Hello, I generated a RSA-keypair. Each key has been base64-encoded, so
I can save it easily as string into a database (and/or file).

When I am now encrypting a file, I use AES, and after that I wrap the
AES-key with the RSA publickey. The wrapped-Key gets base64-encoded,
too.

My problem is, that I cannot get key back (I think). The error message
I get is "java.security.InvalidKeyException: unknown block type". I
looked for it, and I found some information, that this is a hint to a
wrong key.

One thing I figured out is, that the size of my unwrapped key is too
big (a bytes/bit msitake? ).

Here is my code:

Key-Generation extract:

File publicKeyFile = new File(args[1]);
File privateKeyFile = new File(args[2]);
KeyPairGenerator pairgen = KeyPairGenerator.getInstance("RSA", "BC");
SecureRandom random = new SecureRandom();
pairgen.initialize(KEYSIZE, random);
KeyPair keyPair = pairgen.generateKeyPair();
Base64 b64 = new Base64();
String keyPub = new
String(b64.encode(keyPair.getPublic().getEncoded()),"ASCII");
String keyPri = new
String(b64.encode(keyPair.getPrivate().getEncoded()),"ASCII");

File-encryption:

public String encrypt(FileInputStream fis, FileOutputStream fos, int
contactID)
{
 Key publicKey =null;
 SecretKey innerKey = null;
 String keyForDB ="";
 try
   {
   KeyGenerator keygen = KeyGenerator.getInstance("AES");
   SecureRandom random = new SecureRandom();
   keygen.init(128, random);
   innerKey = keygen.generateKey();
   // get recipients publicKey from database
   String keyBlob = db.getPublicKey(contactID);
   byte[] publicBytes = b64.decode(keyBlob.getBytes());
   X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicBytes);
   try{
     KeyFactory keyFactory = KeyFactory.getInstance("RSA","BC");
     publicKey = (Key)keyFactory.generatePublic(keySpec);
   }
   catch(NoSuchAlgorithmException e){}
   catch(InvalidKeySpecException e){
   e.printStackTrace();
 }

 Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1PADDING","BC");
 cipher.init(Cipher.WRAP_MODE, publicKey);
 byte[] wrappedKey = cipher.wrap(innerKey);
 keyForDB = new String(b64.encode(wrappedKey),"ASCII");
 DataOutputStream out = new DataOutputStream(fos);

 InputStream in = fis;
 cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","BC");
 cipher.init(Cipher.ENCRYPT_MODE, innerKey);
 crypt(in, out, cipher);
 in.close();
 out.close();
}
catch (IOException e)
{
 e.printStackTrace();
}
catch (GeneralSecurityException e)
{
 e.printStackTrace();
}
return keyForDB;
}

File Decryption:

public void decrypt(File file, FileOutputStream fos, String
wrappedKey)
{
 try
   {
   byte[] wrappedKeyBytes = b64.decode(wrappedKey.getBytes());
   DataInputStream in = new DataInputStream(new
FileInputStream(file));
   String keyString = readFileAsString("keys/privatekey");
   byte[] privateKeyBytes = b64.decode(new
String(keyString).getBytes());
   PKCS8EncodedKeySpec encKeySpec = new
PKCS8EncodedKeySpec(privateKeyBytes);
   KeyFactory keyFactory = KeyFactory.getInstance("RSA", "BC");
   Key privateKey = keyFactory.generatePrivate(encKeySpec);
   Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1PADDING",
"BC");
   cipher.init(Cipher.UNWRAP_MODE, privateKey);
   SecretKey key = (SecretKey)cipher.unwrap(wrappedKeyBytes, "AES",
Cipher.SECRET_KEY);
   OutputStream out = fos;
   cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
   cipher.init(Cipher.DECRYPT_MODE, key);
   crypt(in, out, cipher);
   in.close();
   out.close();
 }
 catch (IOException e)
 {
   e.printStackTrace();
 }
 catch (GeneralSecurityException e)
 {
   e.printStackTrace();
 }
}

Thank you for any help,

Susanne