Encrypting RSA private key

[joelmarty]

Hi, I am trying to use the following code to encrypt a RSA private key. Basically do in java code the equivalent of openssl rsa -aes256 -in key.pem -out enc_key.pem.

I am using the following code to do this:

    static String encryptPrivateKey(PrivateKey privateKey, String passphrase) throws Exception {
        OutputEncryptor pemEncryptor = new JcePKCSPBEOutputEncryptorBuilder(PKCS8Generator.AES_256_CBC)
            .build(passphrase.toCharArray());
        JcaPKCS8Generator pemGen = new JcaPKCS8Generator(privateKey, pemEncryptor);

        StringWriter out = new StringWriter();
        new PemWriter(out).writeObject(pemGen);
        return out.toString();
    }

However the method fails with the following stacktrace:

org.bouncycastle.util.io.pem.PemGenerationException: unable to process encoded key data: Error during cipher finalisation
	at org.bouncycastle.openssl.PKCS8Generator.generate(PKCS8Generator.java:99)
	at org.bouncycastle.openssl.PKCS8Generator.generate(PKCS8Generator.java:65)
	at org.bouncycastle.util.io.pem.PemWriter.writeObject(Unknown Source)
	at com.mycompany.TestUtil.encryptPrivateKey(TestUtil.java:67)
Caused by: org.bouncycastle.crypto.io.InvalidCipherTextIOException: Error during cipher finalisation
	at org.bouncycastle.jcajce.io.CipherOutputStream.close(Unknown Source)
	at org.bouncycastle.openssl.PKCS8Generator.generate(PKCS8Generator.java:91)
	... 84 more
Caused by: javax.crypto.IllegalBlockSizeException: Input length not multiple of 16 bytes
	at java.base/com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1109)
	at java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1053)
	at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853)
	at java.base/com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446)
	at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2085)
	... 86 more

I don't understand why I am getting that "Input length not multiple of 16 bytes" error: if I interpret the mentioned code in CipherCore.fillOutputBuffer() correctly, finalNoPadding() is called and then the buffer is padded.
Any idea ? Am I even doing this correctly ?

[joelmarty]

Found the solution, several things were not correct in my example, here is a solution:

        OutputEncryptor pemEncryptor = new JcePKCSPBEOutputEncryptorBuilder(PKCS8Generator.AES_256_CBC)
            .setProvider("BC")
            .build(passphrase.toCharArray());
        JcaPKCS8Generator pemGen = new JcaPKCS8Generator(privateKey, pemEncryptor);

        StringWriter out = new StringWriter();
        JcaPEMWriter pemWriter = new JcaPEMWriter(out);
        pemWriter.writeObject(new JcaMiscPEMGenerator(pemGen));
        pemWriter.flush();
        return out.toString();

BouncyCastle provider must be explicitly set on the OutputEncryptor or the JCE provider will be used and for some reason it fails 🤷🏻‍♂️
Probably related to this issue: https://bugs.openjdk.org/browse/JDK-8231581
Finally, the JcaPEMWriter must be manually flushed or the output string will be empty.