GmSSL
GmSSL copied to clipboard
guanzhi
请问JAVA用bouncycastle怎么读取gmssl生成带密码的SM2私钥pem文件?
请问JAVA用bouncycastle怎么读取gmssl生成带密码的私钥pem文件? 使用JcePKCSPBEInputDecryptorProviderBuilder解密文件一直报 org.bouncycastle.pkcs.PKCSException: unable to read encrypted data: unable to create InputDecryptor: invalid keyLength value
` public static byte[] readPrivateKeyFromPem (String passwd, String filePath) throws Exception { InputStreamReader inputStreamReader = new InputStreamReader(new FileInputStream(filePath)); String priKeyStr = "MIIBBjBhBgkqhkiG9w0BBQ0wVDA0BgkqhkiG9w0BBQwwJwQQef6oPx3ecyTGZc5gGzvV+gIDAQAAAgEQMAsGCSqBHM9VAYMRAjAcBggqgRzPVQFoAgQQs3n3Cc3rRrVEjSRoagMaFQSBoAK6cI6C8/pSyqk6DL/5klJ/2IsLE0y2obFPjpXHhpGEJ4Xy55SqEBKony9wew6wVaYGeQRcnn6p3giasaFnrkI30xqfMKXDnzsGsTN7JZPUOuj9qTt+yZHML/rmhJWFRW2JiH5AKSUWQb5pmIdPWY28u1zNWRrm1xppwvB6+R/vjYyIooJSUUBp9QxX5C97nxgoJJrhlGpAitJRUoiv3no="; // 读取带密码保护的私钥: PEMParser pemParser = new PEMParser(inputStreamReader); // PEMParser pemParser = new PEMParser(new StringReader(priKeyStr)); Object o = pemParser.readObject(); PKCS8EncryptedPrivateKeyInfo epki = (PKCS8EncryptedPrivateKeyInfo) o; Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); // JceOpenSSLPKCS8DecryptorProviderBuilder builder = new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC"); System.out.println(PKCSObjectIdentifiers.id_PBES2.getId()); JcePKCSPBEInputDecryptorProviderBuilder builder = new JcePKCSPBEInputDecryptorProviderBuilder().setKeySizeProvider(new CustSecretKeySizeProvider()).setProvider("BC"); InputDecryptorProvider idp = builder.build(passwd.toCharArray());
System.out.println("encryption algorithm: " + epki.getEncryptionAlgorithm().getAlgorithm());
// System.out.println(CommonUtil.findDigestAlgorithmIdentifier("SM3"));
PrivateKeyInfo pki = epki.decryptPrivateKeyInfo(idp);
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
return converter.getPrivateKey(pki).getEncoded();
}
`
