Java 从文件加载 RSA 私钥时出现 InvalidKeySpecExeption
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/16233854/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
InvalidKeySpecExeption when loadding the RSA private key from file
提问by kimthuat
I'm trying to load a private key from file in java. This key is generated by ssh-agent. I'm actually using the code below:
我正在尝试从 java 中的文件加载私钥。此密钥由 ssh-agent 生成。我实际上正在使用下面的代码:
public PrivateKey getPrivateKeyFromFile() {
try {
//String privateKey = readFileAsString(System.getProperty("user.dir")+"/clefs/"+privateKeyName);
//byte[] encodePrivateKey = privateKey.getBytes();
File filePrivateKey = new File(System.getProperty("user.dir")+"/clefs/"+privateKeyName);
FileInputStream fis = new FileInputStream(System.getProperty("user.dir")+"/clefs/"+privateKeyName);
byte[] encodePrivateKey = new byte[(int) filePrivateKey.length()];
fis.read(encodePrivateKey);
fis.close();
java.security.KeyFactory keyFactory = java.security.KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec privatekeySpec = new PKCS8EncodedKeySpec(encodePrivateKey);
PrivateKey prikey = (PrivateKey) keyFactory.generatePrivate(privatekeySpec);
return prikey;
} catch (NoSuchAlgorithmException ne) {
ne.printStackTrace();
} catch (InvalidKeySpecException is) {
is.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
But it generated this exception:
但它产生了这个异常:
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format
at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:217)
at java.security.KeyFactory.generatePrivate(KeyFactory.java:372)
at com.nguyenkim.cea.signature.SignChallenge.getPrivateKeyFromFile(SignChallenge.java:53)
at com.nguyenkim.cea.signature.SignChallenge.main(SignChallenge.java:128)
Caused by: java.security.InvalidKeyException: invalid key format
at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:341)
at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:367)
at sun.security.rsa.RSAPrivateCrtKeyImpl.<init>(RSAPrivateCrtKeyImpl.java:91)
at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(RSAPrivateCrtKeyImpl.java:75)
at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:316)
at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:213)
... 3 more
Here is the private key:
这是私钥:
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAszReSzBumVb9GR/f3ClgykWE4UsONan1Ywk/H4+Wbi4HpcwB
8Lm9B+zJ94WdRtD8iQYmbUZFoHwFqTjRPtmQfFXcmxfuI7v64bg0csIw8hz1Af2r
xo7HBUoVcrTG5k3YrIkjeni/vD9uK6OZ1/lb+/TIvoEp9za577GJxv1omQ6GX7kv
baMe2GkfpJmrXnA706OEdyi3Ibdcng/V4lbJ9cm+TIBU2jLBqwEukwpL5VNghuQi
3YfpGhnPDBEnh4h5euFs4DGs4FnCgb+00yCuEgJSPvO5HsTnGbwTtEUnkxjtg8vD
plD7WenPsyiZqib/rLkNcpfEHKVC6G3QjEuO8QIDAQABAoIBAGliRoFY/fFW4og/
.............................
-----END RSA PRIVATE KEY-----
Any suggestions? Thanks.
有什么建议?谢谢。
采纳答案by Stephan
Are you sure its RSA ? also are you sure that the key is in the right format?
你确定它的 RSA ?您还确定密钥格式正确吗?
If the answer is yes to both questions you can try using bouncycastle lib
如果两个问题的答案都是肯定的,您可以尝试使用bouncycastle lib
EDIT :Try removing these rows from the key:
编辑:尝试从键中删除这些行:
-----BEGIN RSA PRIVATE KEY-----
.............................
-----END RSA PRIVATE KEY-----
UPDATE :make sure that you private key is in PKCS8 format if not you need to convert it like here
更新:确保你的私钥是 PKCS8 格式,如果不是你需要像这里那样转换它
回答by manishbhadu
Intstead of removing header and footers from private key file you can use BouncyCastle's Pemreader.
您可以使用 BouncyCastle 的 Pemreader,而不是从私钥文件中删除页眉和页脚。
private PrivateKey getPrivateKeyFromFile(String keyFile) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
final InputStream inputStream = getClass().getClassLoader().getResourceAsStream(keyFile);
String privateKeySTr = IOUtils.toString(inputStream, String.valueOf(StandardCharsets.UTF_8));
PemObject pem = new PemReader(new StringReader(privateKeySTr)).readPemObject();
byte[] der = pem.getContent();
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(der);
RSAPrivateKey privKey = (RSAPrivateKey) keyFactory.generatePrivate(ks);
return privKey;
}
