Generating RSA keys in PKCS#1 format in Java

by

You will need BouncyCastle:

import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemWriter;

The code snippets below have been checked and found working with Bouncy Castle 1.52.

Private key

Convert private key from PKCS8 to PKCS1:

PrivateKey priv = pair.getPrivate();
byte[] privBytes = priv.getEncoded();

PrivateKeyInfo pkInfo = PrivateKeyInfo.getInstance(privBytes);
ASN1Encodable encodable = pkInfo.parsePrivateKey();
ASN1Primitive primitive = encodable.toASN1Primitive();
byte[] privateKeyPKCS1 = primitive.getEncoded();

Convert private key in PKCS1 to PEM:

PemObject pemObject = new PemObject("RSA PRIVATE KEY", privateKeyPKCS1);
StringWriter stringWriter = new StringWriter();
PemWriter pemWriter = new PemWriter(stringWriter);
pemWriter.writeObject(pemObject);
pemWriter.close();
String pemString = stringWriter.toString();

Check with command line OpenSSL that the key format is as expected:

openssl rsa -in rsa_private_key.pem -noout -text

Public key

Convert public key from X.509 SubjectPublicKeyInfo to PKCS1:

PublicKey pub = pair.getPublic();
byte[] pubBytes = pub.getEncoded();

SubjectPublicKeyInfo spkInfo = SubjectPublicKeyInfo.getInstance(pubBytes);
ASN1Primitive primitive = spkInfo.parsePublicKey();
byte[] publicKeyPKCS1 = primitive.getEncoded();

Convert public key in PKCS1 to PEM:

PemObject pemObject = new PemObject("RSA PUBLIC KEY", publicKeyPKCS1);
StringWriter stringWriter = new StringWriter();
PemWriter pemWriter = new PemWriter(stringWriter);
pemWriter.writeObject(pemObject);
pemWriter.close();
String pemString = stringWriter.toString();

Check with command line OpenSSL that the key format is as expected:

openssl rsa -in rsa_public_key.pem -RSAPublicKey_in -noout -text

Thanks

Many thanks to the authors of the following posts:

Those posts contained useful, but incomplete and sometimes outdated info (i.e. for older versions of BouncyCastle), that helped me to construct this post.

More Related Contents:

  1. Getting RSA private key from PEM BASE64 Encoded private key file
  2. How to Load RSA Private Key From File
  3. How to read .pem file to get private and public key
  4. Load RSA public key from file
  5. Why are the RSA-SHA256 signatures I generate with OpenSSL and Java different?
  6. How to extract CN from X509Certificate in Java?
  7. getting a IllegalBlockSizeException: Data must not be longer than 256 bytes when using rsa
  8. Read RSA private key of format PKCS1 in JAVA
  9. Using SHA1 and RSA with java.security.Signature vs. MessageDigest and Cipher
  10. convert openSSH rsa key to javax.crypto.Cipher compatible format
  11. Algid parse error, not a sequence
  12. How can I construct a java.security.PublicKey object from a base64 encoded string?
  13. How do I do TLS with BouncyCastle?
  14. Get a PrivateKey from a RSA .pem file [duplicate]
  15. Self signed X509 Certificate with Bouncy Castle in Java
  16. Decrypting an OpenSSL PEM Encoded RSA private key with Java?
  17. Using HTTPS with REST in Java
  18. Encrypt and decrypt large string in java using RSA [closed]
  19. Breaking down RSA/ECB/OAEPWithSHA-256AndMGF1Padding
  20. Get image from url and place it in imageview – Android [duplicate]
  21. Java – class, get new array of objects
  22. 403 Forbidden with Java but not web browser?
  23. UnsupportedTemporalTypeException when formatting Instant to String
  24. Netbeans console does not display Bangla unicode characters
  25. How to use Wicket’s DownloadLink with a file generated on the fly?
  26. Copying a HashMap in Java
  27. Multiple values in java.util.Properties
  28. Spring Security, secured and none secured access
  29. Using JSF 2.0 / Facelets, is there a way to attach a global listener to all AJAX calls?
  30. Java storing two ints in a long

Leave a Comment