I appreciate any help with this, I've been stuck with this for longer than I should have.
java 17 mvn 3.9.1 spring 3.0.4
So, I need to load a .pem key into java to decrypt a thing that I encrypted with the pair. It works fine when running the project from intellij. But it fails when executing from the jar that from when using ´mvn clean install/package´. It runs but when it gets to the loadIntoJavaPart
public PrivateKey loadPrivateKeyFromFile(String privateKeyPath)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException,
OperatorCreationException, PKCSException
{
try (FileReader fileReader = new FileReader(privateKeyPath);
PEMParser pemParser = new PEMParser(fileReader)) {
Object pemObject = pemParser.readObject();
if (pemObject instanceof PKCS8EncryptedPrivateKeyInfo) {
PKCS8EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = (PKCS8EncryptedPrivateKeyInfo) pemObject;
InputDecryptorProvider decryptorProvider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build("pass".toCharArray());
*Tried putting this in several places, this is just the last one I tried*
Security.addProvider(new BouncyCastleProvider());
ASN1OctetString asn1OctetString= encryptedPrivateKeyInfo.decryptPrivateKeyInfo
(decryptorProvider).getPrivateKey();
byte[] privateKeyBytes = asn1OctetString.getOctets();
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePrivate(keySpec);
} else {
throw new IllegalArgumentException("Unsupported PEM object: " + pemObject);
}
}
}
It fails in the
ASN1OctetString asn1OctetString= encryptedPrivateKeyInfo.decryptPrivateKeyInfo
(decryptorProvider).getPrivateKey();
Throws:
org.bouncycastle.pkcs.PKCSException: unable to read encrypted data: 1.2.840.113549.1.5.13 not available: Cannot find any provider supporting 1.2.840.113549.3.7
Everywhere I've read it says either set the security provider, which i did. I even put a print to check that BC was there and it is. Or that the BC libraries aren't in the JAR, but they are, I checked with jar tf app.jar.
Used mvn shader plugin to force the all the libraries in another jar, didn't work.
Tried making intellij create the jar and use that one, but it fails to find the main class, which I check was listed in the manifest-inf.
So I've run out of idea. I really appreciate anyone's help.
POM.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.0.4</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.micro</groupId>
<artifactId>encrypt</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>encryption</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>17</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>2.1.6</version>
</dependency>
<dependency>
<groupId>javax.xml.stream</groupId>
<artifactId>stax-api</artifactId>
<version>1.0-2</version>
</dependency>
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.1</version>
</dependency>
<dependency>
<groupId>org.glassfish.jaxb</groupId>
<artifactId>jaxb-runtime</artifactId>
<version>2.3.1</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.70</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.70</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.15</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.11.0</version>
</dependency>
<dependency>
<groupId>io.projectreactor.netty</groupId>
<artifactId>reactor-netty</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>shade</goal>
</goals>
<configuration>
<shadeTestJar>true</shadeTestJar>
<shadedClassifierName>SHADED</shadedClassifierName>
<shadedArtifactAttached>true</shadedArtifactAttached>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
Thanks!
Ok, so turns out BouncyCastle digital signature was being corrupted when including them in the jar, so i had to exclude them from the jar and add them as variables in the jar command, don't know why it didn't worked the first time though.
java -cp "path/to/lib/bcprov-jdk15on-1.70.jar:path/to/lib/bcpkix-jdk15on-1.70.jar:path/to/jar/artifact.jar" com.project.main.class