4 Replies Latest reply on Aug 22, 2011 7:59 AM by sabre150

    ArrayIndexOutOfBoundsException - During Privatekey generation


      I have used Java RSA mechanism for generation public and private keys and keys are successfully generated.
      I had encrypted and image using public key and using private key for decryption.
      When i tried to read the private key stored in a file and initialize PrivateKey object, It is working on my local machine and i am successfully able to decrypt any image , but when i deployed it on server , the priv key is not getting decoded properly. Due to which i am getting exception when tried to initialize the cipher using decoded privateKey as below
      Exception :
      java.lang.ArrayIndexOutOfBoundsException: 1
           at com.rsa.jsafe.provider.JSA_RSAPrivateKey.getPublicExponent(Unknown Source)
           at org.bouncycastle.jce.provider.RSAUtil.generatePrivateKeyParameter(Unknown Source)
           at org.bouncycastle.jce.provider.JCERSACipher.engineInit(Unknown Source)
           at org.bouncycastle.jce.provider.JCERSACipher.engineInit(Unknown Source)

      I am storing modulus and exponent in file and then using those values to initialze private key object.
      Code for decoding the privatekey from file :
      RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec(m, e);
      KeyFactory fact = KeyFactory.getInstance("RSA");
      PrivateKey pubKey = fact.generatePrivate(keySpec);

      Can anybody help me for resolving this error ? I tried every way to resolve this exception but all in vain.
        • 1. Re: ArrayIndexOutOfBoundsException - During Privatekey generation
          I am skeptical that the code you are displaying is the code that is actually running and causing the error. Here is the fragment of the Bouncycastle code (from version 1.46) that should be executing:
              static RSAKeyParameters generatePrivateKeyParameter(
                  RSAPrivateKey    key)
                  if (key instanceof RSAPrivateCrtKey)
                      RSAPrivateCrtKey    k = (RSAPrivateCrtKey)key;
                      return new RSAPrivateCrtKeyParameters(k.getModulus(),
                          k.getPublicExponent(), k.getPrivateExponent(),
                          k.getPrimeP(), k.getPrimeQ(), k.getPrimeExponentP(), k.getPrimeExponentQ(), k.getCrtCoefficient());
                      RSAPrivateKey    k = key;
                      return new RSAKeyParameters(true, k.getModulus(), k.getPrivateExponent());
          As this shows, the only way that k.getPublicKey() gets executed at all is if key is an instance of RSAPrivateCrtKey. Your key is not.
          • 2. Re: ArrayIndexOutOfBoundsException - During Privatekey generation
            PrivateKey pubKey = fact.generatePrivate(keySpec);
            Surely that variable should be named 'privKey'?
            • 3. Re: ArrayIndexOutOfBoundsException - During Privatekey generation
              My code looks like below :

              Main class code :

              PrivateKey privKey = readPrivKeyFromFile(KeyPath); --- Key path is where private key is stored.
              Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
              cipher.init(Cipher.DECRYPT_MODE, privKey); --- ArrayOutOfBounds exception is thrown at this line .

              PrivateKey readPrivKeyFromFile(String keyFileName) throws IOException {
                             ObjectInputStream oin =
                        new ObjectInputStream(new BufferedInputStream(new FileInputStream(keyFileName)));
                        try {
                        BigInteger m = (BigInteger) oin.readObject();
                        BigInteger e = (BigInteger) oin.readObject();
                        RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec(m, e);
                        KeyFactory fact = KeyFactory.getInstance("RSA");
                        PrivateKey privKey = fact.generatePrivate(keySpec);
                        System.out.println("Key value :: "+privKey ); ---- When run from my local machine it prints the modulus and exponent value but when deployed on server it prints Key value :: com.rsa.jsafe.provider.JSA_RSAPrivateKey@1a84fae . This i think is the problem as there is no modulus and exponent value .
                        return privKey;
                        } catch (Exception e) {
                        throw new RuntimeException("Spurious serialisation error", e);
                        } finally {

              The code for generating keys is below :

              public void keyGen(String PubLoc, String PrivLoc)

                        KeyPairGenerator kpg= KeyPairGenerator.getInstance("RSA");
                        KeyPair kp = kpg.genKeyPair();
                        Key publicKey = kp.getPublic();
                        Key privateKey = kp.getPrivate();

                   System.out.println("Inside KeyGen"+publicKey);
                   System.out.println("Private key is "+privateKey);
                        KeyFactory fact = KeyFactory.getInstance("RSA");
                        RSAPublicKeySpec pub = fact.getKeySpec(kp.getPublic(),RSAPublicKeySpec.class);
                        RSAPrivateKeySpec priv = fact.getKeySpec(kp.getPrivate(),RSAPrivateKeySpec.class);

                        saveToFile(PubLoc, pub.getModulus(),pub.getPublicExponent());
                        saveToFile(PrivLoc, priv.getModulus(),priv.getPrivateExponent());
                   catch(Exception e)

              Please analyze and let me know if you can figure out what is the issue now . Can it be due to different JRE's installed on my system and server ?
              • 4. Re: ArrayIndexOutOfBoundsException - During Privatekey generation
                I don't understand why you need to extract the modulus and exponent. Surely you just need to save the bytes obtained from the getEncoded() methods of the PublicKey and PrivateKey instances and then you can re-constitute the RSA keys by using the bytes to generate instances of PKCS8 (for the RSA private key) and X509 (for the RSA public key ).