0

I'm trying to create a RSA private key from a given private Key.

That's what I'm trying to do:

String prK = "MIIBOQIBAAJAVJhUS0gLqXLOmVv2xG23oFPwim9+rVxGhLUXqKShQCvB3iRMOHn7\n" +
        "/GNJumpwmnglcsNXuqAhN0OxqKGGJdtYdwIDAQABAkBP0VrXnSbDvvuIX+k59Xvo\n" +
        "3sp7FDAmSoaO+H9WM9+ht5H/f/geIrSEXSIkFLnzniMwtOJ422GmkDkL1F67HuDh\n" +
        "AiEAlNauDiq3RqoXufbauyPEOG9fMS2pvB+auT2XCHJhhKsCIQCRgIo7WIRZYnNp\n" +
        "NRWaoppUQK3g+aM8sdeBYpbs2nwDZQIgZXIxrmxFAUAb7d+oVFdbfc/DRSTHhPbR\n" +
        "oaKuF87GUwMCIFmzaATsLjO42TPMETSS+BfnBAtFe5hIf3Z5pFgC3h9tAiEAgYju\n" +
        "g92fmVvE+CcRSg6at7meSEbK/Kxg7Ar4mlkXMlI=";


byte[] privateKeyBytes = prK.getBytes(StandardCharsets.UTF_8);

PrivateKey privateKey = null;
try {
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    KeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
    privateKey = keyFactory.generatePrivate(privateKeySpec);
} catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
} catch (InvalidKeySpecException e) {
    e.printStackTrace();
}

However, throws a system error:

 06-13 13:38:22.965 23257-23257/com.example.michael.dather W/System.err: java.security.spec.InvalidKeySpecException: java.lang.RuntimeException: error:0c0890ba:ASN.1 encoding routines:asn1_check_tlen:WRONG_TAG
 06-13 13:38:22.965 23257-23257/com.example.michael.dather W/System.err:     at com.android.org.conscrypt.OpenSSLKey.getPrivateKey(OpenSSLKey.java:283)
 06-13 13:38:22.965 23257-23257/com.example.michael.dather W/System.err:     at com.android.org.conscrypt.OpenSSLRSAKeyFactory.engineGeneratePrivate(OpenSSLRSAKeyFactory.java:64)
 06-13 13:38:22.965 23257-23257/com.example.michael.dather W/System.err:     at java.security.KeyFactory.generatePrivate(KeyFactory.java:187)
 06-13 13:38:22.965 23257-23257/com.example.michael.dather W/System.err:     at com.example.michael.dather.SECURITY.Encrypt$override.rsaDecrypt(Encrypt.java:145)
 06-13 13:38:22.965 23257-23257/com.example.michael.dather W/System.err:     at com.example.michael.dather.SECURITY.Encrypt$override.rsaEncrypt(Encrypt.java:117)
 06-13 13:38:22.965 23257-23257/com.example.michael.dather W/System.err:     at com.example.michael.dather.SECURITY.Encrypt$override.init$body(Encrypt.java:45)
 06-13 13:38:22.965 23257-23257/com.example.michael.dather W/System.err:     at com.example.michael.dather.SECURITY.Encrypt$override.access$dispatch(Encrypt.java)
 06-13 13:38:22.965 23257-23257/com.example.michael.dather W/System.err:     at com.example.michael.dather.SECURITY.Encrypt.<init>(Encrypt.java:0)

privateKey = keyFactory.generatePrivate(privateKeySpec);

Does anyone know what might be wrong with my code?

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
Michael
  • 1,030
  • 14
  • 29
  • Please provide the crash report – Lucas Queiroz Ribeiro Jun 13 '16 at 12:31
  • I meant system error. I added it to the question – Michael Jun 13 '16 at 12:41
  • Have you tried removing all the `\n` in the string? – Enzokie Jun 13 '16 at 13:09
  • @Enzokie just did it. Still doesn't work – Michael Jun 13 '16 at 13:19
  • if the value of `prK` you show on the code above is the actual private key you were planning to use on your app I strongly suggest you to change it (or create a new one) and to (in case there's a server) invalidate it on the server. It's called **PRIVATE** key. If you just posted it on the internet it's not private anymore and your security have been compromised. – Budius Jun 13 '16 at 13:44
  • Yes, I know. I will generate a new one as soon I'll get this to work. Thx for the warning :) – Michael Jun 13 '16 at 13:45
  • The contents of `prK` look like they're base64-encoded. I don't know what `PKCS8EncodedKeySpec()` expects/can handle, but I suspect you'll need to pass the contents through a base64-decoder first. – TripeHound Jun 13 '16 at 13:59
  • Seems to be and error on encoding, maybe the `\n` is breaking something – Lucas Queiroz Ribeiro Jun 13 '16 at 18:44
  • Are you sure this is a PKCS#8-encoded private key and not a PKCS#1-encoded private key? – Artjom B. Jun 13 '16 at 19:11
  • Judging from your [other question](http://stackoverflow.com/q/37791368/1816580), we see that this private key has a `BEGIN RSA PRIVATE KEY` PEM header, which suggests that this is PKCS#1-encoded and not PKCS#8-encoded. See more: http://stackoverflow.com/q/20065304/1816580 – Artjom B. Jun 13 '16 at 20:16

0 Answers0