Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Extracting Private Key from pKCS12 file - Password is not ASCII

843811Feb 14 2008 — edited Feb 19 2008

Hi all,
I have digital signature code that was written using a KCrypto API some time ago, which I'm now replacing with classes from the standard java.security.cert package from java 1.5.
It has been our standard to hash the Private Key password when creating our P12 files. This means that many of the characters are unreadable. Now that I'm using the standard Java security API I get the following error when trying to extract the private key.

at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:268)
at java.security.KeyStore.getKey(KeyStore.java:731)
at AuthenticateTest.authenticate(AuthenticateTest.java:249)
at AuthenticateTest.main(AuthenticateTest.java:460)
Caused by: java.io.IOException: getSecretKey failed: Password is not ASCII
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.getPBEKey(PKCS12KeyStore.java:546)
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:247)
... 3 more
Caused by: java.security.spec.InvalidKeySpecException: Password is not ASCII
at com.sun.crypto.provider.PBEKey.<init>(DashoA12275)
at com.sun.crypto.provider.PBEKeyFactory.engineGenerateSecret(DashoA12275)
at javax.crypto.SecretKeyFactory.generateSecret(DashoA12275)
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.getPBEKey(PKCS12KeyStore.java:544)

I've also tried Base64 encoding the hashed password, however I just get back a invalid password error.

Any suggestions?

Many thanks,
Eoin

Locked Post

New comments cannot be posted to this locked post.

Locked on Mar 18 2008

Added on Feb 14 2008

#cryptography

3 comments

2,380 views