I'm no expert on this sort of thing, but I think you need to base-64 decode your string.
Stephen On Fri, Jun 24, 2011 at 5:27 PM, Dado Colussi <[email protected]> wrote: > I have generated an RSA key pair with OpenSSL, and I am successfully using > it in App Engine Java SDK 1.5 on Mac OS X 10.5.8 with Java 6. However, when > I run the code on App Engine (real), generatePrivate() throws an exception: > InputStream is = context.getResourceAsStream("/WEB-INF/private.der"); > String keyString = new Scanner(is).useDelimiter("\\A").next(); > PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyString.getBytes()); > PrivateKey privateKey = > KeyFactory.getInstance("RSA").generatePrivate(keySpec); > > java.security.spec.InvalidKeySpecException: > java.security.InvalidKeyException: IOException : short read of integer > at > sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:217) > at java.security.KeyFactory.generatePrivate(KeyFactory.java:359) > I have also tried storing the key base64-encoded in the source code, and > converting it to bytes when needed, but the same problem occurs. > I produced the RSA key pair with the following commands: > openssl genrsa -out private.pem 1024 > openssl pkcs8 -topk8 -nocrypt -in private.pem -inform PEM -outform DER -out > private.der > If I replace reading private.der with generating an entirely new key (as a > test), I no longer get an exception: > KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA"); > generator.initialize(1024); > PKCS8EncodedKeySpec keySpec = new > PKCS8EncodedKeySpec(generator.genKeyPair().getPrivate().getEncoded()); > PrivateKey privateKey = > KeyFactory.getInstance("RSA").generatePrivate(keySpec); > Why is my OpenSSL-generated RSA key failing on App Engine, and how should I > solve this problem? > Thank you for any help. > > P.S. This is my private.pem, if anyone is interested trying it out: > -----BEGIN RSA PRIVATE KEY----- > MIICXQIBAAKBgQC4v7PH3DxMxYiggaFbkI2n0jQKoMBHMKPi+oVF3UYytkq9GApl > P1FMGFmDj5QHI02BQWTpnJ+t3rSlko3QKc7Y1W7enMNcY6tUtQDgchfAabSTXMmf > 7STWsURMC0bCCYcDdIXmcduyAHDAgveUWrLACC2nambFV3tDDu8BxIYIRwIDAQAB > AoGAFlrL7DEP8tIsGA/XcHbrTRU4StjsqzCNhBeALNX7eoNoQ7029M1WjvibTDoB > VWPGKw+4oDPddnJuNWKoWjnU118YYfUVIaE1ZkCfc6vbrw5p5VDEw0777stYqxTH > s7Ipr5S/sq1Lh76OQWIP8QeZylLXKJ68H1O2KMRZxsS5PSECQQDtHFrEmm6aR7jT > 4L2eH8to/D7rbAjk6KEfHQZyYh6id4YSTPFist8OZN7vgvCMxzcILZzyGvCrphm/ > W3KU6k7fAkEAx3d6DDqINw09CGP7+3BGza7Y+SSkJaMA+UftjGgkR1CD034f9n0t > ROIcD8PTZ0zFvDlDSl3XpYWaFt7vXyC7mQJAOSgaoUXw33Pmk/ya+OEFMZuMt0dl > pXiGTm+6vBv28ocJZKPzlC02I8whCW9w+R6Un34PVTU1SstRbZVnu4n31QJBAK5q > QKRUwisxPj8J/pqcUK0lyMACVC483GsdhBAUODTLqJnUXWqRhnYHKPZ4C3D2Zqjx > gW+Toy8vJc/93F3YJ3ECQQCms3IxaFq7krk1NBz8BfHbuNbIVivzvAoAQqloTITX > P4ZkuXb/cdqkoxHDTApTE3Ls3lp5vDkVJ4yDoQBUy1DF > -----END RSA PRIVATE KEY----- > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine for Java" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-appengine-java?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google App Engine for Java" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
