How to read an OpenSSH or OpenSSL private key natively in Java?

Question

I'd like to read an OpenSSL private key natively in Java, without using BouncyCastle.

I have searched far and wide for this, but I cannot find an answer. When you see a key like:

-----BEGIN EC PRIVATE KEY-----
...base64 here....
-----END EC PRIVATE KEY-----

What format is that? It appears to be the same encoding as OpenSSH keys (I think). It is not pkcs8, although OpenSSL allows you convert it's key format to pkcs8 using the pkcs8 command with -topk8 argument.

I certainly cannot be the only person that has run into this problem, but despite extensive searching, I cannot find an answer. Thanks!

EDIT: None of the duplicates that were suggested talk about using a pure-java solution (no openssl) and no Bouncy Castle. Please don't mark it as a duplicate unless this exact question has been asked.

It's easy for western developers to be ignorant of the way business is conducted in Asian countries. China, as an example, has an entire set of EC curves that are unheard of in OpenSSL and Bouncycastle, that are used in inter-business-commerce, so the two two tools: OpenSSL and Bouncycastle are either very old versions or not available at all. Answers like "just use openssl" are neither helpful nor constructive.

You really want to use `openssl -topk8` if you're not willing to use Bouncycastle. — President James K. Polk, Feb 14 '18 at 20:41
I'm aware that openssl can do the conversion, as stated above, but openssl is not distributed with the JDK, making that an impossibility. — Jonathan S. Fisher, Feb 14 '18 at 21:00

score 2 · Accepted Answer · edited Oct 07 '21 at 08:58

https://www.rfc-editor.org/rfc/rfc5915

Elliptic Curve Private Key Format

This section gives the syntax for an EC private key. Computationally, an EC private key is an unsigned integer, but for representation, EC private key information SHALL have ASN.1 type ECPrivateKey:

ECPrivateKey ::= SEQUENCE {
 version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
 privateKey     OCTET STRING,
 parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
 publicKey  [1] BIT STRING OPTIONAL
}

score 1 · Answer 2 · answered Feb 14 '18 at 17:29

The Base64-block between the Begin- and End-blocks is the ASN.1 encoded private key data in the format bartonjs described in his answer. Without libraries that take the work from you, you have to do the loading yourself. An example how to do that for RSA can e.g. be found here. Other formats can be loaded in a similar way by passing the corresponding algorithm name to KeyFactory.getInstance(...);. In order to do this you have to parse the text at the begin-block and do a mapping from the name there to the algorithm-name to be used for the creation of the factory (most should be the same as being provided in the block, but I'm not sure for elliptic curves that is used in the example your provided in your question).

The base64-block needs to be decoded to a byte-array to pass it to the KeySpec.

How to read an OpenSSH or OpenSSL private key natively in Java?

2 Answers2