1 2 Previous Next 16 Replies Latest reply: Sep 19, 2011 1:44 AM by handat RSS

    Decode private key from DER format

    838507
      Hi,

      How can I decode the private key which is available in DER format? Actually I am implementing functionality for TLS communication between java as a server and C++ as client.
        • 1. Re: Decode private key from DER format
          EJP
          So you should be using JSSE on the Java side and OpenSSL on the C++ side. They already handle all that stuff and a lot more besides.
          • 2. Re: Decode private key from DER format
            838507
            We are using cyassl on the c++ side and JSSE/proprietary framework on the JAVA. We would like to decode private key belong to the PEM file, could you please give me some pointers or links if possible.

            Thanks.
            • 3. Re: Decode private key from DER format
              sabre150
              user3516155 wrote:
              We are using cyassl on the c++ side and JSSE/proprietary framework on the JAVA. We would like to decode private key belong to the PEM file, could you please give me some pointers or links if possible.
              PEM stands for 'Privacy Enhanced Mail' and is not restricted to encoding any particular private key format. It's prime purpose is to Base64 encode binary data but it adds a header and trailer that may help decide on the content. One need to know what key format the PEM is wrapping. Even knowing it wraps a DER encoding is not necessarily enough. Knowing how the key was generated helps with this. Did you use OpenSSL and if so what command(s) were used?

              What do you mean by 'decode' ? Do you want to do this using a command line application or though Java/C++ code and what do you need as a result? Do you want to get the RSA modulus, exponent and other parameters and if so why since they are not needed to use JSSE?
              • 4. Re: Decode private key from DER format
                838507
                We are using the PEM files belong to the cyassl.

                We would like to retrieve the private key from the PEM file.
                • 5. Re: Decode private key from DER format
                  EJP
                  That's not DER format, that's RFC format. However at this point you must throw it away and start again, because you have just disclosed your so-called 'private' key to the world. From that point on it cannot possibly perform its sole function, which is to uniquely identify the owner. You are now vulnerable to spoofing attacks and you have lost legal non-repudiabilty. This is as serious as it gets, don't ignore this.
                  • 6. Re: Decode private key from DER format
                    838507
                    Thanks..
                    • 7. Re: Decode private key from DER format
                      838507
                      Could you please let me know how to retrieve private key belong to PEM file?
                      • 8. Re: Decode private key from DER format
                        EJP
                        You can do it with the OpenSSL command line. I believe JDK 1.7's keytool can also do it.
                        • 9. Re: Decode private key from DER format
                          838507
                          How can we retrieve private key belong to PEM file using java code?
                          • 10. Re: Decode private key from DER format
                            sabre150
                            user3516155 wrote:
                            We are using the PEM files belong to the cyassl.

                            We would like to retrieve the private key from the PEM file.
                            Did you read my previous response? In what form do you need the private key? Can you post a test file so that we can see what you are trying to deal with?
                            • 11. Re: Decode private key from DER format
                              838507
                              Sorry, I didn't gone through your updated reply.

                              Actually I want to retrieve private key belong to PEM file in the java code only. I am referring example belong to following link
                              http://www.agentbob.info/agentbob/79-AB.html

                              however same is not working, it is throwing exception

                              D:\CoreObject\rsa>java ImportKey key.pem cert.pem
                              Using keystore-file : C:\Users\akulka04\keystore.ImportKey
                              java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: i
                              nvalid key format
                              at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(Unknown Source)
                              at java.security.KeyFactory.generatePrivate(Unknown Source)
                              at ImportKey.main(ImportKey.java:131)
                              Caused by: java.security.InvalidKeyException: invalid key format
                              at sun.security.pkcs.PKCS8Key.decode(Unknown Source)
                              at sun.security.pkcs.PKCS8Key.decode(Unknown Source)
                              at sun.security.rsa.RSAPrivateCrtKeyImpl.<init>(Unknown Source)
                              at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(Unknown Source)
                              at sun.security.rsa.RSAKeyFactory.generatePrivate(Unknown Source)
                              ... 3 more

                              Actually I am looking for solution which will retrieve private key without using keystore if possible.
                              • 12. Re: Decode private key from DER format
                                838507
                                I am expecting private key as byte array.
                                • 13. Re: Decode private key from DER format
                                  EJP
                                  Actually I want to retrieve private key belong to PEM file in the java code only. I am referring example belong to following link
                                  http://www.agentbob.info/agentbob/79-AB.html
                                  That code is for RSA keys in PKCS#8 format, and it comes after a conversion step using OpenSSL.
                                  • 14. Re: Decode private key from DER format
                                    838507
                                    Actually I want to use the RSA private key in my project using Java. I do have the key in file using PEM format. I want to use this private key into my project to decrypt the messages which are encrypted using my public key.

                                    What is the method/standard classes I can use to read and decode the private key from the PEM file into byte array? I don't want to use the openssl or any other libraries/classes to do this. An example or sample code will be really helpful.
                                    1 2 Previous Next