Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

invalid key format error on generating private key #884

Closed
testover99 opened this issue Oct 11, 2017 · 6 comments
Closed

invalid key format error on generating private key #884

testover99 opened this issue Oct 11, 2017 · 6 comments
Assignees

Comments

@testover99
Copy link

In which file did you encounter the issue?

java-docs-samples/iot/api-client/mqtt_example/src/main/java/com/google/cloud/iot/examples/MqttExample.java

Describe the issue

The command I used to generate rsa private key and certificate is this:

openssl req -x509 -newkey rsa:2048 -keyout rsa_private.pem -nodes -out rsa_cert.pem -subj "/CN=unused"

In createJwtRsa method, the private key file which is working for the Python MQTT sample, giving the following error:

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format
	at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:217)
	at java.security.KeyFactory.generatePrivate(KeyFactory.java:372)	
Caused by: java.security.InvalidKeyException: invalid key format
	at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:330)
	at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:356)
	at sun.security.rsa.RSAPrivateCrtKeyImpl.<init>(RSAPrivateCrtKeyImpl.java:91)
	at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(RSAPrivateCrtKeyImpl.java:75)
	at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:316)
	at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:213)
	... 3 more 
@testover99
Copy link
Author

When I use the following command to convert the pem into der format, it works. Is it the way it should work? As I have to use the same private key file on both the platforms, Java and Python.

openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key_file -nocrypt > pkcs8_key

@gguuss
Copy link
Contributor

gguuss commented Oct 11, 2017

Is it the way it should work?

You are correct. For Java, the certificate must be in .PEM format for the MQTT sample to be able to produce the JWT. I've encountered the same issue; I can update the README to clarify this and correct the examples to reference files with the extension.

Currently, the only indicator that you need the PEM file is that the certificate generation script has this additional step specific to the Java sample.

@testover99
Copy link
Author

Thanks, @gguuss. Good to know this.

@gguuss
Copy link
Contributor

gguuss commented Oct 16, 2017

FYI @testover99 I'm looking at this again and the existing README references the correct keyfiles, which should in fact be in PKCS #8 format.

@parameshwargouda
Copy link

I followed the steps mentioned but i am getting : An error occurred: Not authorized to connect

mvn exec:java -Dexec.mainClass="com.example.cloud.iot.examples.MqttExample" -Dexec.args="-project_id=fueblabs-206511
-registry_id=my-registry2
-cloud_region=us-central1
-device_id=java-device-8
-private_key_file=./rsa_private_pkcs8
-algorithm=RS256"
[INFO] Scanning for projects...
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] cloudiot-manager-demo
[INFO] doc-samples
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building cloudiot-manager-demo 1.0
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- exec-maven-plugin:1.6.0:java (default-cli) @ cloudiot-manager-demo ---
An error occurred: Not authorized to connect
[WARNING]
Not authorized to connect (5)
at org.eclipse.paho.client.mqttv3.internal.ExceptionHelper.createMqttException(ExceptionHelper.java:28)
at org.eclipse.paho.client.mqttv3.internal.ClientState.notifyReceivedAck(ClientState.java:988)
at org.eclipse.paho.client.mqttv3.internal.CommsReceiver.run(CommsReceiver.java:145)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
``

@gguuss
Copy link
Contributor

gguuss commented Jun 18, 2018

@parameshwargouda did you register the device's public certificate that pairs with the private key (in PKCS8 format) used to connect?

minherz pushed a commit that referenced this issue Nov 9, 2022
🤖 I have created a release *beep* *boop*
---


## [0.123.3](googleapis/java-errorreporting@v0.123.2...v0.123.3) (2022-06-23)


### Dependencies

* update dependency com.google.cloud:google-cloud-shared-dependencies to v2.13.0 ([#882](googleapis/java-errorreporting#882)) ([e35b3f9](googleapis/java-errorreporting@e35b3f9))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
minherz pushed a commit that referenced this issue Nov 10, 2022
🤖 I have created a release *beep* *boop*
---


## [0.123.3](googleapis/java-errorreporting@v0.123.2...v0.123.3) (2022-06-23)


### Dependencies

* update dependency com.google.cloud:google-cloud-shared-dependencies to v2.13.0 ([#882](googleapis/java-errorreporting#882)) ([e35b3f9](googleapis/java-errorreporting@e35b3f9))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
minherz pushed a commit that referenced this issue Nov 10, 2022
🤖 I have created a release *beep* *boop*
---


## [0.123.3](googleapis/java-errorreporting@v0.123.2...v0.123.3) (2022-06-23)


### Dependencies

* update dependency com.google.cloud:google-cloud-shared-dependencies to v2.13.0 ([#882](googleapis/java-errorreporting#882)) ([e35b3f9](googleapis/java-errorreporting@e35b3f9))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Sita04 pushed a commit that referenced this issue Feb 7, 2023
…8.0 (#884)

[![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [com.google.cloud:google-cloud-pubsub](https://togithub.com/googleapis/java-pubsub) | `1.117.0` -> `1.118.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-pubsub/1.118.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-pubsub/1.118.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-pubsub/1.118.0/compatibility-slim/1.117.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-pubsub/1.118.0/confidence-slim/1.117.0)](https://docs.renovatebot.com/merge-confidence/) |

---

### Release Notes

<details>
<summary>googleapis/java-pubsub</summary>

### [`v1.118.0`](https://togithub.com/googleapis/java-pubsub/blob/HEAD/CHANGELOG.md#&#8203;11180-httpsgithubcomgoogleapisjava-pubsubcomparev11170v11180-2022-05-18)

[Compare Source](https://togithub.com/googleapis/java-pubsub/compare/v1.117.0...v1.118.0)

##### Features

-   creating java backport ([#&#8203;1120](https://togithub.com/googleapis/java-pubsub/issues/1120)) ([d88f417](https://togithub.com/googleapis/java-pubsub/commit/d88f4175356b0fdeb0697cfb1a7e6cd83ac0b7a5))
-   next release from main branch is 1.118.0 ([#&#8203;1127](https://togithub.com/googleapis/java-pubsub/issues/1127)) ([67605a7](https://togithub.com/googleapis/java-pubsub/commit/67605a7efb36da5b9e123efb8fe69c58d4cfcbfd))

##### Bug Fixes

-   Too many leases ([#&#8203;1135](https://togithub.com/googleapis/java-pubsub/issues/1135)) ([c9bcec5](https://togithub.com/googleapis/java-pubsub/commit/c9bcec531bf175684306e50eaf7ef96ee60cba78))

</details>

---

### Configuration

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-dlp).
Sita04 pushed a commit that referenced this issue Feb 7, 2023
🤖 I have created a release *beep* *boop*
---


## [3.4.0](googleapis/java-dlp@v3.3.2...v3.4.0) (2022-05-19)


### Features

* add build scripts for native image testing in Java 17 ([#1440](https://github.com/googleapis/java-dlp/issues/1440)) ([#885](googleapis/java-dlp#885)) ([fc0fd35](googleapis/java-dlp@fc0fd35))


### Dependencies

* update dependency com.google.cloud:google-cloud-pubsub to v1.118.0 ([#884](googleapis/java-dlp#884)) ([e5ac330](googleapis/java-dlp@e5ac330))
* update dependency com.google.cloud:google-cloud-shared-dependencies to v2.12.0 ([#883](googleapis/java-dlp#883)) ([ef507e8](googleapis/java-dlp@ef507e8))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants