RSA private key in PEM Format

My generated RSA keys are invalid in external systems.

I've generated RSA Keys using Java.

KeyPairGenerator generator = null;
try {
generator = KeyPairGenerator.getInstance("RSA");
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
generator.initialize(2048);
KeyPair pair = generator.generateKeyPair();


StringBuilder sbPrivate = new StringBuilder();
sbPrivate.append("-----BEGIN RSA PRIVATE KEY-----\n");
sbPrivate.append(Base64.getEncoder().encodeToString(pair.getPrivate().getEncoded()));
sbPrivate.append("\n-----END RSA PRIVATE KEY-----\n");

StringBuilder sbPublic = new StringBuilder();
sbPublic.append("-----BEGIN RSA PUBLIC KEY-----\n");
sbPublic.append(Base64.getEncoder().encodeToString(pair.getPublic().getEncoded()));
sbPublic.append("\n-----END RSA PUBLIC KEY-----\n");

In result I've got:

But when I'm trying to use this keys here https://kjur.github.io/jsrsasign/sample/sample-rsasign.html https://www.devglan.com/online-tools/rsa-encryption-decryption These keys are invalid.

Where could be a problem?

Solution

THe keys are not being written to standard PEM formats: PKCS8 & X.509 respectively.

The following works but the keys need to be tested on https://8gwifi.org/PemParserFunctions.jsp. This shows the PEMs are good. However, neither of the sites you suggested can process them.

import java.io.StringWriter;
import java.security.KeyPair;
import java.security.KeyPairGenerator;

import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.openssl.jcajce.JcaPKCS8Generator;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemWriter;

public class Whatever {
    public static void main (String[] args) throws Exception {
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        kpg.initialize(2048); 
        KeyPair kp = kpg.generateKeyPair();

        StringWriter writer = new StringWriter();
        try (JcaPEMWriter w = new JcaPEMWriter(writer)) {
            w.writeObject(new JcaPKCS8Generator(kp.getPrivate(), null));
        }
        
        PemWriter pemWriter = new PemWriter(writer);
        pemWriter.writeObject(new PemObject("PUBLIC KEY", kp.getPublic().getEncoded()));
        pemWriter.flush();
        pemWriter.close();

        System.out.println (writer.toString());

    }

Output:

Results from 8gwifi.org Private key:

 Private Key algo RSA
 Private Format  PKCS#8
 ASN1 Dump
RSA Private CRT Key [f9:3d:bb:ce:14:eb:b6:f4:68:c0:69:54:a8:47:da:56:78:6d:d2:ad]
            modulus: 971cad3ba1aab1f1f9d8af751b7d44ba1d15d0151bd0d09f2aab382af941f866ab60c55e3872248ec332fae44d9a66b8b15f107eb3b29b6f0d6a474a1436f6b2f1084c966c146705e30996de35b408f0b5e85d253597dc71d8667b052dff86e1461d2c86ce3ad260974971928e6228f6e9a08f231ed56047885263c06e4080d5555485a3a273cd5a400761aab2a3aa905c613c185b8605db37320f1f182eb44b25b8c5cccf787a0f6812ba88b29b7267cddd6a8372b554db8a3cc3a17026907af1e7c35f667b89d097c750a19988c96de9f040a83477f8396cea17a6240f95c423b674a043a76bd219f2037359abd64428cc52b726a14835c588e77eef9cf595
    public exponent: 10001

Public key:

Algo RSA
Format X.509
 ASN1 Dump
RSA Public Key [a6:cc:21:c6:b2:98:92:7a:96:d6:5b:ac:38:32:0c:dc:a3:1c:42:e5]
            modulus: 9c3eac15e0897fd6d1ecf1ff622b0fc0278f31496d10babf869fc39b8d3d5d4ff211b8014c8ff03149c7fb68ee39361e0a2ace075d1b73f42b15585a2d5de01d6caf48bf96bf4b9f75679988b5c09c808d75d889090bce53ee6c78d5283f0e102af14042064ba20b235a6dae6a32529d21ac9150ade3c81a595ac888ee0e419564493c57ad43649de9d727d6f66d76a6fc1b75c9ad44d6dd7f6ff21367fd375908df1b05e072da98cadbc01c2defe78d6cf68e77276b969ffa4e049736d39f007795b2cea3d11f303581b97e5e29cab3ce57e54e4f030262542b12c82164346c099a6b823edac78a9c198b96b1e637eb6fbd4f962963d9539776b476cd4ec539
    public exponent: 10001

There is a dependency on Bouncy Castle as follows:

<dependency>
    <groupId>org.bouncycastle</groupId>
    <artifactId>bcpkix-jdk15on</artifactId>
    <version>1.56</version>
</dependency>