gpt4 book ai didi

java - 如何格式化导出的 Vault 私钥以供使用?

转载 作者:行者123 更新时间:2023-11-30 01:41:28 26 4
gpt4 key购买 nike

我正在运行Vault在本地,使用传输 secret 引擎。我在内存中本地运行,创建了一个可导出的私钥,可以使用以下信息检索该私钥:

{
"request_id": "ad4401f3-b88b-19f1-0bec-ce710dc647ee",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": {
"keys": {
"1": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAnLs+5HqCJzJBcdLU+m5hO70ELEBdh2Iy/dp4hGwR2dZiHYGD\nD7jUyTkjDAOpjqsCcqK/bAqCFS/1781s7n37IzVwtu4wU7fXjGdW7582QxfEpUms\n9IYFvzWfIhPDE5VmeXJb7yKiW8rySAbyqQ/ctmOUZtZi/PbHQgS3rmcLvOidp8kJ\nGLb7LYjsZB9tS+Hk4YWKo/3LEyyEkeWtUTQVKzkOOlOZtBmlSkkpz0nV0af/yqkT\nVvvh+RarwlrVwiJvgB8bpSq/gl68Fv28TKa7j0lsHINLgEy1W69KKXg8BVfZvxKn\nwwdtkhlnLN+qtuqk3uO4EOxzZojKdLTXEpp1QwIDAQABAoIBACfoKXBlnSQ70JwZ\n0a7eUhWy4BAgZ3AkWdV3Pj6Bgd4UjzDyHBvxtQRzbvANMqwn8Nydgd4RouOgLZ/c\nj4L+QubJIaUCav22DsUqPuGOiXN15tUrOEWepnH0RkuX+pDO9qOvsabnC64Rs7UR\nR9IyPsGWA2BX8CZ2829k4hwfEscLkae5KHd9bDvIRBH8XnafcUgf6cB3V3GVwZsU\nGuT1UUGcuubRXTrsOger9Rb0L3lgTXwpIXeOqAjeOEtjL6+bVOpMdiequmJf5VfK\nQ0If9gW6XHMQoPdx3+fBzC0/UU6BBNzfojZ9itHp1kQX3h7zilJbPJpm33Jgzg1J\nAUSPZtECgYEAzTmZwF0Mjb/FUZR884HZ23sVn81oW0mPDmgc3NtmY2YsRhyvd2nc\nsCAuQjDgmXyraEZ8IKoGQxHJn7t1yxpxISaGMCDQ1XvfHdSJxxQHGJW+/JjANN/F\nBGyMhCD3rQA8MIiDbe7PyfIhb2dOgza34e19V/5JwaCSd+nP4N10rXkCgYEAw4Ix\nTmY/RdhZABsPn0CymkJZ+y+rTKRNUNclNxuUAgVkOBlHt6ILa+B7gzI0bKX9+YZQ\nXIEsbREl6KvaJe9d5x/JHYcRhJJoHqPoJuvGlfxH7azEoyrdZcR57ayldhfVsvjJ\nsLD7b2lX9JzNnGtipx2PE4ppuB7oN5oU1VpulZsCgYAJHzNPUpN5RXney2vWYwIs\n+EaYyMeHrzhVmpkV1Aa0ClmTcDj4ZNMzXOrRdFy3VcxEoUVpKkWG+6ZrnCh7M5yt\nrYmvX/YIVy4upEDPgXtjQ1yu25dHgl6+eJiyUsjPfsAuJBM7cq73ufR0gDIEMQ1x\nVF4K6DmdCqcX/2OHCjDieQKBgQC7XtYUVgfDz5GUeVrifGXvUzHbexcHz9tNY7QF\n+YdC3Jns7cV+521cyPp2hTIbAobCkogH78B9EtcrAzCB9MMhE6RyiRUv4gSpgNqo\nGoTrD6p7zX1zB0zCEKfuMe0tnbAv4yGhFi0S3HnwNCsWAxC8KqcJyjiBvhU93Iyk\n4RNkiwKBgF8YeD0lrrD8C+gddQrhblTRA8mGvMKEfh992hG8bPpiac0n4uBe3bmH\nUvf66mHBScq/77bF4gMZpafWoTX7AAHS1NpIdg46WWUKQZTW593awCsjKByqxP0I\nFIsGZZNvdK2iw7iVAzIj1TqUdnpKjGw85iO0n2GsLTupy3qR7IdH\n-----END RSA PRIVATE KEY-----\n"
},
"name": "testkey",
"type": "rsa-2048"
},
"wrap_info": null,
"warnings": null,
"auth": null
}

