Adobe Experience Manager Sites & More

divyas70997717 · 4/19/18

Hi,

I have created a OSGi service to generate JWT to connect ACS REST API. Following is my code

// Expiration time in seconds

Long expirationTime = 86400L;

// Metascopes associated to key

String metascopes[] = new String[]{"ent_campaign_sdk"};

String imsHost = "ims-na1.adobelogin.com";

// Secret key as byte array. Secret key file should be in DER encoded format.

byte[] privateKeyFileContent = Files.readAllBytes(Paths.get("/Users/divyas/Desktop/key/private.key"));

// Create the private key

KeyFactory keyFactory = KeyFactory.getInstance("RSA");

KeySpec ks = new PKCS8EncodedKeySpec(privateKeyFileContent);

RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(ks);

// Create JWT payload

Map jwtClaims = new HashMap<>();

jwtClaims.put("iss", ORG_ID);

jwtClaims.put("sub", TECHNICAL_ACC_ID);

jwtClaims.put("exp", expirationTime);

jwtClaims.put("aud", "https://" + imsHost + "/c/" + API_KEY);

for (String metascope : metascopes) {

jwtClaims.put("https://" + imsHost + "/s/" + metascope, TRUE);

}

// Create the final JWT token

String jwtToken = Jwts.builder().setClaims(jwtClaims).signWith(RS256, privateKey).compact();

i have stored private.key and certificate in my local and referring in service. But i am getting following error

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format

at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:217)

at java.security.KeyFactory.generatePrivate(KeyFactory.java:372)

Caused by: java.security.InvalidKeyException: invalid key format

at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:331)

at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:357)

at sun.security.rsa.RSAPrivateCrtKeyImpl.<init>(RSAPrivateCrtKeyImpl.java:91)

at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(RSAPrivateCrtKeyImpl.java:75)

at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:316)

at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:213)

am i missing any step? should i add my public certificate locally in cacerts?

Help me in this.

Thanks in advance

Divya

VeenaVikraman · 4/19/18

Divya,

As scott mentioned this more or like looks like your code issue than anything related to AEM. Just try to create a standalone JAVA code and make this work before applying it as OSGI bundle. As the error says it has something to do with the key format.

I don't know if this helps , but just did a search for that particular error java - InvalidKeySpecExeption when loadding the RSA private key from file - Stack Overflow

java.security.InvalidKeyException: invalid key format on generating RSA public key - Stack Overflow

https://stackoverflow.com/questions/25622894/java-security-invalidkeyexception-invalid-key-format-on...

View solution in original post

smacdonald2008 · 4/19/18

Can you get this code to work in only Eclipse? When using Java like this - make sure you can get this working outside of AEM before trying to get it running within an OSGi bundle.

divyas70997717 · 4/19/18

I already tried making this code to work only in Eclipse. But i am getting the same error.

divyas70997717 · 4/19/18

Trying a way to solve this issue and making this code to work only in Eclipse. Looking whether i should add any public certificate locally

smacdonald2008 · 4/19/18

Solve this outside of AEM and then you can port to an OSGi.

VeenaVikraman · 4/19/18

Divya,

As scott mentioned this more or like looks like your code issue than anything related to AEM. Just try to create a standalone JAVA code and make this work before applying it as OSGI bundle. As the error says it has something to do with the key format.

I don't know if this helps , but just did a search for that particular error java - InvalidKeySpecExeption when loadding the RSA private key from file - Stack Overflow

java.security.InvalidKeyException: invalid key format on generating RSA public key - Stack Overflow

https://stackoverflow.com/questions/25622894/java-security-invalidkeyexception-invalid-key-format-on...

workflowuser · 9/14/18

I was getting the same problem. I solved it by using the following code

keyString = keyString.replaceAll("\\n", "").replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "");

System.out.println("The sanitized key string is "+keyString);

// Create the private key

KeyFactory keyFactory = KeyFactory.getInstance("RSA");

System.out.println("The key factory algorithm is "+keyFactory.getAlgorithm());

byte []byteArray = keyString.getBytes();

System.out.println("The array length is "+byteArray.length);

//KeySpec ks = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(keyString));

byte[] encoded = javax.xml.bind.DatatypeConverter.parseBase64Binary(keyString);

//KeySpec ks = new PKCS8EncodedKeySpec(byteArray);

KeySpec ks = new PKCS8EncodedKeySpec(encoded);

Do not use the Base64.getDecoder to decode. I used the DatatypeConverter and it seems to work fine

amargupt · 4/19/23

Is this solved? How did you generated the the private.key. In this line - byte[] privateKeyFileContent = Files.readAllBytes(Paths.get("/Users/divyas/Desktop/key/private.key"))

Adobe Experience Manager Sites & More

InvalidKeyException while generating jwt in AEM 6.2

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe