9

I following the steps from the link : How to read .pem file to get private and public key. I executed the following three commands:

1. $openssl genrsa -out mykey.pem 2048
2. $openssl pkcs8 -topk8 -inform PEM -outform PEM -in mykey.pem -out private_key.pem -nocrypt
3. $ openssl rsa -in mykey.pem -pubout -outform DER -out public_key.der

This created three files, but when I was trying to read those through Java code I started facing below error:

PUBLIC KEY EXPO : 65537
Only RSAPrivate(Crt)KeySpec and PKCS8EncodedKeySpec supported for RSA private keys

My code for reference:

public class PublicPrivateKeyDemo {
    private static File privateKeyFile = null;
    private static File publicKeyFile = null;

    public static void main(String[] args) {
        String path = "C:/Users/test898/keys";
        privateKeyFile = new File(path + "/" + "private.pem");
        publicKeyFile = new File(path + "/" + "public.der");

        try {
            loadkeys();
        } catch (IOException | GeneralSecurityException e) {
            System.out.println(e.getMessage());
        }
    }

    private static void loadkeys() throws IOException, GeneralSecurityException {
        byte[] publicKeyBytes = new byte[(int) publicKeyFile.length()];
        FileInputStream publicFis = null;
        publicFis = new FileInputStream(publicKeyFile);
        if (publicFis.read(publicKeyBytes) > 0) {
            X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyBytes);
            KeyFactory factory = KeyFactory.getInstance("RSA");
            RSAPublicKey pubKey = (RSAPublicKey) factory.generatePublic(publicKeySpec);
            BigInteger pKeyModulus = pubKey.getModulus();
            BigInteger pKeyExponent = pubKey.getPublicExponent();
            System.out.println("PUBLIC KEY EXPO : "+pKeyExponent);

        }

        byte[] privateKeyBytes = new byte[(int) privateKeyFile.length()];
        FileInputStream privateFis = null;
        privateFis = new FileInputStream(privateKeyFile);
        if (privateFis.read(privateKeyBytes) > 0) {
            //PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(privateKeyBytes);
            X509EncodedKeySpec spec = new X509EncodedKeySpec(privateKeyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            RSAPrivateKey privKey = (RSAPrivateKey) keyFactory.generatePrivate(spec);
            BigInteger pKeyModulus = privKey.getModulus();
            BigInteger pKeyExponent = privKey.getPrivateExponent();
            System.out.println("PRIVATE KEY : "+pKeyExponent);
        } 
    }
}

Please help me whats wrong here ? I assume Private Key should give value something simillar like below":

21150549370950609585296765828149303178265715265804890679831411170495636016527926323370428466362501818569080118374307191403222367256185274427528812911191842330928112748042350818573390540259857225467392220170770506599589136056049534085562156615813126185240565396115577449461468695709719589257257375788267753694280485882595576829517086782992300102288858453543505912425724874212273830247789870669315715724390578125469483751830964757980799543436412647956770560679365767737577100276745456138533646455249170660612983618544127693626739283128573829732806886889896396374650462743743148634276240986662548043510018342217214342529
Community
  • 1
  • 1
  • Your private key needs to be in DER format, not PEM. And you should use the PKCS8EncodedKeySpec for the private key. And although it will usually work that is not the correct way to read in a file. See [my answer](http://stackoverflow.com/questions/7250229/reading-a-binary-input-stream-into-a-single-byte-array-in-java/7250275#7250275) and others to a different question – President James K. Polk Sep 03 '16 at 22:40

1 Answers1

17

As per the link :http://codeartisan.blogspot.in/2009/05/public-key-cryptography-in-java.html You should be trying the below

Generate a 2048-bit RSA private key

$ openssl genrsa -out private_key.pem 2048

Convert private Key to PKCS#8 format (so Java can read it)

$ openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt

Output public key portion in DER format (so Java can read it)

$ openssl rsa -in private_key.pem -pubout -outform DER -out public_key.der

You can read the java code like below:

import java.io.DataInputStream;
    import java.io.File;
    import java.io.FileInputStream;
    import java.io.IOException;
    import java.security.KeyFactory;
    import java.security.NoSuchAlgorithmException;
    import java.security.interfaces.RSAPrivateKey;
    import java.security.interfaces.RSAPublicKey;
    import java.security.spec.InvalidKeySpecException;
    import java.security.spec.PKCS8EncodedKeySpec;
    import java.security.spec.X509EncodedKeySpec;

    public class Demo {

        public static final String PRIVATE_KEY="/home/user/private.der";
        public static final String PUBLIC_KEY="/home/user/public.der";

        public static void main(String[] args) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
            //get the private key
            File file = new File(PRIVATE_KEY);
            FileInputStream fis = new FileInputStream(file);
            DataInputStream dis = new DataInputStream(fis);

            byte[] keyBytes = new byte[(int) file.length()];
            dis.readFully(keyBytes);
            dis.close();

            PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
            KeyFactory kf = KeyFactory.getInstance("RSA");
            RSAPrivateKey privKey = (RSAPrivateKey) kf.generatePrivate(spec);
            System.out.println("Exponent :" + privKey.getPrivateExponent());
            System.out.println("Modulus" + privKey.getModulus());

            //get the public key
            File file1 = new File(PUBLIC_KEY);
            FileInputStream fis1 = new FileInputStream(file1);
            DataInputStream dis1 = new DataInputStream(fis1);
            byte[] keyBytes1 = new byte[(int) file1.length()];
            dis1.readFully(keyBytes1);
            dis1.close();

            X509EncodedKeySpec spec1 = new X509EncodedKeySpec(keyBytes1);
            KeyFactory kf1 = KeyFactory.getInstance("RSA");
            RSAPublicKey pubKey = (RSAPublicKey) kf1.generatePublic(spec1);

            System.out.println("Exponent :" + pubKey.getPublicExponent());
            System.out.println("Modulus" + pubKey.getModulus());
        }
    }

Program Output:

PUBLIC KEY EXPO : 65537
PRIVATE KEY : 16540425323481903232154296082061217323015064904150073221896716535825697862890781586244035403066600439504989225032100277459509106847714925918656002207273016950425690931486784061794302602299415224979080443644674838230854689682941689891752703570749249869153966528967635783430367525635094847999700308350727275663213969614628360232440655477057807291869565586695953970804798770095849408924111596670565606097668752646013504502815936286143578191877967720393294592625997337105475883689954727277867955887242546330469781268095607005541678733388864537898085207735975487415418212440417692928205650585590564551063589766600954407329
user207421
  • 305,947
  • 44
  • 307
  • 483
PAA
  • 1
  • 46
  • 174
  • 282