Search code examples
javarsapkcs#8

Unable to get PrivateKey from PKCS8

Unable to get PrivateKey from self generated PKCS8.

I've generated private key:

KeyPair pair = getKeyPair();
        
StringWriter privateWriter = new StringWriter();
try (JcaPEMWriter w = new JcaPEMWriter(privateWriter)) {
   w.writeObject(new JcaPKCS8Generator(pair.getPrivate(), null));

} catch (IOException e) {
     throw new RuntimeException(e);
}

And now I'm trying to get Private Key from String.

   private PrivateKey getPrivateKeyFromString(String key)  {

        key = """
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCoY5d/IeuUhznJ
HIxqSibQks5Hdm/2nd5HWvD/Jcdcd6wfjHuoUZyFarhm5sWR6aBj1ZAcj7o0hXPS
gRA64ka/eA09YcLe0FunKyUUwXihize3VbDDOrTqRgLdPdnbtcwFIYDok40IIUlK
...
x08Iqpel5FehCpIDAh/jqPNBfKLWV5TpRxvBDdrBAoGBALyv5VCiJjIUOgAsJ5cb
SwJLPGrlp7xSoe69TQ7Uc+GcvMwokP1hJCnaicKy/AyvQeBS5CQLu0nOfr0vy1mF
jAwpBvorgZ3HBlUYzIDyJKeep7Lj5nKHs5FicAOpTJCaKZAeruMW91Qh6KaMZwYb
hMg1M4O1HSDOsdDBg6wuoLqv
-----END PRIVATE KEY-----
                """;
        byte[] keyBytes = key.getBytes();
        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = null;
        try {
            keyFactory = KeyFactory.getInstance("RSA");
            return keyFactory.generatePrivate(spec);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }

    }

When running getPrivateKeyFromString gGetting an exception:

java.security.InvalidKeyException: invalid key format
Solution

  • Topaco answer helped a lot. This code works now.

    private PrivateKey getPrivateKeyFromString(String key)  {

            key = """
    -----BEGIN PRIVATE KEY-----
    MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCoY5d/IeuUhznJ
    HIxqSibQks5Hdm/2nd5HWvD/Jcdcd6wfjHuoUZyFarhm5sWR6aBj1ZAcj7o0hXPS
    ...
    jAwpBvorgZ3HBlUYzIDyJKeep7Lj5nKHs5FicAOpTJCaKZAeruMW91Qh6KaMZwYb
    hMg1M4O1HSDOsdDBg6wuoLqv
    -----END PRIVATE KEY-----
                    """;
            key = key.replace("-----BEGIN PRIVATE KEY-----", "")
                    .replace("-----END PRIVATE KEY-----", "")
                    .replaceAll("\n", "");
    
            byte[] keyBytes = Base64.getDecoder().decode(key);
            PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
            KeyFactory keyFactory;
            try {
                keyFactory = KeyFactory.getInstance("RSA");
                return keyFactory.generatePrivate(spec);
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new RuntimeException(e);
            }
    
        }