRWIj4XXs663PMXCVT9Wg9W1PyN544gk9TkbW5yFpLSbsQOTlcLzNW878jYG0q9zQIDAQAB"; public static void getModulesAndExponent() throws Exception { try { // 解密由base64编码的公钥,并结构X509EncodedKeySpec对象 java.security.spec.X509EncodedKeySpec bobPubKeySpec = new java.security.spec.X509EncodedKeySpec( Base64.decode(PUBKEY_TEXT)); // RSA算法 java.security.KeyFactory keyFactory = java.security.KeyFactory.getInstance("RSA"); // 取公钥匙对象 RSAPublicKey pubKey = (RSAPublicKey) keyFactory.generatePublic(bobPubKeySpec); System.out.println("modules: 0x" + pubKey.getModulus().toString(16)); System.out.println("publicExponent: 0x" + pubKey.getPublicExponent().toString(16)); }catch(Exception e) { throw e; } } public static void main(String[] args) { try { RSA_modulus.getModulesAndExponent(); } catch (Exception e) { e.printStackTrace(); } } }这样两种办法别离用公钥、钥匙失去模和指数,能够看到模是一样的,指数不同,这是因为在非对称加密中,模也就是计算出来的密钥长度是一样的,然而指数分为公匙指数和私钥指数。
举荐浏览:
https://mp.weixin.qq.com/s/dV2JzXfgjDdCmWRmE0glDA
https://mp.weixin.qq.com/s/an83QZOWXHqll3SGPYTL5g