Reputation: 2378
Bouncycastle: how to create an encrypted PKCS8 representation of an RSA private key?
In my application I have a AsymmetricCipherKeyPair keyPair and KeyParameter key. From that, I need to generate a PKCS#8 representation of the private key in the form
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
Can anybody give me a hint on how I could accomplish that?
Upvotes: 3
Views: 3655
Answers (1)
Reputation: 561
You can use org.bouncycastle.crypto.util.PrivateKeyInfoFactory to create a PrivateKeyInfo object from the private KeyParameter. getEncoded() on that will return the bytes that represent the PKCS#8 version of the key.
The PEM headings you give do suggest you might want an OpenSSL encoding instead - in that case you should be able to use the BC PEMWriter in conjunction with the PrivateKeyInfo object, or in conjunction with a PrivateKey object generated using KeyFactory with the encoding of PrivateKeyInfo passed in as a PKCS8EncodedKeySpec (sort of depends on what version of BC you are using).
Regards,
David
Upvotes: 3
Related Questions
- How to decrypt a pkcs8 encrypted private key using bouncy castle?
- Convert PKCS#8 Private key to PKCS#1 Private key using java
- Read an encrypted private key with bouncycastle/spongycastle
- Convert elliptic curve private key to (unencrypted) PKCS#8 format
- RSA encrypt with BouncyCastle API
- Outputting encrypted PK8 private key from Java BouncyCastle
- Effective Implementation of RSA Public Key Generation and Encryption in Java
- How to decrypt a private key in Java (without BC openssl)
- Generating RSA public key from byte array
- Java RSA/CBC encryption implementation