Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ECDSA key version mismatch from openssl pem files #270

Closed
the1plummie opened this issue Jul 27, 2018 · 4 comments
Closed

ECDSA key version mismatch from openssl pem files #270

the1plummie opened this issue Jul 27, 2018 · 4 comments

Comments

@the1plummie
Copy link

Hi there,

I'm trying to generate ECDSA key pairs, using these 2 commands (on debian):

openssl ecparam -genkey -name secp521r1 -noout -out ecdsa-p521-private.pem
openssl ec -in ecdsa-p521-private.pem -pubout -out ecdsa-p521-public.pem

I end up with these pem contents:

-----BEGIN EC PRIVATE KEY-----
MIHcAgEBBEIBrLSlt+M2LjhfoZw0kcdA9F2cbSlCHmPeCyj/PzXryszQMQ8KQb+1
CZX6B1eXgRi7LIVRDUWVoV9A098tqIuXwaagBwYFK4EEACOhgYkDgYYABAHHPcnH
n1gziRFXawb+fOnnpd8dDRqhgk6yiZsvV9oUKvu7tv+5XavCsdtZIiEaqCctjdGp
01KExDqYCnh2S9ABiwFstThkfIcJ8NkRLHPMEGeQnJFeCE3gAY4MJsd89hAn+7xy
q39PVnqLR3spPc8CKVYwluzvyNhNcU6RSZLJHjWJ8w==
-----END EC PRIVATE KEY-----

-----BEGIN PUBLIC KEY-----
MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBxz3Jx59YM4kRV2sG/nzp56XfHQ0a
oYJOsombL1faFCr7u7b/uV2rwrHbWSIhGqgnLY3RqdNShMQ6mAp4dkvQAYsBbLU4
ZHyHCfDZESxzzBBnkJyRXghN4AGODCbHfPYQJ/u8cqt/T1Z6i0d7KT3PAilWMJbs
78jYTXFOkUmSyR41ifM=
-----END PUBLIC KEY-----

But when I try to read the private key, I'm getting this exception:
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : version mismatch: (supported: 00, parsed: 01
I tried using the pem files in test directory https://github.com/auth0/java-jwt/tree/master/lib/src/test/resources (ec512-key-private.pem, ec512-key-public.pem) and that pair works. So it might be the way I generate the pem files that's messing things up. If you can share how you generated your test pem files that would be great.

Thx!
@lbalmaceda
Copy link
Contributor

You are doing it fine. I think you just forgot to convert the private key to this "newer" pem format:

openssl pkcs8 -topk8 -inform pem -in file.key -outform pem -nocrypt -out file.pem

See if that works. Cheers

@the1plummie
Copy link
Author

Ah, that works! Thanks for the pointer!

@youagree
Copy link

You are doing it fine. I think you just forgot to convert the private key to this "newer" pem format:

openssl pkcs8 -topk8 -inform pem -in file.key -outform pem -nocrypt -out file.pem

See if that works. Cheers

what is newer format? where i can read about it?

thanks fore reply

@Sirish23-ss
Copy link

I used this tool class. But it shows me error of public key null. can anyone help me?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@the1plummie @lbalmaceda @youagree @Sirish23-ss