How do I extract an RSA private key from a PEM encoded file when encountering an 'InvalidKeySpecException'?-javaTutorial-php.cn

How do I extract an RSA private key from a PEM encoded file when encountering an 'InvalidKeySpecException'?

Patricia Arquette

Release： 2024-11-10 10:28:02

Original

756 people have browsed it

How do I extract an RSA private key from a PEM encoded file when encountering an

Extracting RSA Private Key from PEM Encoded File

Problem:
You have a private key file encoded in PEM BASE64 format and wish to use it in an external context. However, encountering errors while attempting to decode the key.

Code Snippet and Errors:
Your Java code snippet for reading the private key and decoding the BASE64 data:

// Code omitted for brevity

Copy after login

Errors encountered:

InvalidKeySpecException: Inappropriate key specification: DerInputStream.getLength(): lengthTag=127, too big.

Copy after login

Solution:

The error indicates that the key is in PKCS#1 format, which requires different handling than the PKCS#8 format targeted in your code. Here's a revised solution that addresses this issue:

import sun.security.util.DerInputStream;
import sun.security.util.DerValue;

// Code omitted for brevity

public static PrivateKey pemFileLoadPrivateKeyPkcs1OrPkcs8Encoded(File pemFileName) throws GeneralSecurityException, IOException {
    // PKCS#8 format
    final String PEM_PRIVATE_START = "-----BEGIN PRIVATE KEY-----";
    final String PEM_PRIVATE_END = "-----END PRIVATE KEY-----";

    // PKCS#1 format
    final String PEM_RSA_PRIVATE_START = "-----BEGIN RSA PRIVATE KEY-----";
    final String PEM_RSA_PRIVATE_END = "-----END RSA PRIVATE KEY-----";

    Path path = Paths.get(pemFileName.getAbsolutePath());

    String privateKeyPem = new String(Files.readAllBytes(path));

    if (privateKeyPem.indexOf(PEM_PRIVATE_START) != -1) { // PKCS#8 format
        // Code omitted for brevity
    } else if (privateKeyPem.indexOf(PEM_RSA_PRIVATE_START) != -1) {  // PKCS#1 format
        privateKeyPem = privateKeyPem.replace(PEM_RSA_PRIVATE_START, "").replace(PEM_RSA_PRIVATE_END, "");
        privateKeyPem = privateKeyPem.replaceAll("\s", "");

        DerInputStream derReader = new DerInputStream(Base64.getDecoder().decode(privateKeyPem));

        DerValue[] seq = derReader.getSequence(0);

        // Code omitted for brevity
    }

    throw new GeneralSecurityException("Not supported format of a private key");
}

Copy after login

This updated code handles both PKCS#8 and PKCS#1 formats, allowing you to successfully extract the private key and proceed with your intended use.

The above is the detailed content of How do I extract an RSA private key from a PEM encoded file when encountering an 'InvalidKeySpecException'?. For more information, please follow other related articles on the PHP Chinese website!