RSAPrivateKey or PKCS#8 exception with RSA decryption operation
I have some code that is attempting to decrypt ciphertext using the RSA/ECB/OAEPWithSHA1AndMGF1Padding transformation. The private key is inside the NSS keystore (part of the Firefox distribution), which I have been able to successfully extract and use in the past using the PKCS#11 bridge in SunJCE, for RSA signing operations. However, when attempting to use the same private key to decrypt a previously RSA-encrypted ciphertext blob, I get the following exception:
java.security.InvalidKeyException: Private keys must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding
at sun.security.rsa.RSAKeyFactory.translatePrivateKey(RSAKeyFactory.java:246)
at sun.security.rsa.RSAKeyFactory.engineTranslateKey(RSAKeyFactory.java:149)
at sun.security.rsa.RSAKeyFactory.toRSAKey(RSAKeyFactory.java:79)
at com.sun.crypto.provider.RSACipher.a(DashoA12275)
at com.sun.crypto.provider.RSACipher.engineInit(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
This forum has a posting with one solution which does not work in my case - not sure why, but I suspect it could be because the solution poster was using a different PKCS#11 solution than I am. (http://forum.java.sun.com/thread.jspa?forumID=9&threadID=572349).
Does anyone on this forum have any other suggestions to offer? Casting the PrivateKey to an RSAPrivateKey does not work, since the KeyStore returns only a PrivateKey or Key object (super-interfaces of RSAPrivateKey). I have thought about trying to create a new RSAPrivateKeySpec object (to pass into Cipher), but I'm uncertain if it is possible since there appear to be no methods to get the modulus and the exponent from a PrivateKey object (or it isn't clear to me).
Any help would be appreciated. Thank you.