Home/ Questions/Q 6608661
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T19:38:00+00:00

I have a RSA private key file (OCkey.pem). Using java i have to get

  • 0

I have a RSA private key file (OCkey.pem). Using java i have to get the private key from this file. this key is generated using the below openssl command.
Note : I can’t change anything on this openssl command below.

openssl> req -newkey rsa:1024 -sha1 -keyout OCkey.pem -out OCreq.pem -subj "/C=country/L=city/O=OC/OU=myLab/CN=OCserverName/" -config req.conf

The certificate looks like below.

///////////////////////////////////////////////////////////

bash-3.00$ less OCkey.pem

—–BEGIN RSA PRIVATE KEY—–
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,EA1DBF8D142621BF

BYyZuqyqq9+L0UT8UxwkDHX7P7YxpKugTXE8NCLQWhdS3EksMsv4xNQsZSVrJxE3

Ft9veWuk+PlFVQG2utZlWxTYsUVIJg4KF7EgCbyPbN1cyjsi9FMfmlPXQyCJ72rd




cBlG80PT4t27h01gcCFRCBGHxiidh5LAATkApZMSfe6BBv4hYjkCmg==

—–END RSA PRIVATE KEY—–
//////////////////////////////////////////////////////////////

Following is what I tried 

byte[] privKeyBytes = new byte[(int)new File("C:/OCkey.pem").length()]; 
PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(privKeyBytes));

but getting

“java.security.spec.InvalidKeySpecException:
java.security.InvalidKeyException: invalid key format”

Please help.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Make sure the privatekey is in DER format and you’re using the correct keyspec. I believe you should be using PKCS8 here for the privkeybytes

    Firstly, you need to convert the private key to binary DER format.
    Heres how you would do it using OpenSSL:

    openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt

    Finally,

    public static PrivateKey getPrivateKey(String filename) throws Exception {

        File f = new File(filename);
        FileInputStream fis = new FileInputStream(f);
        DataInputStream dis = new DataInputStream(fis);
        byte[] keyBytes = new byte[(int) f.length()];
        dis.readFully(keyBytes);
        dis.close();

        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory kf = KeyFactory.getInstance("RSA");
        return kf.generatePrivate(spec);
    }
    • 0