RsaKeys.java
package cn.home1.oss.lib.common.crypto;
import static cn.home1.oss.lib.common.crypto.CryptoConstants.COLON;
import static cn.home1.oss.lib.common.crypto.RsaKey.KEY_FORMAT_PKCS1;
import static cn.home1.oss.lib.common.crypto.RsaKey.KEY_FORMAT_PKCS8;
import static cn.home1.oss.lib.common.crypto.RsaKey.KEY_FORMAT_PKCS8_X509;
import static cn.home1.oss.lib.common.crypto.RsaKey.KEY_FORMAT_X509;
import static cn.home1.oss.lib.common.crypto.RsaKey.KEY_TYPE_PAIR;
import static cn.home1.oss.lib.common.crypto.RsaKey.KEY_TYPE_PRIVATE;
import static cn.home1.oss.lib.common.crypto.RsaKey.KEY_TYPE_PUBLIC;
import static cn.home1.oss.lib.common.crypto.RsaKey.extractPrivateKey;
import static cn.home1.oss.lib.common.crypto.RsaKey.extractPublicKey;
import static cn.home1.oss.lib.common.crypto.RsaKey.keySize;
import static cn.home1.oss.lib.common.crypto.RsaKey.keySpec;
import static cn.home1.oss.lib.common.crypto.RsaKeyGenerator.pem;
import static java.nio.charset.StandardCharsets.US_ASCII;
import static lombok.AccessLevel.PRIVATE;
import static org.apache.commons.io.FileUtils.writeStringToFile;
import cn.home1.oss.lib.common.CodecUtils;
import lombok.NoArgsConstructor;
import lombok.SneakyThrows;
import java.io.File;
/**
* Created by zhanghaolun on 16/11/13.
*/
@NoArgsConstructor(access = PRIVATE)
public abstract class RsaKeys {
public static String generateRsaKey(final int keySize) {
final String spec = RsaKey.keySpec(KEY_FORMAT_PKCS8_X509, keySize, KEY_TYPE_PAIR);
final RsaKeyGenerator rsaKeyGenerator = new RsaKeyGenerator(spec);
final KeyExpression pairPkcs8X509 = rsaKeyGenerator.generateKey();
final KeyExpression pairPkcs1 = RsaKeyGenerator.convertPairFromPkcs8X509ToPkcs1(pairPkcs8X509);
final StringBuilder result = new StringBuilder();
//
System.err.println("privateKey PKCS8: " + writePemFile(pairPkcs8X509, KEY_FORMAT_PKCS8, KEY_TYPE_PRIVATE));
final String privateKeyPkcs1PemFile = writePemFile(pairPkcs1, KEY_FORMAT_PKCS1, KEY_TYPE_PRIVATE);
System.err.println("privateKey PKCS1: " + privateKeyPkcs1PemFile);
System.err.println("Check with command line OpenSSL that the key format is as expected:");
System.err.println("openssl rsa -in " + privateKeyPkcs1PemFile + " -noout -text");
//
System.err.println("publicKey x509: " + writePemFile(pairPkcs8X509, KEY_FORMAT_X509, KEY_TYPE_PUBLIC));
System.err.println("publicKey PKCS1: " + writePemFile(pairPkcs1, KEY_FORMAT_PKCS1, KEY_TYPE_PUBLIC));
//
return result //
.append(pairPkcs8X509.toString()).append("\n") //
.append(pairPkcs1.toString()).append("\n") //
.append(keySpec(KEY_TYPE_PRIVATE, keySize, KEY_FORMAT_PKCS1)).append(COLON) //
.append(extractPrivateKey(pairPkcs1)).append("\n") //
.append(keySpec(KEY_TYPE_PRIVATE, keySize, KEY_FORMAT_PKCS8)).append(COLON) //
.append(extractPrivateKey(pairPkcs8X509)).append("\n") //
.append(keySpec(KEY_TYPE_PUBLIC, keySize, KEY_FORMAT_PKCS1)).append(COLON) //
.append(extractPublicKey(pairPkcs1)).append("\n") //
.append(keySpec(KEY_TYPE_PUBLIC, keySize, KEY_FORMAT_X509)).append(COLON) //
.append(extractPublicKey(pairPkcs8X509)) //
.toString();
}
public static File keyFile(final String keyFormat, final int keySize, final String keyType) {
//final String targetDirectory = System.getProperty("java.io.tmpdir", "/tmp");
final String targetDirectory = System.getProperty("user.dir", "/tmp");
return new File(targetDirectory + "/" + keySpec(keyType, keySize, keyFormat) + ".pem");
}
@SneakyThrows
public static String writePemFile(final KeyExpression pair, final String keyFormat, final String keyType) {
final int keySize = keySize(pair.getSpec());
final File pemFile = keyFile(keyFormat, keySize, keyType);
final byte[] bytes = CodecUtils.decodeBase64(KEY_TYPE_PRIVATE.equals(keyType) ? //
extractPrivateKey(pair) : extractPublicKey(pair));
writeStringToFile(pemFile, pem(bytes, keyFormat, keyType), US_ASCII);
return pemFile.getPath();
}
}