JSch getting “invalid privatekey:” while trying to load an RSA private key by KeyPairGenerator

后端未结

关注

 2  1688

I\'m using java.security.KeyPairGenerator to gen an RSA key pair, and then try to load the private key via the KeyPair class provided in Jsch(0.1.49). The code:

相关标签:

2条回答

走了就别回头了

2020-12-18 07:15

You can use PEMWriter to convert your private key to PEM format that will be accepted by JSch

The following example converts a key returned from KeyStore (JKS)

Key privateKey = KeyStore.getKey(privateKeyAlias, keyStorePassword);//get key from JKS
StringWriter stringWriter = new StringWriter();
PEMWriter pemWriter = new PEMWriter(stringWriter);
pemWriter.writeObject(privateKey);
pemWriter.close();

byte[] privateKeyPEM = stringWriter.toString().getBytes();

0 讨论(0)

温柔的废话

2020-12-18 07:23

The Sun JCA provider will return an DER-encoded unencrypted PKCS #8 structure, rather than an RSAPrivateKey object when you call PrivateKey.getEncoded().

You can use BouncyCastle to give you the key in the format you require:

import java.io.StringWriter;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.SecureRandom;

import org.bouncycastle.openssl.PEMWriter;

public class JSCH {

  public static void main(String[] args) throws Exception {
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
    keyPairGenerator.initialize(2048, new SecureRandom());
    PrivateKey privateKey = keyPairGenerator.genKeyPair().getPrivate();

    StringWriter writer = new StringWriter();

    try (PEMWriter pemWriter = new PEMWriter(writer)) {
      pemWriter.writeObject(privateKey);
    }

    String privateKeyStr = writer.toString();
    System.out.println(privateKeyStr);
    com.jcraft.jsch.KeyPair
        .load(null, privateKeyStr.getBytes("US-ASCII"), null);
  }
}

There may be a more elegant way to get the encoded key as a byte string. It feels ugly to write it as a string and call getBytes(), but perhaps you can look into this.

Example output:

0 讨论(0)