我删除换行符和页眉/页脚,并得到以下 Base64 编码字符串:

val privKeystring = "MIIEowIBAAKCAQEAnLs+5HqCJzJBcdLU+m5hO70ELEBdh2Iy/dp4hGwR2dZiHYGDD7jUyTkjDAOpjqsCcqK/bAqCFS/1781s7n37IzVwtu4wU7fXjGdW7582QxfEpUms9IYFvzWfIhPDE5VmeXJb7yKiW8rySAbyqQ/ctmOUZtZi/PbHQgS3rmcLvOidp8kJGLb7LYjsZB9tS+Hk4YWKo/3LEyyEkeWtUTQVKzkOOlOZtBmlSkkpz0nV0af/yqkTVvvh+RarwlrVwiJvgB8bpSq/gl68Fv28TKa7j0lsHINLgEy1W69KKXg8BVfZvxKnwwdtkhlnLN+qtuqk3uO4EOxzZojKdLTXEpp1QwIDAQABAoIBACfoKXBlnSQ70JwZ0a7eUhWy4BAgZ3AkWdV3Pj6Bgd4UjzDyHBvxtQRzbvANMqwn8Nydgd4RouOgLZ/cj4L+QubJIaUCav22DsUqPuGOiXN15tUrOEWepnH0RkuX+pDO9qOvsabnC64Rs7URR9IyPsGWA2BX8CZ2829k4hwfEscLkae5KHd9bDvIRBH8XnafcUgf6cB3V3GVwZsUGuT1UUGcuubRXTrsOger9Rb0L3lgTXwpIXeOqAjeOEtjL6+bVOpMdiequmJf5VfKQ0If9gW6XHMQoPdx3+fBzC0/UU6BBNzfojZ9itHp1kQX3h7zilJbPJpm33Jgzg1JAUSPZtECgYEAzTmZwF0Mjb/FUZR884HZ23sVn81oW0mPDmgc3NtmY2YsRhyvd2ncsCAuQjDgmXyraEZ8IKoGQxHJn7t1yxpxISaGMCDQ1XvfHdSJxxQHGJW+/JjANN/FBGyMhCD3rQA8MIiDbe7PyfIhb2dOgza34e19V/5JwaCSd+nP4N10rXkCgYEAw4IxTmY/RdhZABsPn0CymkJZ+y+rTKRNUNclNxuUAgVkOBlHt6ILa+B7gzI0bKX9+YZQXIEsbREl6KvaJe9d5x/JHYcRhJJoHqPoJuvGlfxH7azEoyrdZcR57ayldhfVsvjJsLD7b2lX9JzNnGtipx2PE4ppuB7oN5oU1VpulZsCgYAJHzNPUpN5RXney2vWYwIs+EaYyMeHrzhVmpkV1Aa0ClmTcDj4ZNMzXOrRdFy3VcxEoUVpKkWG+6ZrnCh7M5ytrYmvX/YIVy4upEDPgXtjQ1yu25dHgl6+eJiyUsjPfsAuJBM7cq73ufR0gDIEMQ1xVF4K6DmdCqcX/2OHCjDieQKBgQC7XtYUVgfDz5GUeVrifGXvUzHbexcHz9tNY7QF+YdC3Jns7cV+521cyPp2hTIbAobCkogH78B9EtcrAzCB9MMhE6RyiRUv4gSpgNqoGoTrD6p7zX1zB0zCEKfuMe0tnbAv4yGhFi0S3HnwNCsWAxC8KqcJyjiBvhU93Iyk4RNkiwKBgF8YeD0lrrD8C+gddQrhblTRA8mGvMKEfh992hG8bPpiac0n4uBe3bmHUvf66mHBScq/77bF4gMZpafWoTX7AAHS1NpIdg46WWUKQZTW593awCsjKByqxP0IFIsGZZNvdK2iw7iVAzIj1TqUdnpKjGw85iO0n2GsLTupy3qR7IdH"

但是当我尝试在 Java (Kotlin) 中实例化 PrivateKey 对象时,我收到“InvalidKeyException:algid 解析错误,而不是序列”。

val privByteKey = Base64.getDecoder().decode(privKeystring)
val privKey = PKCS8EncodedKeySpec(privByteKey)
val privateKey = KeyFactory.getInstance("RSA").generatePrivate(privKey) // throws an exception

在使用私钥之前,我是否缺少格式化 Vault 输出的其他步骤?

编辑:根据要求进行堆栈跟踪:

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:251) ~[na:na]
at java.base/java.security.KeyFactory.generatePrivate(KeyFactory.java:390) ~[na:na]
at com.mycompany.testClass.service.MyService.testMethod(MyService.kt:83) ~[classes/:na]

最佳答案

Vault 默认以 PKCS1 格式导出 RSA key 。所以你可以考虑使用openssl将PKCS1格式转换为PKCS8格式:

openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in PKCS1_KEY.key -out PKCS8_KEY.key

然后使用您的代码来准备它。

或者使用 BouncyCaSTLe,它是 PEMReader读取此 key :

Security.addProvider(new BouncyCastleProvider());
FileReader fileReader = new FileReader("path/to/your/key/key.key");
PEMReader pemReader = new PEMReader(fileReader);
KeyPair keyPair = (KeyPair) pemReader.readObject();
PrivateKey aPrivate = keyPair.getPrivate();

关于java - 如何格式化导出的 Vault 私钥以供使用?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59827173/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com