I am implementing SSL certificate and key in my application. I have created private key using CertAndKeyGen class. I am trying to encrypt the private key with a password, which I have achieved it through PBE and Cipher class. I would like to write the encrypted private key into a file in PEM format. I tried with FileOutputStream which is working but PrintWriter is not working as excepted.
Below is my code:
final CertAndKeyGen keypair = new CertAndKeyGen("RSA", "SHA1WithRSA", null);
keypair.generate(1024);
final PrivateKey privKey = keypair.getPrivateKey();
byte[] encodedprivkey = privKey.getEncoded();
String MYPBEALG = "PBEWithSHA1AndDESede";
String password = "test123";
int count = 20;// hash iteration count
Random random = new Random();
byte[] salt = new byte[8];
random.nextBytes(salt);
PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, count);
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
SecretKeyFactory keyFac = SecretKeyFactory.getInstance(MYPBEALG);
SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
Cipher pbeCipher = Cipher.getInstance(MYPBEALG);
// Initialize PBE Cipher with key and parameters
pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
// Encrypt the encoded Private Key with the PBE key
byte[] ciphertext = pbeCipher.doFinal(encodedprivkey);
// Now construct PKCS #8 EncryptedPrivateKeyInfo object
AlgorithmParameters algparms = AlgorithmParameters.getInstance(MYPBEALG);
algparms.init(pbeParamSpec);
EncryptedPrivateKeyInfo encinfo = new EncryptedPrivateKeyInfo(algparms,ciphertext);
byte[] encryptedPkcs8 = encinfo.getEncoded();
// Now I am writing the encrypted private key into a file.
// Using FileOutputStream
FileOutputStream out = new FileOutputStream("usingOutEncrypedPrivkey");
out.write(Base64.encodeBase64(encryptedPkcs8, true));
out.flush();
out.close();
// Using PrintWriter
PrintWriter pw = new PrintWriter("usingPwEncryptedPrivKey");
pw.println("-----BEGIN "+ privKey.getAlgorithm() + " PRIVATE KEY-----");
pw.println(Base64.encodeBase64(encryptedPkcs8));
pw.println("-----END "+ privKey.getAlgorithm() +" PRIVATE KEY-----");
pw.close();
Below are the files saved:
usingOutEncrypedPrivkey // Which was saved using FileOutputStream
MIICoTAbBgoqhkiG9w0BDAEDMA0ECL4xgraq2hXxAgEUBIICgFENaB8EA/kR0ymSC8vcyj1fNFbP
iR+mXkBk7aH3eF7fpP8yqCvtN0/0VqHi/w/Z2CLgiib2s/zuiVPtWI8vsRRPXmD9PYxZp3ilLpD4
.....
.....
9nH8HdQf584c3sKYEErDQvJR2SmbUPtNq4cB6ocUuiOTztBqRXAHeaWavnqHFxHUT7c=
usingPwEncryptedPrivKey // Which was saved using PrintWriter
-----BEGIN RSA PRIVATE KEY-----
[B@19e3118a
-----END RSA PRIVATE KEY-----
Why is the PrintWriter writing as "[B@19e3118a", instead of the bytes like FileOutputStream. I want to use PrintWriter since I want to make use of PrintWriter.println() function. What can I try next?
OutputStream.write(byte[]) writes the bytes as binary data.PrintWriter.print(byte[]) calls toString() on the array and writes out the result. The [B@19e3118a is the toString() representation of your array.Given that the string only contains ASCII characters, you could use String(byte[]) on your array, and print the result.
Alternatively, if you're using the Apache Commons Base64 class, you should simply use the encodeBase64String() method instead of encodeBase64() [Thanks @SimonC].