This discussion is archived
1 2 Previous Next 16 Replies Latest reply: Sep 18, 2011 11:44 PM by handat RSS

Decode private key from DER format

838507 Newbie
Currently Being Moderated
Hi,

How can I decode the private key which is available in DER format? Actually I am implementing functionality for TLS communication between java as a server and C++ as client.
  • 1. Re: Decode private key from DER format
    EJP Guru
    Currently Being Moderated
    So you should be using JSSE on the Java side and OpenSSL on the C++ side. They already handle all that stuff and a lot more besides.
  • 2. Re: Decode private key from DER format
    838507 Newbie
    Currently Being Moderated
    We are using cyassl on the c++ side and JSSE/proprietary framework on the JAVA. We would like to decode private key belong to the PEM file, could you please give me some pointers or links if possible.

    Thanks.
  • 3. Re: Decode private key from DER format
    sabre150 Expert
    Currently Being Moderated
    user3516155 wrote:
    We are using cyassl on the c++ side and JSSE/proprietary framework on the JAVA. We would like to decode private key belong to the PEM file, could you please give me some pointers or links if possible.
    PEM stands for 'Privacy Enhanced Mail' and is not restricted to encoding any particular private key format. It's prime purpose is to Base64 encode binary data but it adds a header and trailer that may help decide on the content. One need to know what key format the PEM is wrapping. Even knowing it wraps a DER encoding is not necessarily enough. Knowing how the key was generated helps with this. Did you use OpenSSL and if so what command(s) were used?

    What do you mean by 'decode' ? Do you want to do this using a command line application or though Java/C++ code and what do you need as a result? Do you want to get the RSA modulus, exponent and other parameters and if so why since they are not needed to use JSSE?
  • 4. Re: Decode private key from DER format
    838507 Newbie
    Currently Being Moderated
    We are using the PEM files belong to the cyassl.

    We would like to retrieve the private key from the PEM file.
  • 5. Re: Decode private key from DER format
    EJP Guru
    Currently Being Moderated
    That's not DER format, that's RFC format. However at this point you must throw it away and start again, because you have just disclosed your so-called 'private' key to the world. From that point on it cannot possibly perform its sole function, which is to uniquely identify the owner. You are now vulnerable to spoofing attacks and you have lost legal non-repudiabilty. This is as serious as it gets, don't ignore this.
  • 6. Re: Decode private key from DER format
    838507 Newbie
    Currently Being Moderated
    Thanks..
  • 7. Re: Decode private key from DER format
    838507 Newbie
    Currently Being Moderated
    Could you please let me know how to retrieve private key belong to PEM file?
  • 8. Re: Decode private key from DER format
    EJP Guru
    Currently Being Moderated
    You can do it with the OpenSSL command line. I believe JDK 1.7's keytool can also do it.
  • 9. Re: Decode private key from DER format
    838507 Newbie
    Currently Being Moderated
    How can we retrieve private key belong to PEM file using java code?
  • 10. Re: Decode private key from DER format
    sabre150 Expert
    Currently Being Moderated
    user3516155 wrote:
    We are using the PEM files belong to the cyassl.

    We would like to retrieve the private key from the PEM file.
    Did you read my previous response? In what form do you need the private key? Can you post a test file so that we can see what you are trying to deal with?
  • 11. Re: Decode private key from DER format
    838507 Newbie
    Currently Being Moderated
    Sorry, I didn't gone through your updated reply.

    Actually I want to retrieve private key belong to PEM file in the java code only. I am referring example belong to following link
    http://www.agentbob.info/agentbob/79-AB.html

    however same is not working, it is throwing exception

    D:\CoreObject\rsa>java ImportKey key.pem cert.pem
    Using keystore-file : C:\Users\akulka04\keystore.ImportKey
    java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: i
    nvalid key format
    at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(Unknown Source)
    at java.security.KeyFactory.generatePrivate(Unknown Source)
    at ImportKey.main(ImportKey.java:131)
    Caused by: java.security.InvalidKeyException: invalid key format
    at sun.security.pkcs.PKCS8Key.decode(Unknown Source)
    at sun.security.pkcs.PKCS8Key.decode(Unknown Source)
    at sun.security.rsa.RSAPrivateCrtKeyImpl.<init>(Unknown Source)
    at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(Unknown Source)
    at sun.security.rsa.RSAKeyFactory.generatePrivate(Unknown Source)
    ... 3 more

    Actually I am looking for solution which will retrieve private key without using keystore if possible.
  • 12. Re: Decode private key from DER format
    838507 Newbie
    Currently Being Moderated
    I am expecting private key as byte array.
  • 13. Re: Decode private key from DER format
    EJP Guru
    Currently Being Moderated
    Actually I want to retrieve private key belong to PEM file in the java code only. I am referring example belong to following link
    http://www.agentbob.info/agentbob/79-AB.html
    That code is for RSA keys in PKCS#8 format, and it comes after a conversion step using OpenSSL.
  • 14. Re: Decode private key from DER format
    838507 Newbie
    Currently Being Moderated
    Actually I want to use the RSA private key in my project using Java. I do have the key in file using PEM format. I want to use this private key into my project to decrypt the messages which are encrypted using my public key.

    What is the method/standard classes I can use to read and decode the private key from the PEM file into byte array? I don't want to use the openssl or any other libraries/classes to do this. An example or sample code will be really helpful.
1 2 Previous Next

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points