search

nowina-solutions / nexu

86 stars 49 forks source link

problem of Private key must be instance of RSAPrivate #76

Open yaksalim opened 1 month ago

yaksalim commented 1 month ago

Dear Support Team, I hope this message finds you well. My name is Salim and I am contacting you regarding a problem that we encountered with the demo web application, I want to sign a pdf doc using usb key contains a certificate and during the operation it shows me this message "java.security.InvalidKeyException: Private key must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding"

2024-05-12 09:30:19,149 [ERROR|lu.nowina.nexu.flow.SignatureFlow|SignatureFlow|Thread-25] Flow error eu.europa.esig.dss.DSSException: java.security.InvalidKeyException: Private key must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding at eu.europa.esig.dss.token.AbstractSignatureTokenConnection.sign(AbstractSignatureTokenConnection.java:112) at lu.nowina.nexu.generic.Pkcs11SignatureTokenAdapter.sign(Pkcs11SignatureTokenAdapter.java:153) at eu.europa.esig.dss.token.AbstractSignatureTokenConnection.sign(AbstractSignatureTokenConnection.java:55) at lu.nowina.nexu.flow.operation.SignOperation.perform(SignOperation.java:65) at lu.nowina.nexu.flow.SignatureFlow.process(SignatureFlow.java:86) at lu.nowina.nexu.flow.SignatureFlow.process(SignatureFlow.java:1) at lu.nowina.nexu.flow.Flow.execute(Flow.java:55) at lu.nowina.nexu.InternalAPI.lambda$0(InternalAPI.java:195) at java.util.concurrent.FutureTask.run(Unknown Source)

hello-earth-gh commented 1 month ago

Hi. First, there is no support team that I know of. We are just people like you trying to find solutions.

That being said, I suspect that your problem is that the exact model of the USB token you use for signing is not supported or configured properly to be recognized by NexU. As far as I remember, when such token is used, NexU asks you to specify the path to the driver of the token. Was this the case with you? What is the model of the token you use? Are you sure you have specified the correct path? Finally, was the signature saved correctly on this token? It is supposed to be stored in an encrypted format, and it's only possible to do that using dedicated UI usually installed with your USB token drivers. One way to check this is to see if you can sign successfully with this USB token using some other program like e.g. JSignPDF.

You can check the already supported models in [Windows User profile folder]\AppData\Local\Nowina\NexU\store.xml