I have been facing issues in using a private key created using Java Code in my python code. While generating a Private key on Python works well for X25519 key exchange, same is failing for Java generated keys. Following are my keys:
Java Key: MFECAQEwBQYDK2VuBCIEIOgpbuKs48VIfZeuREeGNJ1FK3ERvIKPjUdebiWIb0hUgSEAbSGZItYNMIIuvOP7xeQGc/SiyBKWHwU/iEubh5mZ1gI=
Python Key: MD4CAQAwBwYDK2VuBQAEMDAuAgEAMAUGAytlbgQiBCCodQ6uxbvNpakHQUCUx07wU8bQ+oS3KJ6Kar1S1cvNbA==
Decoding using ASN1 parser returns two nested OCTET string for Python Generated code as Below:
`SEQUENCE (3 elem)
INTEGER 0
SEQUENCE (1 elem)
OBJECT IDENTIFIER 1.3.101.110 curveX25519 (ECDH 25519 key agreement algorithm)
OCTET STRING (34 byte) 0420A8750EAEC5BBCDA5A907414094C74EF053C6D0FA84B7289E8A6ABD52D5CBCD6C
OCTET STRING (32 byte) A8750EAEC5BBCDA5A907414094C74EF053C6D0FA84B7289E8A6ABD52D5CBCD6C`
Same for Java Key returns a single OCTET string as below:
SEQUENCE (4 elem)
INTEGER 1
SEQUENCE (1 elem)
OBJECT IDENTIFIER 1.3.101.110 curveX25519 (ECDH 25519 key agreement algorithm)
OCTET STRING (34 byte) 0420E8296EE2ACE3C5487D97AE444786349D452B7111BC828F8D475E6E25886F4854
OCTET STRING (32 byte) E8296EE2ACE3C5487D97AE444786349D452B7111BC828F8D475E6E25886F4854
[1] (33 byte) 006D219922D60D30822EBCE3FBC5E40673F4A2C812961F053F884B9B879999D602`
Code for Keypair Generation in Java is pasted Below:
KeyPair agreementKeyPair;
agreementKeyPair = KeyPairGenerator.getInstance("X25519", BouncyCastleProvider.PROVIDER_NAME)
.generateKeyPair();
String publicKey = Base64.getEncoder().encodeToString(agreementKeyPair.getPublic().getEncoded());
String privateKey = Base64.getEncoder().encodeToString(agreementKeyPair.getPrivate().getEncoded());
KeyData key = new KeyData();
key.setPrivateKey(privateKey);
key.setPublicKey(publicKey);
Code for Keypair generation in Python is also pasted Below:
inst_private_key = X25519PrivateKey.generate()
#print(base64.b64encode(bytes(tcrypto_private_key.).decode()))
inst_public_key = inst_private_key.public_key()
bytes_private_key = inst_private_key.private_bytes(
encoding=serialization.Encoding.DER,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption()
)
bytes_public_key = inst_public_key.public_bytes(
encoding=serialization.Encoding.DER,
format=serialization.PublicFormat.SubjectPublicKeyInfo
)
crypto_private_key = base64.b64encode(bytes_private_key).decode('utf-8')
crypto_public_key = base64.b64encode(bytes_public_key).decode('utf-8')
final_private_key=base64.b64encode(Crypto.IO.PKCS8.wrap(bytes_private_key, "1.3.101.110"))
While Decrypting using Python generated key and peer public key works in both direction, the key loading itself is failing when importing a key generated in Java.
ValueError: ('Could not deserialize key data. The data may be in an incorrect format, it may be encrypted with an unsupported algorithm, or it may be an unsupported key type (e.g. EC curves with explicit parameters).', [_OpenSSLErrorWithText(code=109052072, lib=13, reason=168, reason_text=b'error:068000A8:asn1 encoding routines::wrong tag'), _OpenSSLErrorWithText(code=109576458, lib=13, reason=524554, reason_text=b'error:0688010A:asn1 encoding routines::nested asn1 error')])
Any guidance will be highly appreciated.
Following steps were tried in Python:
- Generate a Keypair in Java code, outputs: "MFECAQEwBQYDK2VuBCIEIOgpbuKs48VIfZeuREeGNJ1FK3ERvIKPjUdebiWIb0hUgSEAbSGZItYNMIIuvOP7xeQGc/SiyBKWHwU/iEubh5mZ1gI="
- Load Peer Public Key generated in Java, outputs: "MCowBQYDK2VuAyEAa9Wbpvd9SsrpOZFcynyt/TO3x0Yrqyys4NUGIvyxX2Q="
- Unwrap Java generated Private Key, returning tuple containing algo identifier, private key and None
- Attempt load private Key from the 2nd element of the tuple (unwrapped_key=key[1])
At this step, the code returns a ValueError.
