Solved

InvalidKeyException while generating jwt in AEM 6.2

Forum|Forum|7 years ago
April 19, 2018
7 replies
8737 views

Hi,

I have created a OSGi service to generate JWT to connect ACS REST API. Following is my code

// Expiration time in seconds

Long expirationTime = 86400L;

// Metascopes associated to key

String metascopes[] = new String[]{"ent_campaign_sdk"};

String imsHost = "ims-na1.adobelogin.com";

// Secret key as byte array. Secret key file should be in DER encoded format.

byte[] privateKeyFileContent = Files.readAllBytes(Paths.get("/Users/divyas/Desktop/key/private.key"));

// Create the private key

KeyFactory keyFactory = KeyFactory.getInstance("RSA");

KeySpec ks = new PKCS8EncodedKeySpec(privateKeyFileContent);

RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(ks);

// Create JWT payload

Map jwtClaims = new HashMap<>();

jwtClaims.put("iss", ORG_ID);

jwtClaims.put("sub", TECHNICAL_ACC_ID);

jwtClaims.put("exp", expirationTime);

jwtClaims.put("aud", "https://" + imsHost + "/c/" + API_KEY);

for (String metascope : metascopes) {

jwtClaims.put("https://" + imsHost + "/s/" + metascope, TRUE);

}

// Create the final JWT token

String jwtToken = Jwts.builder().setClaims(jwtClaims).signWith(RS256, privateKey).compact();

i have stored private.key and certificate in my local and referring in service. But i am getting following error

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format

at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:217)

at java.security.KeyFactory.generatePrivate(KeyFactory.java:372)

Caused by: java.security.InvalidKeyException: invalid key format

at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:331)

at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:357)

at sun.security.rsa.RSAPrivateCrtKeyImpl.<init>(RSAPrivateCrtKeyImpl.java:91)

at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(RSAPrivateCrtKeyImpl.java:75)

at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:316)

at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:213)

am i missing any step? should i add my public certificate locally in cacerts?

Help me in this.

Thanks in advance

Divya

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by VeenaVikraman

Divya,

As scott mentioned this more or like looks like your code issue than anything related to AEM. Just try to create a standalone JAVA code and make this work before applying it as OSGI bundle. As the error says it has something to do with the key format.

I don't know if this helps , but just did a search for that particular error java - InvalidKeySpecExeption when loadding the RSA private key from file - Stack Overflow

java.security.InvalidKeyException: invalid key format on generating RSA public key - Stack Overflow

https://stackoverflow.com/questions/25622894/java-security-invalidkeyexception-invalid-key-format-on-generating-rsa-public-k

smacdonald2008

Can you get this code to work in only Eclipse? When using Java like this - make sure you can get this working outside of AEM before trying to get it running within an OSGi bundle.

D

divyas70997717Author

I already tried making this code to work only in Eclipse. But i am getting the same error.

D

divyas70997717Author

Trying a way to solve this issue and making this code to work only in Eclipse. Looking whether i should add any public certificate locally

smacdonald2008

Solve this outside of AEM and then you can port to an OSGi.

VeenaVikraman

Accepted solution

Community Advisor

Divya,

As scott mentioned this more or like looks like your code issue than anything related to AEM. Just try to create a standalone JAVA code and make this work before applying it as OSGI bundle. As the error says it has something to do with the key format.

I don't know if this helps , but just did a search for that particular error java - InvalidKeySpecExeption when loadding the RSA private key from file - Stack Overflow

java.security.InvalidKeyException: invalid key format on generating RSA public key - Stack Overflow

https://stackoverflow.com/questions/25622894/java-security-invalidkeyexception-invalid-key-format-on-generating-rsa-public-k

W

workflowuser

Adobe Employee

I was getting the same problem. I solved it by using the following code

keyString = keyString.replaceAll("\\n", "").replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "");

System.out.println("The sanitized key string is "+keyString);

// Create the private key

KeyFactory keyFactory = KeyFactory.getInstance("RSA");

System.out.println("The key factory algorithm is "+keyFactory.getAlgorithm());

byte []byteArray = keyString.getBytes();

System.out.println("The array length is "+byteArray.length);

//KeySpec ks = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(keyString));

byte[] encoded = javax.xml.bind.DatatypeConverter.parseBase64Binary(keyString);

//KeySpec ks = new PKCS8EncodedKeySpec(byteArray);

KeySpec ks = new PKCS8EncodedKeySpec(encoded);

Do not use the Base64.getDecoder to decode. I used the DatatypeConverter and it seems to work fine

A

amargupt

Is this solved? How did you generated the the private.key. In this line - byte[] privateKeyFileContent = Files.readAllBytes(Paths.get("/Users/divyas/Desktop/key/private.key"))

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded