Android Question OpenSSL RSA - PrivateKeyFromBytes always gives me an error

M

mmanso

Active Member
Licensed User
Longtime User
Hi all,

I'm having a problem trying to use a rsa private key to sign a string. What I've did was to create a 1024 rsa private key with the command:

Bash: 
openssl genrsa -out private_key.pem 1024

And then, I try to use it like this:

B4X: 
Dim privkey() As Byte
Dim su As StringUtils
Dim TestKPG As KeyPairGenerator
Dim privateKey As String = "MIICXQIBAAKBgQDNTfxYISc/rIjvAWlOIJJNBZF53ttEhKK2jMp+ozZYKElar/e/AtSn+Rmjlceycf6wo/2xrlLTQZlSX60jT1gRdN3jAeVKuNKFLhGr4/C+0wcudk90f3JFpWPW9/kmI/8tWqSoWzoMxo9UejXtt7qOIEP/o5noOZuLutg5iOunQIDAQABAoGBAL7TVNDJiASsJt8YTbv7lGCY414GoYHvUpohBPpuU83fLEdptfpJ9EVoyMb/Kg2X3WZsFxs27+9CUvN40KI4Vp7A2n5a8gus0cenYVNZRhYV+Ebzc2PGjyV8pyJMY32Q7RejzBp3GoCyrNjzotwpHsAFSjCdhX4M+V8w5+/YSVAkEA6n8ILtW6YWrryFwQfmUBX+KI4gdDegumnxGbS8oIWEIQolZEPQ0W4JjRUEQcOO1hYYHUkMiMNIakCLcHFXrvKwJAOAhqQFYpwcKhL7DGTLDqHQWUyJeMyoMBF3e07a16Iiysxk4u/XqAgqsVmc/Kya+yizGVcCPxtlDJr3OOfFJtVcCQCCeIulA2XgLg1iPVcv/CL3pqNin4f7r9/VQYaWdKKP+LIooLb3AQFplZ1ge4T4Z53FTWgGPVphEBgWPWoDe5kCQQDByxjwexDgu62Pq+2rwRV0WqFDRCQFJSLZb4OrpZoMKEdHdZC/zrg5Nk33M91BwRHaqRsYRrjuvmtPDnN3N/49AkAViIwc7ylIGXPx9yhQoqBiL78tLm6zyflXlkQcEHDFU1xrYXdFgBjT+kJJ2M9o0B845YAicdkUwHYvShuRm8P"

privkey = su.DecodeBase64(privateKey)
Log(privkey.Length) ' returns 609
TestKPG.Initialize("RSA", 1024)
TestKPG.PrivateKeyFromBytes(privkey) ' allways throws an error

The error I get is this one:

B4X: 
Error occurred on line: 223 (ServerService)
java.security.spec.InvalidKeySpecException: java.lang.RuntimeException: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
    at org.apache.harmony.xnet.provider.jsse.OpenSSLKey.getPrivateKey(OpenSSLKey.java:124)
    at org.apache.harmony.xnet.provider.jsse.OpenSSLRSAKeyFactory.engineGeneratePrivate(OpenSSLRSAKeyFactory.java:64)
    at java.security.KeyFactory.generatePrivate(KeyFactory.java:186)
    at anywheresoftware.b4a.agraham.encryption.CipherWrapper$KeyPairGeneratorWrapper.PrivateKeyFromBytes(CipherWrapper.java:457)
    at java.lang.reflect.Method.invokeNative(Native Method)
    at java.lang.reflect.Method.invoke(Method.java:525)
    at anywheresoftware.b4a.shell.Shell.runVoidMethod(Shell.java:777)
    at anywheresoftware.b4a.shell.Shell.raiseEventImpl(Shell.java:354)
    at anywheresoftware.b4a.shell.Shell.raiseEvent(Shell.java:255)
    at java.lang.reflect.Method.invokeNative(Native Method)
    at java.lang.reflect.Method.invoke(Method.java:525)
    at anywheresoftware.b4a.ShellBA.raiseEvent2(ShellBA.java:144)
    at anywheresoftware.b4a.debug.Debug.delegate(Debug.java:262)
    at b4a.example.serverservice._handlesignstring(serverservice.java:506)
    at b4a.example.serverservice._server_handlerequest(serverservice.java:618)
    at java.lang.reflect.Method.invokeNative(Native Method)
    at java.lang.reflect.Method.invoke(Method.java:525)
    at anywheresoftware.b4a.shell.Shell.runMethod(Shell.java:732)
    at anywheresoftware.b4a.shell.Shell.raiseEventImpl(Shell.java:351)
    at anywheresoftware.b4a.shell.Shell.raiseEvent(Shell.java:255)
    at java.lang.reflect.Method.invokeNative(Native Method)
    at java.lang.reflect.Method.invoke(Method.java:525)
    at anywheresoftware.b4a.ShellBA.raiseEvent2(ShellBA.java:144)
    at anywheresoftware.b4a.BA.raiseEvent(BA.java:176)
    at anywheresoftware.b4a.objects.Servlet$2.run(Servlet.java:87)
    at android.os.Handler.handleCallback(Handler.java:730)
    at android.os.Handler.dispatchMessage(Handler.java:92)
    at android.os.Looper.loop(Looper.java:176)
    at android.app.ActivityThread.main(ActivityThread.java:5419)
    at java.lang.reflect.Method.invokeNative(Native Method)
    at java.lang.reflect.Method.invoke(Method.java:525)
    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1046)
    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:862)
    at dalvik.system.NativeStart.main(Native Method)
Caused by: java.lang.RuntimeException: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
    at org.apache.harmony.xnet.provider.jsse.NativeCrypto.d2i_PKCS8_PRIV_KEY_INFO(Native Method)
    at org.apache.harmony.xnet.provider.jsse.OpenSSLKey.getPrivateKey(OpenSSLKey.java:122)
    ... 33 more

Now, after reading the forum and trying a lot of stuff, I came to the conclusion that if I create my own private key in B4A with this code:

B4X: 
Dim RSAOwnPrivKeyBytes(0) As Byte
Dim RSAOwnKPG As KeyPairGenerator

RSAOwnKPG.Initialize("RSA", 1024)
RSAOwnKPG.GenerateKey
RSAOwnPrivKeyBytes=RSAOwnKPG.PrivateKeyToBytes
Log(RSAOwnPrivKeyBytes.Length) ' returns 634

From the first example, if I use

B4X: 
TestKPG.PrivateKeyFromBytes(RSAOwnPrivKeyBytes)

The call to the PrivateKeyFromBytes works without any problem.

Thinking that I might have a problem on my private key generation, I went to the website - http://travistidwell.com/jsencrypt/demo/ - which I've seen on a post in the forum and I've generated a 1024 RSA private key there. The problem I have is the same that when using mine...

Since I'm kind lost here, I would appreciate that if someone has experience in this subject and could point me out any direction, I would be grateful.

Thanks a lot in advance.
 
Sort by date Sort by votes

KMatle

Expert
Licensed User
Longtime User
It's all about formatting the keys. Use this to generate keys "outside" of B4x (like here with OpenSSL):

B4X: 
cd C:\xampp\apache\bin
openssl genrsa  -out PrivateKey.pem 1024
openssl pkcs8 -topk8 -inform pem -in PrivateKey.pem -outform pem -nocrypt -out C:/PrivateKey.pem
openssl rsa -pubout -in PrivateKey.pem -out C:/rsa/PublicKey.pem

Then you get the public and private key in a "human readble format":


Here you recognize the header and the footer ("-----BEGIN RSA PUBLIC KEY-----" and "-----END RSA PUBLIC KEY-----"). Betweet there's the public key (Base64 formatted).

Next step is to remove the header and the footer (via String.Replace): Do not forget to remove the CRLF. Convert the Base64 to a Byte array and load the key. That's all. Same with the private key.

Vice versa you neet to convert the "B4x keys" (these are bytes) to a Base64 string and add the header and the footer plus CRLF. and use it in php or any other platform.

Note: If you only need the keys inside B4x you don't need to create any in OpenSSL (like you have discovered on your own).

Here's some of my code I use in B4x:

B4X: 
RSAOwnC.Initialize("RSA/ECB/PKCS1Padding") ' compatible with OpenSSL if your add the headers
RSAOwnKPG.Initialize("RSA", RSAKeySize) 'Global var like 4096
RSAOwnKPG.GenerateKey
RSAOwnPrivKeyBytes=RSAOwnKPG.PrivateKeyToBytes
RSAOwnPubKeyBytes=RSAOwnKPG.PublicKeyToBytes

To sign and verify a message:

B4X: 
Sub SignMessage (MessB() As Byte) As Byte()
    Dim Sign As Signature
    Sign.Initialise("SHA256withRSA",Sign.SIGNATURE_SIGN,RSAOwnKPG.PrivateKey)
    Sign.Update(MessB)
    Return Sign.Sign
End Sub

B4X: 
Dim SignVerify As Signature
SignVerify.Initialise("SHA256withRSA",Sign.SIGNATURE_VERIFY,RSAOwnKPG.PublicKey)
SignVerify.Update(data)
Log(SignVerify.Verify(b))
 
Upvote 0
You must log in or register to reply here.

Similar Threads

D
  • Question
Android Question RSA PrivateKeyFromBytes does not load the new private key values
Replies
6
Views
2K
Darsiar
D
  • Question
Android Question [SOLVED] Need assistance with RSA decryption
2
Replies
26
Views
16K
Johan Schoeman
C
  • Question
Android Question Problem with RSA/openSSL and PHP
Replies
2
Views
3K
chefe82
C
  • Article
B4A Library RSA: Convert OpenSSL Public Key to/from B4x
Replies
2
Views
5K
KMatle
  • Article
Android Tutorial Using RSA in B4A to communicate with PHP/OpenSSL
Replies
13
Views
15K
Pablo Torres
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…