How to load an RSA private key from a file?
Hi,
I'm a newbie in regards to the Security APIs and I have need to have an instance of 'PrivateKey' passed off to an library I'm working with (GData to be specific).
My public key was generated with OpenSSL and is a 1024-bit RSA key encoded in an X.509 certificate in PEM format. I also have my private key in a separate file and I would like to load the private key from that file and have it converted into correct instance of 'PrivateKey'. Can some one point in a general direction on how I would accomplish this?
Any help would be appreciated.
Thanks,
Justin
[608 byte] By [
jgalzica] at [2007-11-27 5:19:46]
# 1
File pubKeyFile = ...
File privKeyFile = ...
// read public key DER file
DataInputStream dis = new DataInputStream(new FileInputStream(pubKeyFile));
byte[] pubKeyBytes = new byte[(int)pubKeyFile.length()];
dis.readFully(pubKeyBytes);
dis.close();
// read private key DER file
dis = new DataInputStream(new FileInputStream(privKeyFile));
byte[] privKeyBytes = new byte[(int)privKeyFile.length()];
dis.read(privKeyBytes);
dis.close();
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
// decode public key
X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(pubKeyBytes);
RSAPublicKey pubKey = (RSAPublicKey) keyFactory.generatePublic(pubSpec);
// decode private key
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(privKeyBytes);
RSAPrivateKey privKey = (RSAPrivateKey) keyFactory.generatePrivate(privSpec);
Message was edited by:
sabre150
# 2
Thank-you for such a quick response. I tried out the code sample you suggested, however, when invoking keyFactory.generatePublic or keyFactory.generatePrivate, I get the exception:
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:163)
at java.security.KeyFactory.generatePublic(KeyFactory.java:284)
What's specific about opening up a 'DER' key file versus a PEM key file? Mine is saved 'PEM' so the private key file resembles:
--BEGIN RSA PRIVATE KEY--
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,3E0A8BCC9B863ECA
[PRIVATE_KEY_GOES_HERE]
--END RSA PRIVATE KEY--
--BEGIN CERTIFICATE REQUEST--
[CERTIFICATE_REQUEST_INFORMATION_GOES_HERE]
--END CERTIFICATE REQUEST--
Thanks,
Justin
# 3
PEM files consist of a header, body and footer as ASCII characters with the body being the Base64 encoded content of the DER file. You can convert PEM to DER in two obvious ways -
1) Use openssl to convert the PEM to DER using something likeopenssl rsa -inform PEM -in rsapriv.pem -outform DER -pubout -out rsapub.der
openssl pkcs8 -topk8 -inform PEM -in rsapriv.pem -outform DER -nocrypt -out rsapriv.der
Check the openssl 'man page' for further details.
or
2) Within your Java, strip the header and footer and then Base64 decode the body before using the body to create the keys.
Message was edited by:
sabre150
